1.0.0 [2022-03-19]

Features

• Added UsersAuthenticationBackend class that allows users to authenticate using either email, phone_number or username.
• Added the possibility to filter users by their organization in the user administration section.
• Added REST API endpoints for openwisp-users.
• Added various Django REST Framework mixins and utilities which allow to implement.
• Added DRF permission classes.
• Added passwordless authentication backend for REST APIs.
• Added OrganizationInvitation model.
• Added email verification success view.
• Added logout success view.

Changes

• Authentication REST API endpoints are now enabled by default.
• Following changes have been made to the User model:
  • Increased max length of User.location field.
  • Added User.birth_date field.
  • Added User.notes field.
  • Added User.language field.
  • Made User.email case insensitive. Email addresses will always
    get converted to lower case before storage and comparison.
• Updated OrganizationOwnerInline to use raw_id field for organization_user field.
• Updated OrganizationUserInline to use autocomplete field for organization field.
• Backward incompatible: removed custom permission helpers.
• Backward incompatible: the REST API endpoint /api/v1/user/token/ has been changed to /api/v1/users/token/ for consistency with the rest of the API.

Dependencies:

• Dropped support for Django 2.2.x.
• Dropped support for Python 3.6.
• Added support for Python 3.8 and Python 3.9.
• Added support for Django 3.2.x and 4.0.x.
• Bumped django-allauth~=0.46.0.
• Bumped django-organizations~=2.0.1
• Bumped django-phonenumber-field~=6.0.0.
• Bumped openwisp-utils~=1.0.0.
• Bumped swapper~=1.3.0
• Added django-sesame~=2.4.0.

Bugfixes

• Fixed internal server error on /accounts/login/" page
• Fixed error on restoring "Group" object with django-reversion.
• Fixed error on visiting Django admin URL for non-existing users.
• Fixed organization managers could escalate their privileges to superuser.