Skip to content

Latest commit

 

History

History
153 lines (114 loc) · 4.65 KB

CHANGELOG.rst

File metadata and controls

153 lines (114 loc) · 4.65 KB

Changelog

next

  • Improves documentation for protection Django admin with 2FA. Contributed by @hailkomputer in #91.
  • Autocomplete on the token entry form is disabled. Contributed by @qvicksilver in #95.

0.8 February 3, 2020

  • Drop support for Python 2.7 and Python 3.4.
  • Officially support Python 3.7 and 3.8.
  • Drop support for Django 2.0 and Django 2.1.
  • Officially support Django 3.0.

0.7 September 10, 2019

  • Remove more code that was for Django < 1.11.
  • Officially support Django 2.0 and Django 2.1.
  • Officially support django-otp 0.7.
  • Do not include test code in distribution, fix from @akx, PR #67.
  • Support for more complex user IDs (e.g. UUIDs), fix from @chromakey, see issue #64 / PR #66.
  • The extension used by the 2FA templates is customizable. Originally in PR #69 by @akx, split into PR #71.
  • The QR code is now included inline as an SVG instead of being a separate view. PR #74 by @akx.
  • A new mixin is included to enforce a user having 2FA enabled for particular views. Added in PR #73 by @akx.
  • Passing additional context to the TwoFactorBackupTokens was broken. This was fixed in PR #73 by @akx.
  • A configuration option (ALLAUTH_2FA_ALWAYS_REVEAL_BACKUP_TOKENS) was added to only show the static tokens once (during creation)> PR #75 by @akx.

0.6 February 13, 2018

  • Drop support for Django < 1.11, these are no longer supported by django-allauth (as of 0.35.0).

0.5 December 21, 2017

  • Avoid an exception if a user without any configured devices tries to view a QR code. This view now properly 404s.
  • Redirect users to configure 2FA is they attempt to configure backup tokens without enabling 2FA first.
  • Add base middleware to ensure particular users (e.g. superusers) have 2FA enabled.
  • Drop official support for Django 1.9 and 1.10, they're no longer supported by the Django project.
  • Added Sphinx-generated documentation. A rendered version is available at.

0.4.4 March 24, 2017

  • Adds trailing slashes to the URL patterns. This is backwards compatible with the old URLs.
  • Properly support installing in Python 3 via PyPI.

0.4.3 January 18, 2017

  • Adds support for forwarding GET parameters through the 2FA workflow. This fixes next not working when logging in using 2FA.

0.4.2 December 15, 2016

  • Reverts the fix in 0.4.1 as this breaks custom adapters that inherit from OTPAdapter and don't override the login method.

0.4.1 December 14, 2016

  • Fixed a bug when using a custom adapter that doesn't inherit from OTPAdapter and that overrides the login method.

0.4 November 7, 2016

  • Properly continue the allauth login workflow after successful 2FA login, e.g. send allauth signals
  • Support using MIDDLEWARE setting with Django 1.10.
  • Support customer USERNAME_FIELD on the auth model.

0.3.2 October 26, 2016

  • Fix an error when hitting the TwoFactorBackupTokens view as a non-anonymous user.

0.3.1 October 5, 2016

  • Properly handle an AnonymousUser hitting the views.

0.3 October 5, 2016

  • Support custom User models.
  • Fixed a bug where a user could end up half logged in if they didn't complete the two-factor login flow. A user's login flow will now be reset. Requires enabled the included middle: allauth_2fa.middleware.AllauthTwoFactorMiddleware.
  • Disable autocomplete on the two-factor code input form.
  • Properly redirect anonymous users.
  • Minor simplifications of code (and inherit more code from django-otp).
  • Minor updates to documentation.

0.2 September 9, 2016

  • Add tests / tox / Travis support.
  • Don't pin dependencies.
  • Officially support Django 1.10, drop support for Django 1.7.

0.1.4 May 2, 2016

  • Autofocus the token input field on forms.

0.1.3 January 20, 2016

  • Fix deprecation notices for Django 1.10.

0.1.2 November 23, 2015

  • Fixed an error when a user enters invalid input into the token form.

0.1.1 October 21, 2015

  • Project reorganization and clean-up.
  • Added support for Microsoft Authenticator.
  • Support being installed via pip.
  • Pull more configuration from Django settings (success URL).
  • Support disabling two-factor for an account.

0.1 April 4, 2015

  • Initial version by Víðir Valberg Guðmundsson