Bump flask-login from 0.4.1 to 0.6.2

[dependabot]

Bumps flask-login from 0.4.1 to 0.6.2.

Release notes

Sourced from flask-login's releases.

0.6.2

• Changes: https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md#version-062

0.6.1

Changes: https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md#version-061

0.6.0

• Changes: https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md#version-060

This release sets new minimum versions of Python, Flask, and Werkzeug, and fixes compatibility with the latest versions of those.

• Python >= 3.7
• Flask >= 1.0.4, this will be bumped to reflect the latest supported release (2.1) in the future
• Werkzeug >= 1.0.1, this will be bumped to reflect the latest supported release (2.1) in the future

Changelog

Sourced from flask-login's changelog.

Version 0.6.2

Released on July 25th, 2022

• Fix compatibility with Werkzeug 2.2 and Flask 2.2. #691
• Revert change to expand_login_view that attempted to preserve a dynamic subdomain value. Such values should be handled using app.url_value_preprocessor and app.url_defaults. #691
• Ensure deprecation warnings are present for deprecated features that will be removed in the next feature release.
  • Use request_loader instead of header_loader.
  • Use user_loaded_from_request instead of user_loaded_from_header.
  • Use app.config["LOGIN_DISABLED"] instead of _login_disabled.
  • Use init_app instead of setup_app.

Version 0.6.1

Released on May 1st, 2022

• Only preserve subdomain or host view args in unauthorized redirect #663
• The new utility function login_remembered returns True if the current login is remembered across sessions. #654
• Fix side effect potentially executing view twice for same request. #666
• Clarify usage of FlaskLoginClient test client in docs. #668

Version 0.6.0

Released on March 30th, 2022

• Drop support for Python 2.7, 3.5, and 3.6, which have all reached the end of their official support. #594, #638
• The minimum supported version of Flask is 1.0.4, and Werkzeug is 1.0.1. However, projects are advised to use the latest versions of both. #639
• Only flash "needs_refresh_message" if value is set #464
• Modify expand_login_view to allow for subdomain and host matching for login_view #462
• Add accessors for request_loader and user_loader callback functions #472
• Change "remember_me" cookie to match Werkzeug default value #488
• Change "remember_me" cookie to HttpOnly, matching Flask session cookie #488
• Add example for using unauthorized_handler #492
• Fix assertEqual deprecation warning in pytest #518
• Fix collections deprecation warning under Python 3.8 #525
• Replace safe_str_cmp with hmac.compare_digest #585
• Document REMEMBER_COOKIE_SAMESITE config #577
• Revise setup.py to use README.md for long description #598
• Various documentation corrections #484, #482, #487, #534
• Fix from flask_login import * behavior, although note that

... (truncated)

Commits

• 9154178 Merge pull request #693 from maxcountryman/release-0.6.2
• 2d23e91 release version 0.6.2
• ae1be9c Merge pull request #692 from maxcountryman/deprecations
• 197ac04 ensure deprecation warnings
• b65e858 Merge pull request #691 from maxcountryman/pallets-compat
• 359fb00 store user on g instead of app_ctx_stack.top
• f8a2c84 revert #462 and #663
• 62c04f4 Bump actions/setup-python from 3 to 4 (#682)
• 4abb2b5 specify python version
• af5cea1 Bump pre-commit/action from 2.0.3 to 3.0.0 (#681)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)