1.2.2 [2026-04-25]

Bugfixes

• Added SocialAccount inline to UserAdmin when needed #501

1.2.1 [2026-04-22]

Changes

Dependencies

• Allowed upgrade of django-allauth up to 65.13.0.

Bugfixes

• Allowed managing social auth secrets when needed.
• Ensured site\_name is displayed in password reset email #482.
• Prevented authentication without a username in UsersAuthenticationBackend.

1.2.0 [2025-10-23]

Changes

Dependencies

• Bumped django-organizations>=2.5.0,<2.6.0.
• Bumped django-extensions>=3.2,<4.2.
• Bumped django-allauth[socialaccount]>=65.12.0,<65.13.0.
• Bumped django-phonenumber-field>=8.1.0,<8.2.0.
• Bumped phonenumbers>=9.0.10,<9.1.0.
• Bumped openwisp-utils[rest,celery]~=1.2.0.
• Removed coveralls in favor of coverage package.
• Added support for Django 5.x.
• Dropped support for Django 3.2.0 and Django 4.1.0.
• Added support for Python 3.11, 3.12, and 3.13.
• Dropped support for Python 3.8.

1.1.0 [2024-11-20]

Features

• Added support for password expiration, allowing user passwords to automatically expire after a set period.
• Added multi-tenant Django filters.
• Added MultitenantOrgFilter to add autocomplete filter in ModelAdmin.
• Added export-users command line utility to export users.
• Added ProtectedApiMixin.
• Added PasswordReuseValidator which prevents users from reusing their current password when setting a new one.
• Allowed creating users with a verified email via REST API.

Changes

• Added autocomplete fields in OrganizationOwner admin.
• Enabled OrganizationUserAdmin by default.

Dependencies:

• Bumped django-organizations~=2.4.1.
• Bumped django-extensions~=3.2.3.
• Bumped django-allauth[socialaccount]~=0.63.6.
• Bumped django-phonenumber-field~=8.13.48.
• Bumped django-reversion~=5.1.0.
• Bumped phonenumbers~=8.13.48.
• Bumped django-sesame~=3.2.2.
• Bumped openwisp-utils[rest,celery]~=1.1.1.
• Added support for Django 4.1.x and 4.2.x.
• Added support for Python 3.10.
• Dropped support for Python 3.7.
• Dropped support for Django 3.0.x and 3.1.x.

Bugfixes

• User need to have required model permissions to perform admin actions.
• Don't allow organization admin to create shared object.
• Fixed user's organization cache invalidation.
• Invalidate org membership cache when organization's active status changes.
• Fixed an issue where the organization admin would see multiple entries for the same user in the user changelist.
• Fixed admin unregistration failures for EmailAddress and TokenProxy models.
• Fixed an IntegrityError that occurred when adding the first user to an organization via Organization.add_user.
• Fixed UsersAuthenticationBackend to support phone numbers with leading zero.
• Prevented users registered via social login from setting a password.

1.0.2 [2022-06-28]

• Bumped django-all-auth from 0.46.0 to 0.51.0 to fix mild security issues (see the change log of django-all-auth for more information)
• The @classmethod decorator was mistakenly forgotten and hence missing from the following methods of openwisp_users.apps.OpenwispUsersConfig:
  • update_organizations_dict
  • create_organization_owner
• Fixed a broken example in the DRF Permission Classes section
  of the documentation

1.0.1 [2022-05-24]

• Updated fur translations

1.0.0 [2022-03-19]

Features

• Added UsersAuthenticationBackend class that allows users to authenticate using either email, phone_number or username.
• Added the possibility to filter users by their organization in the user administration section.
• Added REST API endpoints for openwisp-users.
• Added various Django REST Framework mixins and utilities which allow to implement.
• Added DRF permission classes.
• Added passwordless authentication backend for REST APIs.
• Added OrganizationInvitation model.
• Added email verification success view.
• Added logout success view.

Changes

• Authentication REST API endpoints are now enabled by default.
• Following changes have been made to the User model:
  • Increased max length of User.location field.
  • Added User.birth_date field.
  • Added User.notes field.
  • Added User.language field.
  • Made User.email case insensitive. Email addresses will always
    get converted to lower case before storage and comparison.
• Updated OrganizationOwnerInline to use raw_id field for organization_user field.
• Updated OrganizationUserInline to use autocomplete field for organization field.
• Backward incompatible: removed custom permission helpers.
• Backward incompatible: the REST API endpoint /api/v1/user/token/ has been changed to /api/v1/users/token/ for consistency with the rest of the API.

Dependencies:

• Dropped support for Django 2.2.x.
• Dropped support for Python 3.6.
• Added support for Python 3.8 and Python 3.9.
• Added support for Django 3.2.x and 4.0.x.
• Bumped django-allauth~=0.46.0.
• Bumped django-organizations~=2.0.1
• Bumped django-phonenumber-field~=6.0.0.
• Bumped openwisp-utils~=1.0.0.
• Bumped swapper~=1.3.0
• Added django-sesame~=2.4.0.

Bugfixes

• Fixed internal server error on /accounts/login/" page
• Fixed error on restoring "Group" object with django-reversion.
• Fixed error on visiting Django admin URL for non-existing users.
• Fixed organization managers could escalate their privileges to superuser.

0.5.1 [2020-12-13]

Changes

• Updated django-allauth to 0.44.x
• Copied the template account/login.html from django-allauth in order to remove the sign up link, which we do not support
• Updated django-extensions to 3.1

Bugfixes

• Updating django-allauth to 0.44.x also fixes an issue affecting OpenWISP Users in production deployment (experienced in ansible-openwisp2)

0.5.0 [2020-11-18]

Features

N/A.

Changes

• [change] Extend admin/base_site.html in confirm_email.html
• [change] Updated to openwisp-utils 0.7 and switched to new
  register_menu_items
• [change] Removed typographic error in settings which was
  maintained for backward compatibility
• [change] Removed deprecated organizations_pk

Bugfixes

• [fix] Fix email confirmation when link is invalid
• [docs] Fixed several broken links in "Extend openwisp-users"
  section
• [fix] Allow swagger to show parameters of obtain token view

Version 0.4.1 [2020-10-08]

• [chores] Allow passing a string or uuid to the Organization membership helpers
• [fix] The OrganizationUser instance of an OrganizationOwner won't be allowed to be is_admin=False
• [fix] Fixed mutable class attribute in MultitenantAdminMixin
• [fix] Fixed exception when deleting OrganizationUser of an owner
• [fix] Fixed typographical error in organization name