News
django-allauth 0.53.1 released
Posted by Raymond Penners on 2023-03-20
Noteworthy changes Example base template was missing {% load i18n %}, fixed.
django-allauth 0.53.0 released
Posted by Raymond Penners on 2023-03-16
Noteworthy changes You can now override the use of the UserTokenForm over at the PasswordResetFromKeyView by configuring ACCOUNT_FORMS["user_token"] to allow the change of the password reset token generator. The Google API URLs are now configurable via the provider setting which enables use-cases such as overriding the endpoint during integration tests to talk to a mocked version of the API.
Read moredjango-allauth 0.52.0 released
Posted by Raymond Penners on 2022-12-29
Noteworthy changes Officially support Django 4.1. New providers: OpenID Connect, Twitter (OAuth2), Wahoo, DingTalk. Introduced a new provider setting OAUTH_PKCE_ENABLED that enables the PKCE-enhanced Authorization Code Flow for OAuth 2.0 providers. When ACCOUNT_PREVENT_ENUMERATION is turned on, enumeration is now also prevented during signup, provided you are using mandatory email verification.
Read moredjango-allauth 0.51.0 released
Posted by Raymond Penners on 2022-06-07
Noteworthy changes New providers: Snapchat, Hubspot, Pocket, Clever. Security notice The reset password form is protected by rate limits. There is a limit per IP, and per email. In previous versions, the latter rate limit could be bypassed by changing the casing of the email address.
Read moredjango-allauth 0.50.0 released
Posted by Raymond Penners on 2022-03-25
Noteworthy changes Fixed compatibility issue with setuptools 61. New providers: Drip. The Facebook API version now defaults to v13.0.