v5.5.1

5.5.1

Missing Migration for rest_framework_simplejwt.token_blacklist app. A previously missing migration (0013_blacklist) has now been added. This issue arose because the migration file was mistakenly not generated earlier. This migration was never part of an official release, but users following the latest master branch may have encountered it.

Notes for Users
If you previously ran makemigrations in production and have a 0013_blacklist migration in your django_migrations table, follow these steps before upgrading:

1. Roll back to the last known migration:

python manage.py migrate rest_framework_simplejwt.token_blacklist 0012

2. Upgrade djangorestframework-simplejwt to the latest version.
3. Apply the migrations correctly:

python manage.py migrate

Important: If other migrations depend on 0013_blacklist, be cautious when removing it. You may need to adjust or regenerate dependent migrations to ensure database integrity.

• fix: add missing migration for token_blacklist app by @juanbailon in #894
• 🌐 Fix typos and improve clarity in es_AR translations by @fabianfalon in #876
• docs: Add warning in docs for for_user usage by @vgrozdanic in #872
• feat: log warning if token is being created for inactive user by @vgrozdanic in #873
• ref: full tracebacks on exceptions by @vgrozdanic in #870
• #858 New i18n messages by @Cloves23 in #879
• Repair the type annotations in the TokenViewBase class. by @triplepoint in #880
• fix: Token.outstand forces users to install blacklist app by @Andrew-Chen-Wang in #884
• fix: PytestConfigWarning Unknown config option: python_paths by @vgrozdanic in #886
• fix: Do not copy iat claim from refresh token by @vgrozdanic in #888
• fix: add missing migration for token_blacklist app by @juanbailon in #894
• Update Persian translations (fa, fa_IR) for Django application by @mahdirahimi1999 in #897
• fix: always stringify user_id claim (#887)

New Contributors

• @fabianfalon made their first contribution in #876
• @Cloves23 made their first contribution in #879
• @triplepoint made their first contribution in #880
• @juanbailon made their first contribution in #894

Full Changelog: v5.5.0...v5.5.1

v5.5.0

Differing Behavior Change

• Adds new refresh tokens to OutstandingToken db. by @thecarpetjasp in #866

What's Changed

• Cap PyJWT version to <2.10.0 to avoid incompatibility with subject claim type requirement by @grayver in #843
• Add specific "token expired" exceptions by @vainu-arto in #830
• Fix user_id type mismatch when user claim is not pk by @jdg-journeyfront in #851
• Caching signing key by @henryfool91 in #859

Full Changelog: v5.4.0...v5.5.0

5.4.0

5.4.0

• Changed string formatting in views by @Egor-oop in #750
• Enhance BlacklistMixin with Generic Type for Accurate Type Inference by @Dresdn in #768
• Improve type of Token.for_user to allow subclasses by @sterliakov in #776
• Fix the Null value of the OutstandingToken of the BlacklistMixin.blacklist by @JaeHyuckSa in #806
• Fix: Disable refresh token for inactive user. by @ajay09 in #814
• Add option to allow inactive user authentication and token generation by @zxkeyy in #834
• Drop Django <4.2, DRF <3.14, Python <3.9 by @Andrew-Chen-Wang in #839
  • Note, many deprecated versions are only officially not supported but probably still work fine.
• Add support for EdDSA and other algorithms in jwt.algorithms.requires_cryptography (#822) #823

Full Changelog: v5.3.1...v5.4.0

v5.3.1

What's Changed

• Remove EOL Python, Django and DRF versions by @KOliver94 in #754
• Update Korean translations by @TGoddessana in #753
• Declare support for type checking (closes #664) by @PedroPerpetua in #760
• Remove usages of deprecated datetime.utcnow() and datetime.utcfromtimestamp() by @kozlek in #765

Full Changelog: v5.3.0...v5.3.1

v5.3.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #641
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #648
• Added Slovenian translations by @banDeveloper in #645
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #652
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #655
• Rename de_CH to DE by @Andrew-Chen-Wang in #653
• Add Python 3.11 to CI, tox, and trove classifiers by @joshuadavidthomas in #636
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #657
• Add Inlang to enable community translations / make the contribution of translations easier by @jannesblobel in #662
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #666
• Update docs on serializer customization by @2ykwang in #668
• Fixes #676 - Remove reference to django2.2 by @mattseymour in #677
• fix: rm unused serializers module in views.py by @abel9851 in #681
• feat: adding typehints by @abczzz13 in #683
• Removing dj-22 and djmain from the tox config by @abczzz13 in #691
• Add DRF 3.14 Support by @Andrew-Chen-Wang in #623
• Update django.po for id translation by @kiraware in #685
• add he_IL to locale by @elam91 in #679
• Updated translations for Persian (fa) language by @mahdirahimi1999 in #708
• Update customizing_token_claims.rst by @rodrq in #714
• Added write_only=True for better doc generation by @Yaser-Amiri in #699
• Add support for Django 4.2 by @johnthagen in #711
• Add Arabic language translations by @iamjazzar in #690
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #694
• Improve testing by @kiraware in #688
• Revoke access token if user password is changed by @mahdirahimi1999 in #719
• Updated translations for Persian (fa) language by @mahdirahimi1999 in #723
• Release notes for version 5.3.0 by @aqeelat in #735
• Sync .mo files by @aqeelat in #736
• Sync .mo files by @aqeelat in #737

New Contributors

• @banDeveloper made their first contribution in #645
• @joshuadavidthomas made their first contribution in #636
• @jannesblobel made their first contribution in #662
• @mattseymour made their first contribution in #677
• @abel9851 made their first contribution in #681
• @abczzz13 made their first contribution in #683
• @kiraware made their first contribution in #685
• @elam91 made their first contribution in #679
• @mahdirahimi1999 made their first contribution in #708
• @rodrq made their first contribution in #714
• @Yaser-Amiri made their first contribution in #699
• @iamjazzar made their first contribution in #690
• @aqeelat made their first contribution in #735

Full Changelog: v5.2.2...v5.3.0

v5.2.2

Major security release

• Revert #605 in #629
• Fix typo in blacklist_app.rst by @cbscsm in #593

v5.2.1

What's Changed

• Add Swedish translations by @PasinduPrabhashitha in #579
• Fixed issue #543 by @armenak-baburyan in #586
• Fix uncaught exception with JWK by @jerr0328 in #600
• Test on Django 4.1 by @2ykwang in #604
• use non-deprecated UTC timezone by @BSVogler in #606
• Added Romanian translations by @DCDie in #591
• allow verification skipping by @domdinicola in #605

New Contributors

• @PasinduPrabhashitha made their first contribution in #579
• @armenak-baburyan made their first contribution in #586
• @jerr0328 made their first contribution in #600
• @BSVogler made their first contribution in #606
• @DCDie made their first contribution in #591

Full Changelog: v5.2.0...v5.2.1

v5.2.0

Version 5.2.0

• Remove the JWTTokenUserAuthentication from the Experimental Features #546 by @byrpatrick in #547
• Fix leeway type error by @2ykwang in #554
• Add info on TokenBlacklistView to the docs by @inti7ary in #558
• Update JWTStatelessUserAuthentication docs by @2ykwang in #561
• Allow none jti claim token type claim by @denniskeends in #567
• Allow customizing token JSON encoding by @vainu-arto in #568
• update & correct supported versions in docs by @asaah18 in #576

New Contributors

• @byrpatrick made their first contribution in #547
• @inti7ary made their first contribution in #558
• @thomasrockhu-codecov made their first contribution in #559
• @denniskeends made their first contribution in #567
• @asaah18 made their first contribution in #576

Full Changelog: v5.1.0...v5.2.0

v5.1.0

Version 5.1.0

• Add back support for PyJWT 1.7.1 (#536)
• Make the token serializer configurable (#521)
• Simplify using custom token classes in serializers (#517)
• Fix default_app_config deprecation (#415)
• Add missing integration instructions for drf-yasg (#505)
• Add blacklist view to log out users (#306)
• Set default verifying key to empty str (#487)
• Add docs about TOKEN_USER_CLASS (#455)

Meta:

• Add auto locale updater (#456)

Translations:

• Added Korean translations (#501)
• Added Turkish translations (#508)

v5.0.0

What's Changed

• Set BLACKLIST_AFTER_ROTATION by default to False by @mohmyo in #455
• Repair generation of OpenAPI with Spectacular by @robrichter in #452
• updated import list by @rajan-blackboxes in #459
• Add blacklist view to log out users by @hodossy in #306
• Add "iat" claim to token by @mizvyt in #192
• Remove verify from jwt.decode() to follow PyJWT v2.2.0. by @dajiaji in #472
• Update CHANGELOG for v4.9.0 (#472) by @felippem in #476

New Contributors

• @mohmyo made their first contribution in #455
• @robrichter made their first contribution in #452
• @rajan-blackboxes made their first contribution in #459
• @hodossy made their first contribution in #306
• @mizvyt made their first contribution in #192
• @dajiaji made their first contribution in #472
• @felippem made their first contribution in #476

Full Changelog: v4.8.0...v5.0.0