diff --git a/api/config/settings/common.py b/api/config/settings/common.py index 7ca178286..776d73c2e 100644 --- a/api/config/settings/common.py +++ b/api/config/settings/common.py @@ -315,6 +315,7 @@ MIDDLEWARE = ( tuple(plugins.trigger_filter(plugins.MIDDLEWARES_BEFORE, [], enabled=True)) + tuple(ADDITIONAL_MIDDLEWARES_BEFORE) + ( + "allauth.account.middleware.AccountMiddleware", "django.middleware.security.SecurityMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", "corsheaders.middleware.CorsMiddleware", diff --git a/api/poetry.lock b/api/poetry.lock index 84dab5376..58544d727 100644 --- a/api/poetry.lock +++ b/api/poetry.lock @@ -1113,24 +1113,24 @@ bcrypt = ["bcrypt"] [[package]] name = "django-allauth" -version = "0.55.2" +version = "0.63.6" description = "Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication." optional = false python-versions = ">=3.7" groups = ["main"] files = [ - {file = "django-allauth-0.55.2.tar.gz", hash = "sha256:7b713c9947f1917e5c1c5a106fd6208d2c2c71435542fec6d60b01fd7bada3a8"}, + {file = "django_allauth-0.63.6.tar.gz", hash = "sha256:f15f49defb09e0604dad5214e53a69a1f723cb03176bb115c8930bcd19b91749"}, ] [package.dependencies] -Django = ">=3.1" -pyjwt = {version = ">=1.7", extras = ["crypto"]} -python3-openid = ">=3.0.8" -requests = ">=2.0.0" -requests-oauthlib = ">=0.3.0" +Django = ">=3.2" [package.extras] +mfa = ["qrcode (>=7.0.0)"] +openid = ["python3-openid (>=3.0.8)"] saml = ["python3-saml (>=1.15.0,<2.0.0)"] +socialaccount = ["pyjwt[crypto] (>=1.7)", "requests (>=2.0.0)", "requests-oauthlib (>=0.3.0)"] +steam = ["python3-openid (>=3.0.8)"] [[package]] name = "django-auth-ldap" @@ -3044,27 +3044,6 @@ files = [ [package.extras] windows-terminal = ["colorama (>=0.4.6)"] -[[package]] -name = "pyjwt" -version = "2.10.1" -description = "JSON Web Token implementation in Python" -optional = false -python-versions = ">=3.9" -groups = ["main"] -files = [ - {file = "PyJWT-2.10.1-py3-none-any.whl", hash = "sha256:dcdd193e30abefd5debf142f9adfcdd2b58004e644f25406ffaebd50bd98dacb"}, - {file = "pyjwt-2.10.1.tar.gz", hash = "sha256:3cc5772eb20009233caf06e9d8a0577824723b44e6648ee0a2aedb6cf9381953"}, -] - -[package.dependencies] -cryptography = {version = ">=3.4.0", optional = true, markers = "extra == \"crypto\""} - -[package.extras] -crypto = ["cryptography (>=3.4.0)"] -dev = ["coverage[toml] (==5.0.4)", "cryptography (>=3.4.0)", "pre-commit", "pytest (>=6.0.0,<7.0.0)", "sphinx", "sphinx-rtd-theme", "zope.interface"] -docs = ["sphinx", "sphinx-rtd-theme", "zope.interface"] -tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"] - [[package]] name = "pyld" version = "2.0.3" @@ -3411,25 +3390,6 @@ files = [ {file = "python_magic-0.4.27-py2.py3-none-any.whl", hash = "sha256:c212960ad306f700aa0d01e5d7a325d20548ff97eb9920dcd29513174f0294d3"}, ] -[[package]] -name = "python3-openid" -version = "3.2.0" -description = "OpenID support for modern servers and consumers." -optional = false -python-versions = "*" -groups = ["main"] -files = [ - {file = "python3-openid-3.2.0.tar.gz", hash = "sha256:33fbf6928f401e0b790151ed2b5290b02545e8775f982485205a066f874aaeaf"}, - {file = "python3_openid-3.2.0-py3-none-any.whl", hash = "sha256:6626f771e0417486701e0b4daff762e7212e820ca5b29fcc0d05f6f8736dfa6b"}, -] - -[package.dependencies] -defusedxml = "*" - -[package.extras] -mysql = ["mysql-connector-python"] -postgresql = ["psycopg2"] - [[package]] name = "pytz" version = "2024.2" @@ -3702,25 +3662,6 @@ six = "*" fixture = ["fixtures"] test = ["fixtures", "mock", "purl", "pytest", "requests-futures", "sphinx", "testrepository (>=0.0.18)", "testtools"] -[[package]] -name = "requests-oauthlib" -version = "2.0.0" -description = "OAuthlib authentication support for Requests." -optional = false -python-versions = ">=3.4" -groups = ["main"] -files = [ - {file = "requests-oauthlib-2.0.0.tar.gz", hash = "sha256:b3dffaebd884d8cd778494369603a9e7b58d29111bf6b41bdc2dcd87203af4e9"}, - {file = "requests_oauthlib-2.0.0-py2.py3-none-any.whl", hash = "sha256:7dd8a5c40426b779b0868c404bdef9768deccf22749cde15852df527e6269b36"}, -] - -[package.dependencies] -oauthlib = ">=3.0.0" -requests = ">=2.0.0" - -[package.extras] -rsa = ["oauthlib[signedtoken] (>=3.0.0)"] - [[package]] name = "rpds-py" version = "0.22.3" @@ -4866,4 +4807,4 @@ typesense = ["typesense"] [metadata] lock-version = "2.1" python-versions = "^3.10,<3.14" -content-hash = "f79e96c467abba99f0dc9ba2044df45adc0a34a9939ae5bf6bdad6c522f5d1bc" +content-hash = "a1b769cda7623c1451fe612998ae7b71142b7dd05177f678210ae8c4a51cb630" diff --git a/api/pyproject.toml b/api/pyproject.toml index cf2a5c491..236150666 100644 --- a/api/pyproject.toml +++ b/api/pyproject.toml @@ -30,7 +30,7 @@ python = "^3.10,<3.14" # Django dj-rest-auth = "5.0.2" django = "4.2.9" -django-allauth = "0.55.2" +django-allauth = "0.63.6" django-cache-memoize = "0.1.10" django-cacheops = "==7.0.2" django-cleanup = "==8.1.0" @@ -73,6 +73,7 @@ bleach = "==6.1.0" boto3 = "==1.26.161" click = "==8.1.7" cryptography = "==41.0.7" +defusedxml = "0.7.1" feedparser = "==6.0.11" python-ffmpeg = "==2.0.12" liblistenbrainz = "==0.5.5"