News
django-allauth 65.0.1 released
Posted by Raymond Penners on 2024-09-23
Fixes When email verification by code was used, adding additional email addresses over at the email management page fired the email_added signal prematurely as the email address instance was still unsaved. Fixed. The newly introduced logic to redirect to pending login stages has now been integrated in the RedirectAuthenticatedUserMixin so that the existing behavior of invoking get_authenticated_redirect_url() when already authenticated is respected.
Read moredjango-allauth 65.0.0 released
Posted by Raymond Penners on 2024-09-22
Note worthy changes Added transparent support for Django's LoginRequiredMiddleware (new since Django 5.1). The usersessions app now emits signals when either the IP address or user agent for a session changes. Added support for signup using a passkey. See settings.
Read moredjango-allauth 64.2.1 released
Posted by Raymond Penners on 2024-09-05
Fixes Verifying the email address by clicking on the link would no longer log you in, even in case of ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION = True. Security notice It was already the case that you could not enable TOTP 2FA if your account had unverified email addresses.
Read moredjango-allauth 64.2.0 released
Posted by Raymond Penners on 2024-08-30
Note worthy changes Verifying email addresses by means of a code (instead of a link) is now supported. See settings.ACCOUNT_EMAIL_VERIFICATION_BY_CODE_ENABLED. Added support for requiring logging in by code, so that every user logging in is required to input a login confirmation code sent by email.
Read moredjango-allauth 64.1.0 released
Posted by Raymond Penners on 2024-08-15
Note worthy changes Headless: When trying to login while a user is already logged in, you now get a 409. Limited the maximum allowed time for a login to go through the various login stages. This limits, for example, the time span that the 2FA stage remains available.
Read more