Bump flask-login from 0.5.0 to 0.6.1

[dependabot]

Bumps flask-login from 0.5.0 to 0.6.1.

Release notes

Sourced from flask-login's releases.

0.6.1

Changes: https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md#version-061

0.6.0

• Changes: https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md#version-060

This release sets new minimum versions of Python, Flask, and Werkzeug, and fixes compatibility with the latest versions of those.

• Python >= 3.7
• Flask >= 1.0.4, this will be bumped to reflect the latest supported release (2.1) in the future
• Werkzeug >= 1.0.1, this will be bumped to reflect the latest supported release (2.1) in the future

Changelog

Sourced from flask-login's changelog.

Version 0.6.1

Released on May 1st, 2022

• Only preserve subdomain or host view args in unauthorized redirect #663
• The new utility function login_remembered returns True if the current login is remembered across sessions. #654
• Fix side effect potentially executing view twice for same request. #666
• Clarify usage of FlaskLoginClient test client in docs. #668

Version 0.6.0

Released on March 30th, 2022

• Drop support for Python 2.7, 3.5, and 3.6, which have all reached the end of their official support. #594, #638
• The minimum supported version of Flask is 1.0.4, and Werkzeug is 1.0.1. However, projects are advised to use the latest versions of both. #639
• Only flash "needs_refresh_message" if value is set #464
• Modify expand_login_view to allow for subdomain and host matching for login_view #462
• Add accessors for request_loader and user_loader callback functions #472
• Change "remember_me" cookie to match Werkzeug default value #488
• Change "remember_me" cookie to HttpOnly, matching Flask session cookie #488
• Add example for using unauthorized_handler #492
• Fix assertEqual deprecation warning in pytest #518
• Fix collections deprecation warning under Python 3.8 #525
• Replace safe_str_cmp with hmac.compare_digest #585
• Document REMEMBER_COOKIE_SAMESITE config #577
• Revise setup.py to use README.md for long description #598
• Various documentation corrections #484, #482, #487, #534
• Fix from flask_login import * behavior, although note that import * is not usually a good pattern in code. #485
• UserMixin.is_authenticated will return whatever is_active returns by default. This prevents inactive users from logging in. #486, #530
• Session protection will only mark the session as not fresh if it's not already marked as such, avoiding modifying the session cookie unnecessarily. #612

Commits

• bb25407 v0.6.1 (#669)
• 138f839 Clarify usage of FlaskLoginClient test client (#668)
• 4986897 Fix for #662 - Better Flask 1.x detection (#667)
• ecd3b59 Clean up docs and tests after merging login_remembered() (#665)
• 1fb74c5 Cleanup changelog after merge conflict
• b617255 Utility function to check whether current login is remembered (#654)
• 4a4869a Bump version 0.6.1-dev0 (#664)
• c877c1c Only preserve subdomain or host view args in login redirect (#663)
• cdcfef0 Fix template example in documentation (#661)
• c7150c8 docs: Add note on where to find available configuration (#659)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #18.