- BI: moved account deletion callbacks to hooksets
- BI: dropped Django 1.7 support
- BI: dropped Python 3.2 support
- BI: removed deprecated ACCOUNT_USE_AUTH_AUTHENTICATE setting with behavior matching its True value
- added Django 1.10 support
- added Turkish translations
- made language codes migration dynamic
- added password expiration
- added password stripping by default
- added ACCOUNT_EMAIL_CONFIRMATION_AUTO_LOGIN feature (default is False)
Backward Incompatible Changes
account deletion callbacks moved to hookset
This change brings the previously defined functions in the
into line with the hooksets convention we’ve been using for awhile now. It
does mean that if you have functions defined in your site for the following
you will need to migrate those functions to a hookset implementation if you
don’t already have one to add to.
dropped Django 1.7 and Python 3.2 support
If you still need support for 1.7 then you should likely continue with the 1.x line of DUA, but it’s highly recommended you at least upgrade to Django 1.8.
remove deprecated ACCOUNT_USE_AUTH_AUTHENTICATE setting
The current behavior matches how things worked when that setting was set to
Django 1.10 support added
DUA was for the most part working fine with Django 1.10. However, the middleware needed to be updated to work with Django 1.10’s middleware changes.
DUA now speaks Turkish
Thanks Serkan Altuntaş for helping!
Made language codes migration dynamic
Thanks Jonathan Potter for this fix that DRYs up things a bit.
Password Expiration and Password History Tracking
Graham Ullrich landed this new feature set to DUA that enables per-user setting of password expiration as well as a global expiry setting. You can also set passwords that never expire. Lastly you can enforce password validation that doesn’t permit using old passwords.
Docs for these features are online.
New setting to enable auto-login when confirming email added
This commit adds a new setting:
False but when set to
True users that click the email confirmation
link will not only confirm their email address but automatically logged in.