Django-multifactor

Fixes bug introduced in 0.8.0 that stopped you adding your first TOTP/FIDO2 factor to an account.

**Full Changelog**: https://github.com/oliwarner/django-multifactor/compare/v0.8.0...v0.8.1

This includes an important fix for a bug that allowed an attacker to bypass the TOTP authenticator and add a new one. The attacker would have still have had to authenticate but this was still a bad bug to have.

The URLs and templates for FIDO2 have also changed slightly to accommodate a simplification to their code. If you link to or override these, you may have to make alterations to your code.

**Full Changelog**: https://github.com/oliwarner/django-multifactor/compare/v0.7.4...v0.8.0

What's Changed
* Bump nanoid from 3.3.7 to 3.3.8 in /design by dependabot in https://github.com/oliwarner/django-multifactor/pull/104
* Removed support for Python 3.5-3.7 shown in the pyproject.toml
* Updated minimum fido2 version to 1.2.0 from 1.1.2

**Full Changelog**: https://github.com/oliwarner/django-multifactor/compare/v0.7.3...v0.7.4

What's Changed
* Update README.md by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/100
* prproject and test requirements bump by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/101
* Updating test requirements versions by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/102
* Updating fido2 by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/103


**Full Changelog**: https://github.com/oliwarner/django-multifactor/compare/v0.7.2...v0.7.3

TLDR: Django 5.1 support

What's Changed
* Updated the readme and pyproject.toml to show support for Django 5.1 by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/93
* Revert "Updated the readme and pyproject.toml to show support for Django 5.1" by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/94
* Bump urllib3 from 1.26.18 to 1.26.19 by dependabot in https://github.com/oliwarner/django-multifactor/pull/89
* Bump certifi from 2023.7.22 to 2024.7.4 by dependabot in https://github.com/oliwarner/django-multifactor/pull/91
* Bump cryptography from 42.0.4 to 43.0.1 by dependabot in https://github.com/oliwarner/django-multifactor/pull/97
* Updated to show support for Django 5.1 and to support Django > 5.2 by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/96
* Bump braces from 3.0.2 to 3.0.3 in /design by dependabot in https://github.com/oliwarner/django-multifactor/pull/95
* Bump vite from 5.2.11 to 5.2.14 in /design by dependabot in https://github.com/oliwarner/django-multifactor/pull/98
* Bump rollup from 4.17.2 to 4.22.4 in /design by dependabot in https://github.com/oliwarner/django-multifactor/pull/99
* Re-issued because of build breakage.


**Full Changelog**: https://github.com/oliwarner/django-multifactor/compare/v0.7...v0.7.1

What's Changed
* Fix issue with fido2 and localhost caused by the host to fido_server_id mismatch by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/83
* Fixes the spelling mistakes highlighted in 86 by StevenMapes in https://github.com/oliwarner/django-multifactor/pull/87
* Adds email template for fallback token by godswearhats in https://github.com/oliwarner/django-multifactor/pull/66
* HTML Email fallback with setting `settings.MULTIFACTOR.HTML_EMAIL`. This is defaulting to on, hence the minor version bump.

Dep Bumps
* Bump jinja2 from 3.1.3 to 3.1.4 by dependabot in https://github.com/oliwarner/django-multifactor/pull/85
* Bump cryptography from 42.0.2 to 42.0.4 by dependabot in https://github.com/oliwarner/django-multifactor/pull/77
* Bump aiohttp from 3.8.5 to 3.8.6 by dependabot in https://github.com/oliwarner/django-multifactor/pull/68
* Bump django from 3.2.21 to 3.2.24 by dependabot in https://github.com/oliwarner/django-multifactor/pull/76
* Bump jinja2 from 3.1.2 to 3.1.3 by dependabot in https://github.com/oliwarner/django-multifactor/pull/72
* Bump vite from 4.4.10 to 4.5.2 in /design by dependabot in https://github.com/oliwarner/django-multifactor/pull/74
* Bump cryptography from 41.0.4 to 42.0.2 by dependabot in https://github.com/oliwarner/django-multifactor/pull/75
* Bump django from 3.2.24 to 3.2.25 by dependabot in https://github.com/oliwarner/django-multifactor/pull/78
* Bump idna from 3.4 to 3.7 by dependabot in https://github.com/oliwarner/django-multifactor/pull/80
* Bump vite from 4.5.2 to 4.5.3 in /design by dependabot in https://github.com/oliwarner/django-multifactor/pull/79

(Updated from earlier - the auto-package script needs a three-part version)

**Full Changelog**: https://github.com/oliwarner/django-multifactor/compare/v0.6.2...v0.7