Clearance v2.1.0 Release Notes
Release Date: 2019-12-19 // over 4 years ago-
โ Added
- โ Add a
parent_controller
configuration option to specify the controller that Clearance'sBaseController
will inherit from. Defaults to a value ofApplicationController
. - Use the configured
primary_key_type
from the Active Record settings of the project including Clearance, if it is set, while generating migrations. For example, a setting of:uuid
in a Rails app using Clearance will cause the clearance-generated migrations to use this for theusers
table id type.
๐ Fixed
- โ Delete cookies correctly when a custom domain setting is being used.
- Do not set the authorization cookie on requests which did not exercise the authorization code. Reduces the chances of leaving an auth cookie in a publicly cacheable page that didn't require authorization to access.
๐ Changed
- โก๏ธ Update the
email_validator
gem to a newer version embrace the more relaxed email validation options which it now defaults to. - When a password reset request is submitted without an email address, a flash alert is now provided. Previously this continued silently as though it had worked. We still proceed that way when there is an invalid (but present) value, so as not to reveal existent vs. non-existent emails in the database.
โ Removed
- โ Remove an unused route to
passwords#create
nested underusers
. - No longer include the (rarely used in practice) application layout as part of the views installer; but continue to provide some stock sign-in/out and flash partial code in the gem installation README output.
๐ Deprecated
- Remove the existing deprecation notice around the
rotate_csrf_on_sign_in
setting, and make that setting default to true.
- โ Add a