Workflow

Openwisp-users

Latest version: v1.0.2

Safety actively analyzes 621907 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 5

1.1.0

--------------------------

WIP

1.0.2

--------------------------

- Bumped django-all-auth from 0.46.0 to 0.51.0
to fix mild security issues (see the `change log
of django-all-auth for more information
<https://github.com/pennersr/django-allauth/blob/master/ChangeLog.rst>`_)
- The ``classmethod`` decorator was mistakenly forgotten and hence
missing from the following methods of
``openwisp_users.apps.OpenwispUsersConfig``:

- ``update_organizations_dict``
- ``create_organization_owner``
- Fixed a broken example in the DRF Permission Classes section
of the documentation

1.0.1

Not secure
--------------------------

- Updated fur translations

1.0.0

Not secure
--------------------------

Features
~~~~~~~~

- Added `UsersAuthenticationBackend class
<https://github.com/openwisp/openwisp-users#authentication-backend>`_
that allows users to authenticate using either email, phone_number or username.
- Added the possibility to filter users by their organization in
the user administration section.
- Added `REST API endpoints for openwisp-users
<https://github.com/openwisp/openwisp-users#list-of-endpoints>`_.
- Added various `Django REST Framework mixins and utilities
<https://github.com/openwisp/openwisp-users#django-rest-framework-mixins>`_
which allow to implement.
- Added `DRF permission classes
<https://github.com/openwisp/openwisp-users#django-rest-framework-permission-classes>`_.
- Added `passwordless authentication backend for REST APIs
<https://github.com/openwisp/openwisp-users#2-openwisp_usersapiauthenticationsesameauthentication>`_.
- Added ``OrganizationInvitation`` model.
- Added `email verification success view
<https://github.com/openwisp/openwisp-users/issues/277>`_.
- Added logout success view.

Changes
~~~~~~~

- `Authentication REST API endpoints are now enabled by default
<https://github.com/openwisp/openwisp-users#openwisp_users_auth_api>`_.
- Following changes have been made to the User model:

- Increased max length of `User.location field
<https://github.com/openwisp/openwisp-users/commit/0088b0bdfe882e54cf6dfd2fbbafa7ccd79a8beb>`_.
- Added `User.birth_date field
<https://github.com/openwisp/openwisp-users/issues/221>`_.
- Added `User.notes field
<https://github.com/openwisp/openwisp-users/commit/e8b4f0a125969453795a57333e8b2cb612e2743e>`_.
- Added `User.language field
<https://github.com/openwisp/openwisp-users/issues/261>`_.
- Made `User.email case insensitive
<https://github.com/openwisp/openwisp-users/issues/227>`_.
Email addresses will always get converted to lower case before
storage and comparison.

- Updated ``OrganizationOwnerInline`` to use ``raw_id`` field for
``organization_user`` field.
- Updated ``OrganizationUserInline`` to use ``autocomplete`` field
for ``organization`` field.
- **Backward incompatible:** removed `custom permission helpers
<https://github.com/openwisp/openwisp-users/issues/266>`_.
- **Backward incompatible:** the REST API endpoint ``/api/v1/user/token/``
has been changed to ``/api/v1/users/token/`` for consistency
with the rest of the API.

**Dependencies**:

- Dropped support for Django ``2.2.x``.
- Dropped support for Python ``3.6``.
- Added support for Python ``3.8`` and Python ``3.9``.
- Added support for Django ``3.2.x`` and ``4.0.x``.
- Bumped ``django-allauth~=0.46.0``.
- Bumped ``django-organizations~=2.0.1``
- Bumped ``django-phonenumber-field~=6.0.0``.
- Bumped ``openwisp-utils~=1.0.0``.
- Bumped ``swapper~=1.3.0``
- Added ``django-sesame~=2.4.0``.

Bugfixes
~~~~~~~~

- Fixed `internal server error on "/accounts/login/" page
<https://github.com/openwisp/openwisp-users/issues/218>`_
when the social account app is disabled.
- Fixed `error on restoring "Group" object with django-reversion
<https://github.com/openwisp/openwisp-users/issues/214>`_.
- Fixed `error on visiting Django admin URL for non-existing users
<https://github.com/openwisp/openwisp-users/issues/228>`_.
- Fixed `organization managers could escalate their privileges to superuser
<https://github.com/openwisp/openwisp-users/issues/284>`_.

0.5.1

Not secure
--------------------------

Changes
~~~~~~~

- Updated django-allauth to 0.44.x
- Copied the template ``account/login.html`` from django-allauth
in order to remove the sign up link, which we do not support
- Updated django-extensions to 3.1

Bugfixes
~~~~~~~~

- Updating django-allauth to 0.44.x also fixes an `issue affecting
OpenWISP Users in production deployment (experienced in ansible-openwisp2)
<https://github.com/openwisp/ansible-openwisp2/issues/233>`_

0.5.0

Not secure
--------------------------

Features
~~~~~~~~

N/A.

Changes
~~~~~~~

- [change] Extend ``admin/base_site.html`` in ``confirm_email.html``
- [change] Updated to openwisp-utils 0.7 and switched to new ``register_menu_items``
- [change] Removed typographic error in settings which was maintained
for backward compatibility
- [change] Removed deprecated ``organizations_pk``

Bugfixes
~~~~~~~~

- [fix] Fix email confirmation when link is invalid
- [docs] Fixed several broken links in "Extend openwisp-users" section
- [fix] Allow swagger to show parameters of obtain token view

Page 1 of 5

Links

Releases

Has known vulnerabilities

Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.