Bump django-allauth from 0.60.0 to 0.60.1
Bumps django-allauth from 0.60.0 to 0.60.1.
Changelog
Sourced from django-allauth's changelog.
0.60.1 (2024-01-15)
Fixes
User sessions: after changing your password in case of
ACCOUNT_LOGOUT_ON_PASSWORD_CHANGE = False
, the list of sessions woud be empty instead of showing your current session.SAML: accessing the SLS/ACS views using a GET request would result in a crash (500).
SAML: the login view did not obey the
SOCIALACCOUNT_LOGIN_ON_GET = False
setting.Backwards incompatible changes
- The rate limit mechanism has received an update. Previously, when specifying e.g.
"5/m"
it was handled implicitly whether or not that limit was per IP, per user, or per action specific key. This has now been made explicit:"5/m/user"
vs"5/m/ip"
vs"5/m/key"
. Combinations are also supported now:"20/m/ip,5/m/key"
. Additionally, the rate limit mechanism is now used throughout, including email confirmation cooldown as well as limitting failed login attempts. Therefore, theACCOUNT_LOGIN_ATTEMPTS_LIMIT
andACCOUNT_EMAIL_CONFIRMATION_COOLDOWN
settings are deprecated. See :doc:Rate Limits <../account/rate_limits>
for details.