Changelog#
3.2#
July 30th, 2023
Added support for invalidating tokens on email change with the
SESAME_INVALIDATE_ON_EMAIL_CHANGE
setting.Supported overriding settings for testing.
3.1#
July 28th, 2022
Added the ability to select which field is used as a primary key in tokens with the
SESAME_PRIMARY_KEY_FIELD
setting.Supported the
SECRET_KEY_FALLBACKS
setting introduced in Django 4.1.
3.0#
July 11th, 2022
Version 3.0 introduces a new documentation.
Notably, a tutorial and an API reference were added.
Enforced update_last_login
as a keyword-only argument in
get_user()
.
update_last_login
was documented as a keyword argument. However, it
could also be the first positional argument. If you were doing this, you
will hit an exception.
Also:
Added
authenticate()
to authenticate users.Added
LoginView
to log users in.Added compatibility with Django ≥ 4.0.
2.4#
May 5th, 2021
Added the ability to pass a token to
get_user()
instead of a request.
2.3#
February 15th, 2021
Supported overriding
max_age
. This feature is only available for v2 tokens.
2.2#
January 16th, 2021
Fixed crash when a v2 token is truncated.
2.1#
November 1st, 2020
Added scoped tokens. This feature is only available for v2 tokens.
2.0#
June 6th, 2020
Version 2.0 introduces a faster and shorter token format (v2).
The new format (v2) is enabled by default for new tokens.
The original format (v1) is still supported for backwards-compatibility.
See Tokens design for details.
Changed the default name of the URL parameter to sesame
.
If you need to preserve existing URLs, you can set the
SESAME_TOKEN_NAME
setting "url_auth_token"
.
Changed the argument expected by
authenticate()
to sesame
.
You’re affected only if you call authenticate(url_auth_token=...)
explicitly. If so, change this call to authenticate(sesame=...)
.
Also:
Added
get_token()
to generate a token.SESAME_MAX_AGE
can be adatetime.timedelta
.Improved documentation.
1.8#
May 11th, 2020
Added compatibility with custom user models with most types of primary keys, including
BigAutoField
,SmallAutoField
, other integer fields,CharField
, andBinaryField
.Added the ability to customize how primary keys are stored in tokens with the
SESAME_PACKER
setting.Added compatibility with Django ≥ 3.0.
1.7#
June 8th, 2019
Fixed invalidation of one-time tokens in
get_user()
.
1.6#
May 18th, 2019
Fixed detection of Safari on iOS.
1.5#
May 1st, 2019
Added support for single-use tokens with the
SESAME_ONE_TIME
setting.Added support for not invalidating tokens on password change with the
SESAME_INVALIDATE_ON_PASSWORD_CHANGE
setting.Added compatibility with custom user models where the primary key is a
UUIDField
.Added the
get_user()
function to obtain a user instance from a request.Improved error message for preexisting tokens when changing the
SESAME_MAX_AGE
setting.Fixed authentication on Safari by disabling redirect.
1.4#
April 29th, 2018
Added a redirect to the same URL with the query string parameter removed.
1.3#
December 2nd, 2017
Added compatibility with Django ≥ 2.0.
1.2#
August 19th, 2016
Added the ability to rename the query string parameter with the
SESAME_TOKEN_NAME
setting.Added compatibility with Django ≥ 1.8.
1.1#
September 17th, 2014
Added support for expiring tokens with the
SESAME_MAX_AGE
setting.
1.0#
July 3rd, 2014
Initial release.