Update django-allauth to 65.2.0

[pyup-bot]

This PR updates django-allauth[mfa] from 65.1.0 to 65.2.0.

Changelog

65.2.0

*******************

Note worthy changes
-------------------

- OIDC: You can now configure whether or not PKCE is enabled per app by
including ``"oauth_pkce_enabled": True`` in the app settings.

- The OpenStreetMap provider is deprecated. You can set it up as an OpenID Connect provider instead.


Fixes
-----

- A ``NoReverseMatch`` could occur when using ``ACCOUNT_LOGIN_BY_CODE_REQUIRED =
True`` while ``ACCOUNT_LOGIN_BY_CODE_ENABLED = False``, fixed.

- The ``PasswordResetDoneView`` did not behave correctly when using Django's
``LoginRequiredMiddleware``, as it was not properly marked as
``login_not_required``.

- When verifying an email address by code, the success URL was hardcoded to the
email management view, instead of calling the
``get_email_verification_redirect_url()`` adapter method.


Security notice
---------------

- Headless: ``settings.ACCOUNT_EMAIL_VERIFICATION_BY_CODE_MAX_ATTEMPTS`` was not
enforced, fixed.  Note that the related verification endpoint will return a
409 in case the maximum limit is exceeded, as at that point the pending email
verification stage is aborted.

Links

• PyPI: https://pypi.org/project/django-allauth
• Changelog: https://data.safetycli.com/changelogs/django-allauth/
• Homepage: https://allauth.org