Authlogic v6.0.0 Release Notes

Release Date: 2020-03-23 // over 1 year ago
    • ๐Ÿ’ฅ Breaking Changes, Major

      • There is no longer a default crypto_provider. We still recommend SCrypt, but don't want users of other providers to be forced to install it. You must now explicitly specify your crypto_provider, eg. in your user.rb.

        acts_as_authentic do |c| c.crypto_provider = ::Authlogic::CryptoProviders::SCrypt end

      To continue to use the scrypt gem, add it to your Gemfile.

      gem "scrypt", "~> 3.0"
      
    • ๐Ÿ’ฅ Breaking Changes, Minor

      • To set your crypto provider, you must use crypto_provider=, not crypto_provider. The arity of the later has changed from -1 (one optional arg) to 0 (no arguments).
    • โž• Added

      • #702 - The ability to specify "None" as a valid SameSite attribute
    • ๐Ÿ›  Fixed

      • #686 - Respect the log_in_after_create setting when creating a new logged-out user
      • #668 - BCrypt user forced to load SCrypt
      • #697 - Add V2 CryptoProviders for MD5 and SHA schemes that fix key stretching by hashing the byte digests instead of the hex strings representing those digests
    • Dependencies

      • Drop support for ruby 2.3 (reached EOL on 2019-04-01)