All Versions
46
Latest Version
Avg Release Cycle
45 days
Latest Release
70 days ago

Changelog History
Page 1

  • v2.17.0 Changes

    September 24, 2021
    • Make jwt_refresh work correctly with verify_account_grace_period (jeremyevans)

    • 👉 Use 4xx status code when attempting to login to or create an unverified account (janko) (#177, #178)

  • v2.16.0 Changes

    August 23, 2021
    • ➕ Add Rodauth.lib for using Rodauth as a library (jeremyevans)

    • 🔧 Make internal_request feature work if the configuration uses only_json? true (janko) (#176)

  • v2.15.0 Changes

    July 27, 2021
    • Add path_class_methods feature, for getting paths/URLs using class methods (jeremyevans)

    • 🔧 Make default base_url method use configured domain (janko) (#171)

    • ➕ Add internal_request feature, for interacting with Rodauth by calling methods (jeremyevans, janko)

  • v2.14.0 Changes

    June 22, 2021
    • 👉 Make jwt_refresh feature allow refresh with expired access tokens even if prefix is not set correctly (jeremyevans) (#168)

    • Make internal account_in_unverified_grace_period? method handle accounts missing or unverified accounts (janko, jeremyevans) (#167)

    • Add remembered_session_id configuration method for getting session id from valid remember token if present (bjeanes) (#166)

  • v2.13.0 Changes

    May 22, 2021
    • 👍 Make jwt_refresh expired access token support work when using rodauth.check_active_sessions before calling r.rodauth (renchap) (#165)

    • ⚡️ Update default templates to add classes for Bootstrap 5 compatibility (janko) (#164)

    • Add set_error_reason configuration method to allow applications more finer grained error handling (renchap, jeremyevans) (#162)

  • v2.12.0 Changes

    April 22, 2021
    • ➕ Add configuration methods to active_sessions plugin to control the inserting and updating of rows (janko) (#159)
  • v2.11.0 Changes

    March 22, 2021
    • Add same_as_current_login_message and contains_null_byte_message configuration methods to increase translatability (dmitryzuev) (#158)

    • 👍 Allow the rodauth plugin to be loaded without a block (janko) (#157)

    • 👉 Use new-password autocomplete value for the password fields on the reset password form (basabin54) (#155)

    • 👌 Support :auth_class plugin option, to use a specific class instead of creating a Rodauth::Auth subclass (janko) (#153)

    • 🔧 Make Rodauth configuration work correctly if the rodauth plugin is loaded more than once (janko) (#152)

  • v2.10.0 Changes

    February 22, 2021
    • ➕ Add argon2 feature to allow use of the argon2 password hash algorithm instead of bcrypt (AlexeyMatskevich, jeremyevans) (#147)

    • Avoid unnecessary previous password queries when using disallow_password_reuse feature with create_account or verify_account features (AlexeyMatskevich, jeremyevans) (#148)

  • v2.9.0 Changes

    January 22, 2021
    • 👍 Split jwt feature into json and jwt features, with the json feature using standard session support (janko, jeremyevans) (#145)

    • 0️⃣ Mark remember cookie as only transmitted over HTTPS by default if created via an HTTPS request (janko) (#144)

  • v2.8.0 Changes

    January 06, 2021
    • 🔒 [SECURITY] Set HttpOnly on remember cookie by default so it cannot be accessed by Javascript (janko) (#142)

    • 🔌 Clear JWT session when rodauth.clear_session is called if the Roda sessions plugin is used (janko) (#140)