News
django-allauth 0.39.0 released
Posted by Raymond Penners on 2019-02-26
Note worthy changes New providers: JupyterHub (OAuth2), Steam (OpenID) Refactor translations: Portuguese (Portugal). Add testing for Django 2.2 (no code changes required) Backwards incompatible changes linkedin_oauth2: As the LinkedIn V1 API is deprecated, the user info endpoint has been moved over to use the API V2.
Read moredjango-allauth 0.38.0 released
Posted by Raymond Penners on 2018-10-03
Security notice The {% user_display user %} tag did not escape properly. Depending on the username validation rules, this could lead to XSS issues. Note worthy changes New provider: Vimeo (OAuth2). New translations: Basque.
django-allauth 0.37.1 released
Posted by Raymond Penners on 2018-08-27
Backwards incompatible changes Dropped the x-li-src: msdk headers from the linkedin_oauth2 handshake. This header is only required for mobile tokens, and breaks the regular flow. Use the HEADERS setting to add this header if you need it.
django-allauth 0.37.0 released
Posted by Raymond Penners on 2018-08-27
Note worthy changes The Battle.net login backend now recognizes apac as a valid region. User model using a UUIDField as it's primary key can now be logged in upon email confirmation (if using ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION). New providers: Agave, Cern, Disqus, Globus.
Read moredjango-allauth 0.36.0 released
Posted by Raymond Penners on 2018-05-08
Note worthy changes New providers: Telegram, QuickBooks. The Facebook API version now defaults to v2.12. ORCID upgraded to use API v2.1. Security notice In previous versions, the authentication backend did not invoke the user_can_authenticate() method, potentially allowing users with is_active=False to authenticate when the allauth authentication backend was used in a non allauth context.
Read more