Rodauth v1.5.0 Release Notes

Release Date: 2016-09-22 // about 3 years ago
    • 👻 Return error instead of raising exception in the jwt feature if an invalid jwt format is submitted in the Authorization header (jeremyevans)

    • Add jwt_authorization_remove configuration method to jwt feature, for regexp to remove from Authorization header before JWT processing (jeremyevans)

    • Add jwt_authorization_ignore configuration method to jwt feature, for regexp to skip processing of JWTs in Authorization header (jeremyevans)

    • Add json_accept_regexp configuration method to jwt feature, for the regexp used to match against the Accept header (jeremyevans)

    • ➕ Add use_jwt? configuration method to jwt feature, for whether to use the JWT token or rack session for authentication information (jeremyevans)

    • Add jwt_check_accept? configuration method to jwt feature, to return 406 error if Accept header is present and json is not accepted (jeremyevans)

    • Add json_response_content_type configuration method to jwt feature, for the content type to set for json responses, default to application/json (jeremyevans)

    • Add json_request_content_type_regexp configuration method to the jwt feature, for the regexp that recognize a request as a json request (jeremyevans)

    • ➕ Add session_jwt method to the jwt feature, which returns a string for the encoded JWT for the current session (jeremyevans)

    • If the only_json? setting is true, return a 400 error if the request content type to a rodauth endpoint is not json (jeremyevans)

    • 0️⃣ The only_json? setting in the jwt feature is now only true by default if :json=>:only plugin option was used (jeremyevans)

    • Don't have jwt feature break if HTTP Basic/Digest authentication is used (jeremyevans)

    • ➕ Add template_opts configuration method, for overriding view/method options (jeremyevans)