Shield v0.4.0 Release Notes
Release Date: 2020-11-12 // almost 3 years ago-
In memory of Flt. Lt. J. J. Rawlings, who passed away today. May his soul rest in peace.
➕ Added
- Add Bearer authentication (RFC 6750).
- Add more Avram validation helpers
- ➕ Add documentation on integration with third-party authorization shards
- ➕ Add
Shield::SetSessionandShield::DeleteSessionoperation mixins - ➕ Add
Shield::IpAddressColumnmodel mixin - ➕ Add
Shield::NotifyLoginoperation mixin - ➕ Add
Shield::NotifyPasswordChangeoperation mixin - ➕ Add
Shield::HasManyBearerLoginsmodel association mixin - ➕ Add
Shield::HasManyLoginsmodel association mixin - ➕ Add
Shield::HasManyPasswordResetsmodel association mixin - ➕ Add
Shield::HasOneUserOptionsmodel association mixin - ➕ Add
Shield::BelongsToUsermodel association mixin - ➕ Add
Shield::HasOneCreateSaveUserOptionsandShield::HasOneUpdateSaveUserOptionsoperation mixins - ➕ Add
Shield::NeverExpiresoperation mixin - ➕ Add modules to delete authentication records, as an alternative to revoking them.
🛠 Fixed
- 🛠 Fix wrong flash type used when deleting user fails
- 🛠 Fix
#redirect_backgoing back past the previous page sometimes - 🛠 Fix other users logged out when a given user's password changes
🔄 Changed
- Convert email confirmation into a database model
- ⬆️ Upgrade default hash for message encryptor/verifier from
SHA1toSHA256 - ➕ Add
user : Userparameter toShield::AuthorizationPipes#authorize? - 0️⃣ Return
403status code, by default, for denied requests. - 📇 Rename
Shield::LoginstoShield::CurrentLogin - Convert
EmailConfirmation#urlto a class method. - ✂ Remove required
idparam from password reset URL. - ⚙ Remove the second parameter from all
#do_run_operation_failedaction methods. - In development and test, automatically click email confirmation and password reset links.
✂ Removed
- ✂ Remove
password_confirmationfields - ✂ Remove
statuscolumn from authentication models - ✂ Remove
Shield::Error