All Versions
5
Latest Version
Avg Release Cycle
27 days
Latest Release
1517 days ago
Changelog History
Changelog History
-
v0.5.0 Changes
December 01, 2020➕ Added
- Integrate Pwned Passwords
- ➕ Add login idle timeout
- Validate the existence of records for foreign keys in save operations
- Add
Avram::Validations.validate_not_pwned
- Add
Avram::Validations.validate_http_url
- Add
Avram::Validations.validate_domain_label
- ➕ Add
Avram::Validations.validate_slug
- Add
Avram::Validations.validate_exists_by_id
- Add
Avram::Validations.validate_positive_number
- Add
Avram::Validations.validate_negative_number
- ➕ Add
Shield::SetToken
operation mixin - ➕ Add
Shield::AuthenticationColumns#inactive?
🔄 Changed
- Split action helpers and pipes into modules that may be used independently
- Rename
Avram::Validations.validate_subdomain
to.validate_domain_label
- Rename
bearer_login_id
attributes in basic operations toid
- Rename
email_confirmation_id
attributes in basic operations toid
- 📇 Rename
login_id
attributes in basic operations toid
- Rename
password_reset_id
attributes in basic operations toid
- 📇 Rename
user_id
attributes in basic operations toid
- Convert
Shield::DeleteSession(U)
to a non-genericShield::DeleteSession
-
v0.4.0 Changes
November 12, 2020In memory of Flt. Lt. J. J. Rawlings, who passed away today. May his soul rest in peace.
➕ Added
- Add Bearer authentication (RFC 6750).
- Add more Avram validation helpers
- ➕ Add documentation on integration with third-party authorization shards
- ➕ Add
Shield::SetSession
andShield::DeleteSession
operation mixins - ➕ Add
Shield::IpAddressColumn
model mixin - ➕ Add
Shield::NotifyLogin
operation mixin - ➕ Add
Shield::NotifyPasswordChange
operation mixin - ➕ Add
Shield::HasManyBearerLogins
model association mixin - ➕ Add
Shield::HasManyLogins
model association mixin - ➕ Add
Shield::HasManyPasswordResets
model association mixin - ➕ Add
Shield::HasOneUserOptions
model association mixin - ➕ Add
Shield::BelongsToUser
model association mixin - ➕ Add
Shield::HasOneCreateSaveUserOptions
andShield::HasOneUpdateSaveUserOptions
operation mixins - ➕ Add
Shield::NeverExpires
operation mixin - ➕ Add modules to delete authentication records, as an alternative to revoking them.
🛠 Fixed
- 🛠 Fix wrong flash type used when deleting user fails
- 🛠 Fix
#redirect_back
going back past the previous page sometimes - 🛠 Fix other users logged out when a given user's password changes
🔄 Changed
- Convert email confirmation into a database model
- ⬆️ Upgrade default hash for message encryptor/verifier from
SHA1
toSHA256
- ➕ Add
user : User
parameter toShield::AuthorizationPipes#authorize?
- 0️⃣ Return
403
status code, by default, for denied requests. - 📇 Rename
Shield::Logins
toShield::CurrentLogin
- Convert
EmailConfirmation#url
to a class method. - ✂ Remove required
id
param from password reset URL. - ⚙ Remove the second parameter from all
#do_run_operation_failed
action methods. - In development and test, automatically click email confirmation and password reset links.
✂ Removed
- ✂ Remove
password_confirmation
fields - ✂ Remove
status
column from authentication models - ✂ Remove
Shield::Error
-
v0.3.0 Changes
September 19, 2020➕ Added
- Add support for Lucky v0.24.0
- 👍 Allow sending welcome emails
- ➕ Add
Shield::DeleteUser
operation - ➕ Add
Shield::Users::Destroy
action - Forward nested save operation errors to the parent operation
🔄 Changed
- ➕ Add global
bcryp_cost
setting; defaults to12
- ➕ Add
salt : Bool
parameter toShield::CryptoHelper#hash_sha256
- Rename the generated methods in
Avram::NestedSaveOperation
's has one macros
✂ Removed
- Drop support for Lucky versions lower than v0.24.0
- ✂ Remove required
RegisterEmailConfirmationCurrentUser
andUpdateEmailConfirmationCurrentUser
- Remove
record
parameter from the generated nested operation method inAvram::NestedSaveOperation.has_one_update
🛠 Fixed
- 🛠 Fix user enumeration during user registration
- 🛠 Fix flash messages not showing after a redirect
-
v0.2.0 Changes
August 29, 2020➕ Added
- ➕ Add email confirmation
- ➕ Add support for return URL (a session value to redirect back to)
🔄 Changed
- Introduce
Shield::Session
as base type for all session wrappers - 👌 Improve previous page determination
- Rename
*_hash
columns to*_digest
.
🛠 Fixed
- 🛠 Fix
#redirect_back
redirecting to login page - 🛠 Fix invalid HTTP date format for "Expires" header in
#disable_cache
action pipe
-
v0.1.0 Changes
August 15, 2020➕ Added
- 🎉 Initial public release