Fastapi-users

Breaking changes
----------------

* Transport classes now always build full response objects instead of using the implicit FastAPI `Response` object.
* If you were not implementing your own custom transport classes, you will have nothing to do.
* If you implemented custom classes, you should adapt them so they return a `Response` object. [[Example](https://github.com/fastapi-users/fastapi-users/blob/8959a12d56212efe01b8cf3c37f0659cc25dcc19/fastapi_users/authentication/transport/bearer.py)]
* Cookie transport now returns a proper `204 No Content` response on logout, which should please OpenAPI Generators. Thanks caniko 🎉

New features
------------

* `on_after_login` method now accepts `response` in argument, which is the `Response` object built by the transport. [[Documentation](https://fastapi-users.github.io/fastapi-users/latest/configuration/user-manager/#on_after_login)] Thanks sorasful 🎉

Bug fixes
---------

* Fix 1166: add type hint to /users/{id} routes. Thanks gegnew 🎉
* Fix `/verify` route returning `null` user ID with Beanie. Thanks jankadel 🎉

Documentation
-------------

* Update documentation for Beanie.

Bug fixes & improvements
---------

* Fix 1172: missing `is_verified_by_default` argument on `get_oauth_router` method
* Bump dependencies:
* `python-multipart ==0.0.6`

New features
------------

* SQLAlchemy 2.0 support [[Documentation](https://fastapi-users.github.io/fastapi-users/10.4/configuration/databases/sqlalchemy/)]
* If you need to stay on SQLAlchemy 1.4, you can pin this dependency: `fastapi-users-db-sqlalchemy<5.0.0`
* Allow to set `is_verified` flag to `True` by default after OAuth registration [[Documentation](https://fastapi-users.github.io/fastapi-users/10.4/configuration/oauth/#set-is_verified-to-true-by-default)]

Improvements
------------

* Bump dependencies
* `httpx-oauth >=0.4,<0.12`

Improvements
------------

* Ensure the reset password token can be used only once.
* Change JWT access token structure to use standard `sub` claim instead of `user_id`.
* ⚠ Existing JWT will be invalidated
* Change verify and reset password tokens structure to use standard `sub` claim instead of `user_id`.

Improvements
------------

* Bump `httpx-oauth >=0.4,<0.11`
* With `httpx-oauth >= 0.10`, the OAuth2 client may be not able to return an email address depending on the OAuth Provider. In this case, the error `OAUTH_NOT_AVAILABLE_EMAIL` is raised during `/callback`. [[Documentation](https://fastapi-users.github.io/fastapi-users/10.2/usage/routes/#get-callback)]
* Enable Python 3.11 support in CI