Update django-allauth to 64.2.1

[pyup-bot]

This PR updates django-allauth[mfa] from 64.2.0 to 64.2.1.

Changelog

64.2.1

*******************

Fixes
-----

- Verifying the email address by clicking on the link would no longer log you in, even
in case of ``ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION = True``.


Security notice
---------------

- It was already the case that you could not enable TOTP 2FA if your account had
unverified email addresses. This is necessary to stop a user from claiming
email addresses and locking other users out. This safety check is now added to
WebAuthn security keys as well.

- In case a user signs in into an account using social account email
authentication (``SOCIALACCOUNT_EMAIL_AUTHENTICATION``) and the email used is
not verified, the password of the account is now wiped (made unusable) to
prevent the person that created the account (without verifying it) from
signing in.

Links

• PyPI: https://pypi.org/project/django-allauth
• Changelog: https://data.safetycli.com/changelogs/django-allauth/
• Homepage: https://allauth.org