News
django-allauth 0.40.0 released
Posted by Raymond Penners on 2019-08-29
Note worthy changes The instagram provider now extracts the user's full name. New provider: NextCloud (OAuth2) Added an SDK_URL setting for customizing the loading of the Facebook JavaScript SDK. Updated Twitch provider to use new authentication endpoints (https://id.twitch.tv) over deprecated v5 endpoints (https://api.
Read moredjango-allauth 0.39.1 released
Posted by Raymond Penners on 2019-02-28
Note worthy changes The linkedin_oauth2 provider now gracefully deals with old V1 data that might still be present in SocialAccount.extra_data. Backwards incompatible changes The globus provider's extract_uid now uses the openid required field sub instead of the create_time field.
django-allauth 0.39.0 released
Posted by Raymond Penners on 2019-02-26
Note worthy changes New providers: JupyterHub (OAuth2), Steam (OpenID) Refactor translations: Portuguese (Portugal). Add testing for Django 2.2 (no code changes required) Backwards incompatible changes linkedin_oauth2: As the LinkedIn V1 API is deprecated, the user info endpoint has been moved over to use the API V2.
Read moredjango-allauth 0.38.0 released
Posted by Raymond Penners on 2018-10-03
Security notice The {% user_display user %} tag did not escape properly. Depending on the username validation rules, this could lead to XSS issues. Note worthy changes New provider: Vimeo (OAuth2). New translations: Basque.
django-allauth 0.37.1 released
Posted by Raymond Penners on 2018-08-27
Backwards incompatible changes Dropped the x-li-src: msdk headers from the linkedin_oauth2 handshake. This header is only required for mobile tokens, and breaks the regular flow. Use the HEADERS setting to add this header if you need it.