15 Dec 2025

What's Changed

• Updates to core APIs by @calellowitz in #2
• restore user account by @calellowitz in #1
• Ce/OIDC by @calellowitz in #4
• add fetch user endpoint by @calellowitz in #5
• alphanumeric sender by @calellowitz in #6
• push notifications by @snopoke in #7
• add phone to user admin by @calellowitz in #8
• lookup on correct response object by @calellowitz in #9
• remove default validators by @calellowitz in #10
• Ce/test users by @calellowitz in #12
• properly use view by @calellowitz in #13
• get phone number from user_data by @calellowitz in #14
• use raw phone number value by @calellowitz in #15
• add api version settings by @calellowitz in #18
• add recovery pin and urls by @calellowitz in #19
• add missing migration and fix syntax by @calellowitz in #20
• blank required for validation by @calellowitz in #21
• Merge deployed code by @calellowitz in #22
• lockout by @calellowitz in #3
• add current version header middleware by @calellowitz in #24
• update middleware to include headers only when necessary by @calellowitz in #25
• Fix include_version_headers property causing 500 issue by @pxwxnvermx in #26
• add secondary recovery date and user key management by @calellowitz in #27
• encode key correctly by @calellowitz in #29
• add basic credential models and views by @calellowitz in #28
• validation deadline by @calellowitz in #30
• Fix add url to credential invite by @pxwxnvermx in #31
• dbkey fetch by @calellowitz in #32
• Fix phone number not serializable by @pxwxnvermx in #33
• use sites for absolute url by @calellowitz in #34
• add filters for users individually by @calellowitz in #36
• add app hash to settings and otp message by @calellowitz in #37
• add moz to senderid dict by @calellowitz in #39
• User Deactivation Views by @pxwxnvermx in #38
• Fix save deactivation token on generation by @pxwxnvermx in #40
• add extra user info to admin page by @calellowitz in #43
• Fix remove duplicate unique constraint from phone number field by @pxwxnvermx in #44
• Stub out ConnectID views by @hemant10yadav in #42
• Added models for messaging by @hemant10yadav in #41
• Content type to JsonField. by @hemant10yadav in #45
• Fetch by username by @calellowitz in #46
• Added query param in fetch credentials. by @hemant10yadav in #47
• Publish android assetlinks by @sravfeyn in #52
• messaging auth by @calellowitz in #48
• import message server model by @calellowitz in #53
• only use serializer to generate payload by @calellowitz in #55
• requirements updates by @calellowitz in #54
• fix syntax error by @calellowitz in #56
• its a variable by @calellowitz in #57
• use correct key names by @calellowitz in #58
• get or create channel by @calellowitz in #59
• endpoints to receive/forward hq invites by @sravfeyn in #51
• oauth client auth for hq endpoint by @sravfeyn in #60
• Capture Payment Phone numbers by @sravfeyn in #50
• Add otp generation and sending rate limiting by @pxwxnvermx in #16
• fix migration conflict by @calellowitz in #61
• messaging fixes by @calellowitz in #62
• add sentry by @calellowitz in #63
• remove received from message serializer by @calellowitz in #65
• add action to messaging notifications by @calellowitz in #66
• fixed test by @hemant10yadav in #70
• add action to fields by @calellowitz in #71
• return 400 when phone missing by @calellowitz in #73
• extend tokens to 30 minutes and limit resending by @calellowitz in #72
• Fixed for Error Requesting SMS Code by @hemant10yadav in #74
• add more channel info to consent notification by @calellowitz in #75
• make sure all fields are strings by @calellowitz in #76
• Formatting-linting by @hemant10yadav in #69
• make consent default to true and update views by @calellowitz in #80
• Add user counts api by @pxwxnvermx in #78
• add channel name and fix migration state by @calellowitz in #81
• CI Workflow by @hemant10yadav in #68
• Add Recovery Phone Field to Recovery Payload by @zandre-eng in #84
• Send Error Response if No Recovery Phone by @zandre-eng in #83
• Add Deactivation Tokens for Demo Users by @zandre-eng in #88
• Add pytest-cov by @Charl1996 in #86
• Improve Account Deactivation Response by @zandre-eng in #85
• Add tests for confirm_recovery_pin view and handle no recovery pin set gracefully by @Charl1996 in #87
• add sierra leone country code to sender list by @calellowitz in #90
• Resolve Exception Where Message instance Already Exists by @zandre-eng in #89
• FCM Analytics Labels and High Priority Notifications by @pxwxnvermx in #82
• Catch Exception Where Channel Does Not Exist by @zandre-eng in #93
• Service for checking app integrity with google by @Charl1996 in #91
• Additional Data for Push Notifications by @zandre-eng in #95
• kamal deploy by @calellowitz in #96
• add allowed cidr range by @calellowitz in #99
• Integrity check required decorator by @Charl1996 in #92
• Delete old messages by @hemant10yadav in #79
• Added sentry log for 401 by @hemant10yadav in #77
• Updates/refactors by @Charl1996 in #94
• Upload User Photos to S3 by @zandre-eng in #97
• Token Auth by @zandre-eng in #100
• Validate Firebase User ID Token by @zandre-eng in #98
• Specify account info instead of file path by @Charl1996 in #102
• Start configuration endpoint by @Charl1996 in #101
• Check name endpoint by @Charl1996 in #103
• Session User Class for Token Auth by @zandre-eng in #104
• remove api check by @Charl1996 in #105
• Specify scope for google cred by @Charl1996 in #107
• Fix the integrity response parsing by @Charl1996 in #109
• Allow reading app package from request by @Charl1996 in #110
• Add defaults to all fields when parsing by @Charl1996 in #111
• Verify backup code endpoint by @Charl1996 in https://github.com/dimagi/connect-i...