Rodauth v2.23.0 Release Notes

Release Date: 2022-04-22 // 27 days ago
    • Don't automatically set :httponly cookie option if :http_only option is set in remember feature (jeremyevans)

    • ๐Ÿ›  Fix invalid domain check in internal_request feature when using Rack 3 (jeremyevans)

    • ๐Ÿ‘‰ Make removing all multifactor authentication methods mark session as not authenticated by SMS (janko) (#235)

    • ๐Ÿ‘‰ Use use_path option when rendering QR code to svg in the otp feature, to reduce svg size (jeremyevans)


Previous changes from v2.22.0

    • Ignore parameters where the value includes a null byte by default, add null_byte_parameter_value configuration method for customization (jeremyevans)

    • ๐Ÿ– Handle sessions created before active_sessions feature was enabled during logout (jeremyevans) (#224)

    • Add reset_password_notify for emailing users after successful password resets (jeremyevans)

    • An email method can now be used in external features to DRY up email creation code (jeremyevans)

    • The change_password_notify feature now correctly handles template precompilation (jeremyevans)

    • ๐Ÿ›  Fix update_sms to update stored sms hash (bjeanes) (#222)