Rodauth v1.21.0 Release Notes

Release Date: 2019-07-24 // 4 months ago
    • 👌 Support rotp 5.1 in the otp feature (jeremyevans)

    • 🌲 Log user out when locking out OTP account if no fallback options available (jeremyevans)


Previous changes from v1.20.0

    • 👌 Support rotp 5 in the otp feature (jeremyevans)

    • ➕ Add jwt_refresh feature to allow shorter lived JWTs with a refresh token for creating new JWTs (allavena, jeremyevans) (#28)

    • Fix disallow_password_reuse feature when account_password_hash_column is not set and verify_account feature is not used (cptaffe) (#59)

    • Rename no_matching_email_auth_key_message to no_matching_email_auth_key_error_flash for consistency (jeremyevans)

    • Rename no_matching_verify_login_change_key_message to no_matching_verify_login_change_key_error_flash for consistency (jeremyevans)

    • Rename attempt_to_login_to_unverified_account_notice_message to attempt_to_login_to_unverified_account_error_flash for consistency (jeremyevans)

    • Rename attempt_to_create_unverified_account_notice_message to attempt_to_create_unverified_account_error_flash for consistency (jeremyevans)

    • Rename no_matching_verify_account_key_message to no_matching_verify_account_key_error_flash for consistency (jeremyevans)

    • Rename no_matching_unlock_account_key_message to no_matching_unlock_account_key_error_flash for consistency (jeremyevans)

    • Rename no_matching_reset_password_key_message to no_matching_reset_password_key_error_flash for consistency (jeremyevans)

    • Add otp_keys_use_hmac? and otp_setup_raw_param configuration methods to the otp feature for configuring use of HMACs with OTP authentication (jeremyevans)

    • Do not set a previous account password before password has been set when using disallow_password_reuse with verify_account_set_password? (jeremyevans)

    • Add allow_raw_single_session_key? to single_session feature to allow raw single single session tokens, for graceful transition (jeremyevans)

    • Add raw_remember_token_deadline to remember feature to allow raw remember tokens before given deadline, for graceful transition (jeremyevans)

    • Add allow_raw_email_token? configuration method to email_base feature to allow raw tokens when email_token_hmac_secret is set, for graceful transition (jeremyevans)

    • ➕ Add hmac_secret configuration method, used for additional security using HMACs (jeremyevans)

    • 💎 Use urlsafe base64 for new token keys on Ruby 1.8 (jeremyevans)

    • Add login_input_type configuration method for setting the input type for login inputs (jeremyevans)

    • Add formatted_field_error configuration method for formatting error messages (jeremyevans)

    • Add field_error_attributes configuration method for configuring attributes for fields with errors (jeremyevans)

    • ➕ Add field_attributes configuration method for configuring attributes for specific fields (jeremyevans)

    • Add default_field_attributes configuration method to set default attributes for all input fields (jeremyevans)

    • 0️⃣ Make error handling accessible by default using aria-invalid and aria-describedby attributes (jeremyevans)

    • Add mark_input_fields_as_required? configuration method for whether inputs should use the required attribute (jeremyevans)

    • Add input_field_error_message_class configuration method for the CSS class used for error messages (jeremyevans)

    • 💅 Wrap all error messages in a span so they can be styled (jeremyevans)

    • Add input_field_error_class configuration method for customizing CSS class to use for inputs with errors (jeremyevans)

    • Add input_field_label_suffix configuration method for suffixing all input labels, useful for labeling fields as required (jeremyevans)

    • Add verify_account_resend_explanatory_text configuration method to verify_account feature for configuring text (jeremyevans)

    • Add unlock_account_explanatory_text and unlock_account_request_explanatory_text configuration methods to lockout feature for configuring text (jeremyevans)

    • Add reset_password_explanatory_text configuration method to reset_password feature for configuring text (jeremyevans)

    • Add otp_provisioning_uri_label and otp_secret_label configuration methods to otp feature for configuring labels displayed during OTP setup (jeremyevans)

    • Add add_recovery_codes_heading configuration method to recovery_codes feature for configuring heading text (jeremyevans)

    • Use define_method instead of instance_exec for route dispatching for better performance (jeremyevans)

    • Add already_an_account_with_this_login_message configuration method (1gor) (#54)