Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time
2015-07-02 Raymond Penners <>
* Version 0.21.0 released.
2015-06-27 Raymond Penners <>
* You can now tweak the authentication params per OAuth provider,
as you already could for OAuth2. Contributed by Peter Rowlands,
* Nattaphoom Ch. contributed a Thai translation, thanks!
2015-06-14 Raymond Penners <>
* Guoyu Hao contributed a Baidu provider, thanks!
2015-06-03 Raymond Penners <>
* Rod Xavier Bondoc contributed support logging out on password
2015-05-25 Raymond Penners <>
* Version 0.20.0 released.
2015-05-20 Raymond Penners <>
* Given that the `max_length` for the Django 1.8 `EmailField` has
been bumped to 254, allauth is following up. Migrations
(`account`) are in place.
2015-02-27 Raymond Penners <>
* Patrick Paul contributed a provider for Evernote, thanks!
* Josh Wright contributed a provider for Spotify, thanks!
2015-02-12 Raymond Penners <>
* Björn Andersson added support for Dropbox OAuth2, thanks!
* guoqiao contributed a provider for Douban, thanks!
2015-02-05 Raymond Penners <>
* Version 0.19.1 released.
* Fixed migrations when using South & Django 1.6.
2015-01-04 Raymond Penners <>
* Version 0.19.0 released.
2014-12-25 Raymond Penners <>
* Basil Shubin contributed an Odnoklassniki provider, thanks!
2014-12-10 Raymond Penners <>
* Facebook: If the JS SDK is not available, for example due to a
browser plugin like that blocks it, login falls back
to the regular non JS handshake.
2014-12-03 Raymond Penners <>
* `is_safe_url` can now be overriden
2014-11-30 Raymond Penners <>
* Facebook: The Graph API version is now configurable via
2014-10-17 Raymond Penners <>
* A Firefox Accounts provider was added by Jannis Leidel, thanks!
2014-09-15 Raymond Penners <>
* Josh Owen contributed Coinbase support, thanks!
2014-09-11 Raymond Penners <>
* Tomas Babej contributed a Slovak translation, thanks!
2014-09-03 Raymond Penners <>
* Moved existing migrations into `south_migrations`
2014-08-13 Raymond Penners <>
* "zbryikt" contributed a Taiwanese Chinese translation, thanks!
2014-08-12 Raymond Penners <>
* Added support for custom password rules via `clean_password`.
* Version 0.18.0 released.
* SECURITY: the Persona provider now requires the `AUDIENCE`
parameter to be explicitly configured, as required by the Persona
specification for security reasons.
2014-08-08 Raymond Penners <>
* Storing social access tokens is now optional
2014-07-26 Raymond Penners <>
* Removed the inline Javascript from the `fbconnect.html`
template. This allows for a more strict `Content-Security-Policy`
(thanks to Andrean Franc).
2014-07-25 Raymond Penners <>
* `nimiq` contributed ORCID support, thanks.
2014-07-22 Raymond Penners <>
* All forms are now pluggable via a new setting:
2014-07-05 Raymond Penners <>
* James Thompson contributed Windows Live support, thanks!
2014-06-16 Raymond Penners <>
* Version 0.17.0 released.
2014-06-06 Raymond Penners <>
* `sourenaraya` contributed Mail.Ru support, thanks.
* account: Justin Michalicek contributed support to control
session life time and age: `ACCOUNT_SESSION_COOKIE_AGE` and
2014-05-14 Raymond Penners <>
* Serafeim Papastefanos contributed an Ukrainian translation,
2014-05-09 Raymond Penners <>
* `kkarwows` contributed AppConfig support, thanks.
2014-04-29 Raymond Penners <>
* socialaccount: Added Xing provider.
2014-04-24 Raymond Penners <>
* socialaccount: Marcin Skarbek contributed Hubic support, thanks!
2014-04-11 Raymond Penners <>
* Volodymyr Yatsyk contributed an Ukrainian translation, thanks!
2014-03-31 Raymond Penners <>
* `joke2k` contributed an Italian translation, thanks!
2014-03-22 Raymond Penners <>
* socialaccount: All providers now support the `VERIFIED_EMAIL`
property have e-mail addresses forced to be interpreted as
2014-03-12 Raymond Penners <>
* Version 0.16.1 released.
* Facebook login via Javascript was broken if `auth_type` was not
set to `reauthenticate`, fixed.
2014-03-10 Raymond Penners <>
* Support for hooking up a callback when `FB.init()` is ready
* Version 0.16.0 released.
* Nariman Gharib contributed a Persian translation, thanks!
2014-02-09 Raymond Penners <>
* The custom signup form `save` has been deprecated in favour of a
`def signup(request, user)` method.
2014-02-08 Raymond Penners <>
* Facebook reauthentication now uses an `auth_nonce`.
2014-02-07 Raymond Penners <>
indicate whether or not e-mail confirmation is to automatically
log in.
2014-02-04 Raymond Penners <>
* socialaccount: Added Bitbucket provider.
* Jack Shedd contributed Tumblr support, thanks!
* Romanos Tsouroplis contributed Foursquare support, thanks!
2014-01-15 Raymond Penners <>
* "excessivedemon" contributed Flickr support, thanks!
2013-12-26 Raymond Penners <>
* Luis Diego García contributed Amazon and Paypal support, thanks!
2013-12-04 Raymond Penners <>
* Stuart Ross contributed LinkedIn OAuth 2.0 support, thanks!
2013-12-01 Raymond Penners <>
* Version 0.15.0 released.
* socialaccount: Added `is_auto_signup_allowed` to social account
2013-11-27 Raymond Penners <>
* facebook: Added a new setting: VERIFIED_EMAIL.
* socialaccount: a collision on e-mail address when you sign up
using a third party social account is now more clearly explained:
"An account already exists with this e-mail address. Please sign
in to that account first, then connect your Google account".
2013-11-26 Raymond Penners <>
* account: You are now automatically logged in after confirming
your e-mail address during sign up.
2013-11-23 Raymond Penners <>
* account: The `/accounts/login/` view now supports AJAX requests.
* account: Instead of directly rendering and returning a template,
logging in while the account is inactive or not yet confirmed now
redirects to two new views: `/accounts/inactive/` respectively
* account: The `account/verification_sent.html` template no longer
receives the e-mail address in the context (`email`). Note that a
message containing that e-mail address is still emitted using the
messages framework.
* account: The `/accounts/confirm_email/key/` view has been
renamed to `/accounts/confirm-email/` (human
friendlier). Redirects are in place to handle old still pending
2013-11-22 Raymond Penners <>
* facebook: The fbconnect.js script is now more pluggable.
2013-11-19 Raymond Penners <>
* socialaccount: Markus Kaiserswerth contributed a Feedly
provider, thanks!
2013-11-18 Raymond Penners <>
* socialaccount: Dropped django-avatar support.
2013-11-17 Raymond Penners <>
* openid: First, last and full name are now also queried together
with the e-mail address. Thanks, @andrvb.
* openid: Compatibility fix for Django 1.6 (JSON serializer).
* account: Added support for `ACCOUNT_CONFIRM_EMAIL_ON_GET`.
2013-11-16 Raymond Penners <>
* Version 0.14.2 released.
* Compatibility fix for logging in with Django 1.6.
2013-11-01 Raymond Penners <>
* Maksim Rukomoynikov contributed a Russian translation, thanks!
2013-10-28 Raymond Penners <>
* Version 0.14.1 released (PyPi did not render the README.rst
* Version 0.14.0 released.
2013-10-19 Raymond Penners <>
* Stuart Ross contributed AngelList support, thanks!
2013-10-16 Raymond Penners <>
* LinkedIn: profile fields that are to be fetched are now
configurable (`PROFILE_FIELDS` provider-level setting).
2013-10-13 Raymond Penners <>
* Udi Oron contributed a Hebrew translation, thanks!
2013-10-09 Raymond Penners <>
* George Whewell contributed Instagram support, thanks!
2013-09-09 Raymond Penners <>
* Refactored adapter methods relating to creating and populating
`User` instances.
2013-09-05 Raymond Penners <>
* User creation methods in the `Default(Social)AccountAdapter` now
have access to the `request`.
2013-08-31 Raymond Penners <>
* Version 0.13.0 released.
2013-08-30 Raymond Penners <>
* Koichi Harakawa contributed a Japanese translation, thanks!
* Added `is_open_for_signup` to DefaultSocialAccountAdapter.
2013-08-29 Raymond Penners <>
* Added VK provider support.
2013-08-16 Raymond Penners <>
* Marcin Spoczynski contributed a Polish translation, thanks!
2013-07-23 Raymond Penners <>
* All views are now class-based.
* The password reset from key success response now redirects to a
"done" view (`/accounts/password/reset/key/done/`). This view has
its own `account/password_reset_from_key_done.html` template. In
previous versions, the success template was intertwined with the
`account/password_reset_from_key.html` template.
2013-07-19 Raymond Penners <>
* `django.contrib.messages` is now optional.
2013-07-12 Raymond Penners <>
* "jresins" contributed a simplified Chinese, thanks!
2013-07-01 Raymond Penners <>
* Version 0.12.0 released.
2013-06-29 Raymond Penners <>
* Added support for re-authenticated (forced prompt) by means of a
new `action="reauthenticate"` parameter to the `{%
provider_login_url %}`
2013-06-28 Raymond Penners <>
* Roberto Novaes contributed a Brazilian Portuguese translation,
2013-06-18 Raymond Penners <>
* Daniel Eriksson contributed a Swedish translation, thanks!
2013-06-11 Raymond Penners <>
* You can now logout from both allauth and Facebook via a
Javascript helper: `window.allauth.facebook.logout()`.
2013-06-10 Raymond Penners <>
* Connecting a social account is now a flow that needs to be
explicitly triggered, by means of a `process="connect"` parameter
that can be passed along to the `{% provider_login_url %}`, or a
`process=connect` GET parameter.
2013-06-06 Raymond Penners <>
* Tomas Marcik contributed a Czech translation, thanks!
2013-06-04 Raymond Penners <>
* Version 0.11.1 released (due to issue in disconnecting social
2013-06-02 Raymond Penners <>
* Version 0.11.0 released.
2013-05-30 Raymond Penners <>
* Moved logic whether or not a social account can be disconnected
to the `SocialAccountAdapter` (`validate_disconnect`).
* Added `social_account_removed` signal.
2013-05-29 Raymond Penners <>
* Implemented CSRF protection
* The `user_logged_in` signal now optionally receives a
`sociallogin` parameter, in case of a social login.
* Added `social_account_added` (contributed by orblivion, thanks).
* Hatem Nassrat contributed Bitly support, thanks!
2013-05-22 Raymond Penners <>
* Bojan Mihelac contributed a Croatian translation, thanks!
2013-05-20 Raymond Penners <>
* Messages (as in `django.contrib.messages`) are now configurable
through templates.
2013-04-25 Raymond Penners <>
* Added support for differentiating e-mail handling (verification,
required) between local and social accounts:
2013-04-16 Raymond Penners <>
* Version 0.10.1 released.
* Cleaning of `username` can now be overriden via
2013-04-16 Raymond Penners <>
* Fixed potential error (`assert`) when connecting social
2013-04-13 Raymond Penners <>
* Added support for custom username handling in case of custom
2013-04-12 Raymond Penners <>
* Version 0.10.0 released.
2013-04-08 Raymond Penners <>
* Chris Davis contributed Vimeo support, thanks!
2013-04-03 Raymond Penners <>
* Added support for overriding the URL to return to after
connecting a social account
2013-03-31 Raymond Penners <>
* Python 3 is now supported!
2013-03-28 Raymond Penners <>
* Dropped dependency on (unmaintained?) oauth2 package, in favor
of requests-oauthlib.
2013-03-13 Raymond Penners <>
* account: E-mail confirmation mails generated at signup can now
be differentiated from regular e-mail confirmation mails by
placing e.g. a welcome message into the
`account/email/email_confirmation_signup*` templates. Thanks to
Sam Solomon for the patch.
* account: Moved User instance creation to adapter so that e.g.
username generation can be influenced. Thanks to John Bazik for
the patch.
2013-03-08 Raymond Penners <>
* Robert Balfre contributed Dropbox support, thanks!
2013-02-19 Raymond Penners <>
* socialaccount: Added support for Weibo.
2013-02-15 Raymond Penners <>
* account: Added support for sending HTML e-mail. Add
"*_message.html" templates and they will be automatically picked
2013-02-13 Raymond Penners <>
* socialaccount: The refresh token and token expiry time, if any,
are now stored in `SocialToken`.
* Added support for passing along extra parameters to the OAuth2
authentication calls, such as `access_type` (Google) or
`auth_type` (Facebook).
2013-02-12 Raymond Penners <>
* Both the login and signup view now immediately redirect to the
login redirect url in case the user was already authenticated.
2013-02-11 Raymond Penners <>
* Added support for closing down signups in a pluggable fashion,
making it easy to hookup your own invitation handling mechanism.
2013-02-09 Raymond Penners <>
* Added support for passing along extra parameters to the
`FB.login` API call.
2013-01-30 Raymond Penners <>
* Version 0.9.0 released.
2013-01-29 Raymond Penners <>
* account: `user_signed_up` signal now emits an optional
`sociallogin` parameter so that receivers can easily differentiate
between local and social signups.
2013-01-24 Raymond Penners <>
* account: Added `email_removed` signal.
* socialaccount: Populating of User model fields is now
centralized in the adapter, splitting up `name` into `first_name`
and `last_name` if these were not individually available.
2013-01-11 Raymond Penners <>
* Ahmet Emre Aladağ contributed a Turkish translation, thanks!
* socialaccount: Added SocialAccountAdapter hook to allow for
intervention in social logins.
2013-01-07 Raymond Penners <>
* google: support for Google's `verified_email` flag to determine
whether or not to send confirmation e-mails.
2012-12-26 Raymond Penners <>
* Fábio Santos contributed a Portugese translation, thanks!
2012-12-22 Raymond Penners <>
* socialaccount: Added support for Stack Exchange.
2012-12-14 Raymond Penners <>
* socialaccount: Added `get_social_accounts` template tag.
* account: Default URL to redirect to after login can now be
overriden via the adapter, both for login and e-mail confirmation
2012-12-06 Raymond Penners <>
* Version 0.8.3 released.
2012-11-27 Raymond Penners <>
* Markus Thielen contributed a German translation, thanks!
2012-11-26 Raymond Penners <>
* The `site` foreign key from `SocialApp` to `Site` has been
replaced by a `ManyToManyField`. Many apps can be used across
multiple domains (Facebook cannot).
2012-11-24 Raymond Penners <>
* account: Added adapter class for increased pluggability. Added
hook for 3rd party invitation system to by pass e-mail
verification (`stash_email_verified`). Moved sending of mail to
2012-10-23 Raymond Penners <>
* account: Added option to completely disable e-mail verification
during signup.
2012-10-10 Raymond Penners <>
* Version 0.8.2 released.
* Twitter: Login was broken due to change at in URLs at Twitter,
* LinkedIn: Added support for passing along the OAuth scope.
* account: Improved e-mail confirmation error handling, no more
confusing 404s.
2012-10-03 Raymond Penners <>
* account: Aldiantoro Nugroho contributed support for a new
2012-09-29 Raymond Penners <>
* socialaccount: Added preliminary support for Mozilla Persona.
2012-09-28 Raymond Penners <>
* account: Sam Solomon added various signals for email and
password related changes.
2012-09-08 Raymond Penners <>
* account: Usernames may now contain @, +, . and - characters.
2012-09-03 Raymond Penners <>
* Version 0.8.1 released.
* Python 2.6.2 compatibility issue, fixed.
* The example project was unintentionally packaged, fixed.
2012-09-01 Raymond Penners <>
* Version 0.8.0 released.
2012-08-29 Raymond Penners <>
* account: Dropped dependency on the emailconfirmation app,
integrating its functionality into the account app. This change is
of major impact, please refer to the documentation on how to
2012-08-28 Raymond Penners <>
* account: Documented ACCOUNT_USERNAME_REQUIRED. This is actually
not a new setting, but it somehow got overlooked in the
2012-08-24 Raymond Penners <>
* account/socialaccount: Dropped the _tags postfix from the
template tag libraries. Simply use {% load account %} and {% load
socialaccount %}.
2012-08-21 Raymond Penners <>
* Added signup and social login signals.
2012-08-17 Raymond Penners <>
* SoundCloud: Rabi Alam contributed a SoundCloud provider, thanks!
2012-08-16 Raymond Penners <>
* account: Sam Solomon cleaned up the e-mail management view:
added proper redirect after POSTs, prevent deletion of primary
e-mail. Thanks.
2012-08-04 Raymond Penners <>
* account: When signing up, instead of generating a completely
random username a more sensible username is automatically derived
from first/last name or e-mail.
2012-07-18 Raymond Penners <>
* Version 0.7.0 released.
2012-07-06 Raymond Penners <>
* Facebook: Facundo Gaich contributed support for dynamically
deriving the Facebook locale from the Django locale, thanks!.
2012-06-27 Raymond Penners <>
* OAuth: All OAuth/OAuth2 tokens are now consistently stored
across the board. Cleaned up OAuth flow removing superfluous
* Facebook: Dropped Facebook SDK dependency.
* socialaccount: DRY focused refactoring of social login.
2012-06-26 Raymond Penners <>
* socialaccount: Added support for Google OAuth2 and Facebook
OAuth2. Fixed GitHub.
2012-06-22 Raymond Penners <>
* account: Added verified_email_required decorator.
2012-06-20 Raymond Penners <>
* socialaccount: When signing up, user.first/last_name where
always taken from the provider signup data, even when a custom
signup form was in place that offered user inputs for editting
these fields. Fixed.
2012-06-20 Raymond Penners <>
* Version 0.6.0 released.
* account: Added ACCOUNT_USER_DISPLAY to render a user name
without making assumptions on how the user is represented.
2012-06-18 Raymond Penners <>
* allauth, socialaccount: Removed the last remaining bits of
hardcodedness with respect to the enabled social authentication
2012-06-11 Raymond Penners <>
* account: Added ACCOUNT_AUTHENTICATION_METHOD setting, supporting
login by username, e-mail or both.
2012-06-08 Raymond Penners <>
* Version 0.5.0 released.
2012-06-07 Raymond Penners <>
* account: Added setting ACCOUNT_PASSWORD_MIN_LENGTH for
specifying the minimum password length.
2012-06-05 Raymond Penners <>
* socialaccount: Added generic OAuth2 support. Added GitHub
support as proof of concept.
2012-06-04 Raymond Penners <>
* socialaccount: More refactoring: generic provider & OAuth
consumer approach. Added LinkedIn support to test this approach.
2012-06-03 Raymond Penners <>
* socialaccount: Introduced generic models for storing social
apps, accounts and tokens in a central and consistent manner,
making way for adding support for more account providers. Note:
there is more refactoring to be done -- this first step only
focuses on the database models.
2012-03-29 Raymond Penners <>
* account: E-mail confirmation mails are now automatically resent
whenever a user attempts to login with an unverified e-mail
2012-03-25 Raymond Penners <>
* Version 0.4.0 released.
2012-03-15 Raymond Penners <>
* account: The render_value parameter of all PasswordInput fields
used can now be configured via a setting.
2012-03-15 Raymond Penners <>
* account: Added support for prefixing the subject of sent emails.
2012-03-14 Raymond Penners <>
* account: Added support for a plugging in a custom signup form
used for additional questions to ask during signup.
2012-02-28 Raymond Penners <>
* account: `is_active` is no longer used to keep users with an
unverified e-mail address from loging in.
2012-02-22 Raymond Penners <>
* Dropping uniform dependency. Moved uniform templates into
example project.
2012-01-19 Raymond Penners <>
* Version 0.3.0 released.
2012-01-06 Raymond Penners <>
* The e-mail authentication backend now attempts to use the
'username' parameter as an e-mail address. This is needed to
properly integrate with other apps invoking authenticate.
2011-05-29 Raymond Penners <>
* SmileyChris contributed support for automatically generating a
user name at signup when ACCOUNT_USERNAME_REQUIRED is set to
* Vuong Nguyen contributed support for (optionally) asking for the
password just once during signup
2011-04-22 Raymond Penners <>
* The Twitter oauth sequence now respects the "oauth_callback"
parameter instead of defaulting to the callback URL
configured at Twitter.
2011-04-14 Raymond Penners <>
* Pass along "?next=" parameter between login and signup views.
* Added Dutch translation.
2011-04-12 Raymond Penners <>
* Added template tags for pointing to social login URLs. These
tags automatically pass along any "?next="
parameter. Additionally, added an overall allauth_tags that
gracefully degrades when e.g. allauth.facebook is not installed.
2011-04-11 Raymond Penners <>
* Pass along next URL, if any, at /accounts/social/signup/.
* Duplicate email address handling could throw a
MultipleObjectsReturned exception, fixed.
2011-04-10 Raymond Penners <>
* Removed separate social account login view, in favour of having
a single unified login view including both forms of login.
2011-04-07 Raymond Penners <>
* Added support for passing along a next URL parameter to
Facebook, OpenID logins.
2011-02-13 Raymond Penners <>
* Added support for django-avatar, copying the Twitter profile
image locally on signup.
2010-11-12 Raymond Penners <>
* allauth/account/ (BaseSignupForm.clean_email): With
ACCOUNT_EMAIL_REQUIRED=False, empty email addresses were
considered duplicates. Fixed.
2010-11-12 Raymond Penners <>
* The existing migrations for allauth.openid were not compatible
with MySQL due to the use of an URLField with max_length above
255. The issue has now been addressed but unfortunately at the
cost of the existing migrations for this app. Existing
installations will have to be dealt with manually (altering the
"identity" column of OpenIDAccount, deleting ghost migrations).