July 28th, 2022
Added the ability to select which field is used as a primary key in tokens with the
SECRET_KEY_FALLBACKSsetting introduced in Django 4.1.
July 11th, 2022
update_last_login as a keyword-only argument in
update_last_login was documented as a keyword argument. However, it
could also be the first positional argument. If you were doing this, you
will hit an exception.
May 5th, 2021
Added the ability to pass a token to
get_user()instead of a request.
February 15th, 2021
max_age. This feature is only available for v2 tokens.
January 16th, 2021
Fixed crash when a v2 token is truncated.
November 1st, 2020
Added scoped tokens. This feature is only available for v2 tokens.
June 6th, 2020
Version 2.0 introduces a faster and shorter token format (v2).
The new format (v2) is enabled by default for new tokens.
The original format (v1) is still supported for backwards-compatibility.
See Tokens design for details.
Changed the default name of the URL parameter to
If you need to preserve existing URLs, you can set the
Changed the argument expected by
You’re affected only if you call
explicitly. If so, change this call to
May 11th, 2020
Added the ability to customize how primary keys are stored in tokens with the
Added compatibility with Django ≥ 3.0.
June 8th, 2019
Fixed invalidation of one-time tokens in
May 18th, 2019
Fixed detection of Safari on iOS.
May 1st, 2019
Added support for single-use tokens with the
Added support for not invalidating tokens on password change with the
Added compatibility with custom user models where the primary key is a
get_user()function to obtain a user instance from a request.
Improved error message for preexisting tokens when changing the
Fixed authentication on Safari by disabling redirect.
April 29th, 2018
Added a redirect to the same URL with the query string parameter removed.
December 2nd, 2017
Added compatibility with Django ≥ 2.0.
August 19th, 2016
Added the ability to rename the query string parameter with the
Added compatibility with Django ≥ 1.8.
September 17th, 2014
Added support for expiring tokens with the
July 3rd, 2014