rodauth-rails 1.14.1 → 1.15.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (50) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +40 -40
  3. data/lib/generators/rodauth/install_generator.rb +6 -22
  4. data/lib/generators/rodauth/mailer/email_auth.erb +6 -0
  5. data/lib/generators/rodauth/mailer/otp_disabled.erb +6 -0
  6. data/lib/generators/rodauth/mailer/otp_locked_out.erb +6 -0
  7. data/lib/generators/rodauth/mailer/otp_setup.erb +6 -0
  8. data/lib/generators/rodauth/mailer/otp_unlock_failed.erb +6 -0
  9. data/lib/generators/rodauth/mailer/otp_unlocked.erb +6 -0
  10. data/lib/generators/rodauth/mailer/password_changed.erb +6 -0
  11. data/lib/generators/rodauth/mailer/reset_password.erb +6 -0
  12. data/lib/generators/rodauth/mailer/reset_password_notify.erb +6 -0
  13. data/lib/generators/rodauth/mailer/unlock_account.erb +6 -0
  14. data/lib/generators/rodauth/mailer/verify_account.erb +6 -0
  15. data/lib/generators/rodauth/mailer/verify_login_change.erb +7 -0
  16. data/lib/generators/rodauth/mailer/webauthn_authenticator_added.erb +6 -0
  17. data/lib/generators/rodauth/mailer/webauthn_authenticator_removed.erb +6 -0
  18. data/lib/generators/rodauth/mailer_generator.rb +126 -0
  19. data/lib/generators/rodauth/migration/active_record/audit_logging.erb +2 -2
  20. data/lib/generators/rodauth/migration/active_record/jwt_refresh.erb +0 -1
  21. data/lib/generators/rodauth/migration/active_record/otp_unlock.erb +7 -0
  22. data/lib/generators/rodauth/migration/sequel/audit_logging.erb +2 -2
  23. data/lib/generators/rodauth/migration/sequel/jwt_refresh.erb +1 -1
  24. data/lib/generators/rodauth/migration/sequel/otp_unlock.erb +6 -0
  25. data/lib/generators/rodauth/migration_generator.rb +3 -3
  26. data/lib/generators/rodauth/templates/INSTRUCTIONS +8 -2
  27. data/lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb.tt +4 -50
  28. data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt +5 -26
  29. data/lib/generators/rodauth/templates/app/models/account.rb.tt +1 -1
  30. data/lib/generators/rodauth/templates/app/views/rodauth/otp_unlock.html.erb +21 -0
  31. data/lib/generators/rodauth/templates/app/views/rodauth/otp_unlock_not_available.html.erb +5 -0
  32. data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/otp_unlock.html.erb +22 -0
  33. data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/otp_unlock_not_available.html.erb +14 -0
  34. data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_remove.html.erb +1 -0
  35. data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb +1 -0
  36. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/otp_disabled.text.erb +2 -0
  37. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/otp_locked_out.text.erb +9 -0
  38. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/otp_setup.text.erb +2 -0
  39. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/otp_unlock_failed.text.erb +8 -0
  40. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/otp_unlocked.text.erb +2 -0
  41. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/webauthn_authenticator_added.text.erb +3 -0
  42. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/webauthn_authenticator_removed.text.erb +3 -0
  43. data/lib/generators/rodauth/views_generator.rb +2 -1
  44. data/lib/rodauth/rails/feature/base.rb +2 -1
  45. data/lib/rodauth/rails/feature/instrumentation.rb +12 -6
  46. data/lib/rodauth/rails/feature/internal_request.rb +16 -6
  47. data/lib/rodauth/rails/version.rb +1 -1
  48. data/rodauth-rails.gemspec +4 -4
  49. metadata +35 -8
  50. data/CHANGELOG.md +0 -570
data/CHANGELOG.md DELETED
@@ -1,570 +0,0 @@
1
- ## 1.14.1 (2024-05-15)
2
-
3
- * Fix matching on account status when passing Active Record object to `Rodauth::Rails.account` (@dush)
4
-
5
- ## 1.14.0 (2024-04-09)
6
-
7
- * Allow declaring controller callbacks for specific Rodauth routes via `:only` and `:except` keyword arguments (@janko)
8
-
9
- * Instrument Rodauth controller and route name instead of `RodauthApp#call` on Rodauth requests (@janko)
10
-
11
- * Remove custom `#inspect` from Rodauth app middleware subclass in favour of Ruby 3.3+ `Module#set_temporary_name` (@janko)
12
-
13
- * Fix `data-turbo="false"` being added in the wrong place in reset password request form on login validation errors (@janko)
14
-
15
- * Fix format being inferred from `Accept` header instead URL path when calling `http_basic_auth` in the Rodauth middleware (@janko)
16
-
17
- * Retrieve auth class through the Rodauth app in generated account fixtures (@janko)
18
-
19
- * Use `include Rodauth::Rails.model` again in generated account model (@janko)
20
-
21
- * Avoid generated `convert_token_id_to_integer?` causing tokens to get silently rejected after switching to UUIDs (@janko)
22
-
23
- * Allow referencing custom column attributes on `rails_account` during account creation (@janko)
24
-
25
- * Drop support for Ruby 2.3 and 2.4 (@janko)
26
-
27
- ## 1.13.0 (2023-12-25) :christmas_tree:
28
-
29
- * Add `#rodauth` method to controller test helpers (@janko)
30
-
31
- * When session middleware is required by Rodauth but missing, point to Rails docs instead of Roda (@janko)
32
-
33
- * Set `login_confirm_param` to `"email-confirm"` in default configuration for consistency (@janko)
34
-
35
- * Set `convert_token_id_to_integer?` in default configuration to avoid DB queries on boot (@janko)
36
-
37
- ## 1.12.0 (2023-10-20)
38
-
39
- * Allow generating view template for `confirm_password` feature (igor-alexandrov)
40
-
41
- * Forward all requests unhandled by the Rodauth app to the Rails router (@janko)
42
-
43
- * Use `Rodauth::Model()` directly for including in generated account model (@janko)
44
-
45
- * Set `{jwt,argon2}_secret` to `hmac_secret` on `rodauth:install` with `--{jwt,argon2}` (@janko)
46
-
47
- * Expose `#turbo_stream` method in `Rodauth::Rails::Auth` when using turbo-rails gem (@janko)
48
-
49
- * Add `#rails_cookies` method for accessing the Action Dispatch cookie jar (@janko)
50
-
51
- ## 1.11.0 (2023-08-21)
52
-
53
- * Exclude WebAuthn JS routes in `rodauth:routes`, since those stop being relevant with custom JS (@janko)
54
-
55
- * Separate HTTP verbs with `|` symbol in `rodauth:routes` for consistency with `rails routes` (@janko)
56
-
57
- * Include two factor manage & auth JSON POST routes in `rodauth:routes` task (@janko)
58
-
59
- * Make `rodauth:routes` rake task appear in `rails -T` list (@janko)
60
-
61
- * Accept plugin options in `Rodauth::Rails.lib` (@janko)
62
-
63
- * Support skipping loading Roda `render` plugin by passing `render: false` (@janko)
64
-
65
- ## 1.10.0 (2023-07-26)
66
-
67
- * Add `Rodauth::Rails.lib` for easier usage of Rodauth as a library in Rails apps (@janko)
68
-
69
- ## 1.9.0 (2023-05-22)
70
-
71
- * Add support for webauthn_autofill feature to the views generator (@janko)
72
-
73
- * Generate view templates for two_factor_base feature only if explicitly specified (@janko)
74
-
75
- * Set `login_param "email"` in generated Rodauth configuration (@janko)
76
-
77
- * Handle Trilogy adapter in generators (@janko)
78
-
79
- * Use `email_subject_prefix` in generated mailer (@janko)
80
-
81
- * Fix typo in `unlock_account` email template (@zavan)
82
-
83
- * Retrieve current account using `account!` in `#rails_account` method (@janko)
84
-
85
- * Drop support for Rails 4.2 (@janko)
86
-
87
- ## 1.8.0 (2023-02-25)
88
-
89
- * Add table argument to `rodauth:install` generator (@janko)
90
-
91
- * Add `--prefix` option to `rodauth:migration` generator for choosing table prefix (@janko)
92
-
93
- * Add `--argon2` option to `rodauth:install` generator for configuring password hashing using Argon2 (@janko)
94
-
95
- * Move generated Sequel setup from initializer into the Rodauth configuration for faster boot time (@janko)
96
-
97
- * Use `email_to` and `email_from` Rodauth methods in generated mailer (@janko)
98
-
99
- * Add missing foreign key constraint in `email_auth` Active Record migration (@janko)
100
-
101
- * Correctly retrieve JSON request body when using Falcon (@janko)
102
-
103
- * Render validation error correctly in generated `webauthn_remove` Tailwind template (@janko)
104
-
105
- ## 1.7.1 (2023-01-25)
106
-
107
- * Make internal_request integration work on Rack 3.x (@janko)
108
-
109
- * Add missing Tailwind templates for WebAuthn feature (@janko)
110
-
111
- * Use renamed `webauthn_credential_options_for_get` method in generated `webauthn_auth` template (@janko)
112
-
113
- * Fix generated `webauthn_setup` template not working with webauthn_verify_account feature (@janko)
114
-
115
- * Hide text fields in generated `webauthn_{setup,auth}` templates (@janko)
116
-
117
- * Fix loading JavaScript for WebAuthn in generated `webauthn_{setup,auth}` templates (@janko)
118
-
119
- * Make built-in mailer work in Rails 6.x on Ruby 3.2 (@janko)
120
-
121
- ## 1.7.0 (2022-12-21)
122
-
123
- * Add Tailwind CSS templates to `rodauth:views` generator via the `--css=tailwind` option (@benkoshy, @janko)
124
-
125
- ## 1.6.4 (2022-11-24)
126
-
127
- * Make `#rails_account` work on directly allocated Rodauth object with `@account` set (@janko)
128
-
129
- * Add commented out email configuration for `password_reset_notify` feature (@janko)
130
-
131
- * Design generated mailer in a way that exposes the Rodauth object (@janko)
132
-
133
- * Fix generated logout page always logging out globally when using active sessions feature (@janko)
134
-
135
- ## 1.6.3 (2022-11-15)
136
-
137
- * Suggest passing an integer to `verify_account_grace_period` instead of `ActiveSupport::Duration` (@vlado)
138
-
139
- * Use `pass` plugin for forwarding other `{prefix}/*` requests when automatically routing the prefix (@janko)
140
-
141
- * Set minimum password length to 8 in the generated configuration, as per OWASP recommendation (@janko)
142
-
143
- * Set maximum password bytesize to 72 in the generated configuration, as bcrypt truncates inputs longer than 72 bytes (@janko)
144
-
145
- ## 1.6.2 (2022-09-19)
146
-
147
- * Use matching precision for current timestamp default values in Active Record 7.0+ migrations on MySQL (@janko)
148
-
149
- ## 1.6.1 (2022-09-19)
150
-
151
- * Fix argument error when calling `RodauthMailer` in default configuration (@janko)
152
-
153
- ## 1.6.0 (2022-09-14)
154
-
155
- * Avoid creating IDENTITY columns for primary foreign keys on SQL Server with Active Record (@janko)
156
-
157
- * Make configuration name argument required in generated `RodauthMailer` (@janko)
158
-
159
- * Make the Rails integration work without Action Mailer loaded (@janko)
160
-
161
- * Don't redirect to login page when account is missing in `current_account` method (@janko)
162
-
163
- ## 1.5.5 (2022-08-04)
164
-
165
- * Don't raise `ArgumentError` when calling `#current_account` without being logged in (@benkoshy)
166
-
167
- * Abort `rodauth:views` generator when unknown feature was specified (@janko)
168
-
169
- * Abort `rodauth:migration` generator when unknown feature was specified (@janko)
170
-
171
- ## 1.5.4 (2022-07-21)
172
-
173
- * Generate account fixtures in `spec/fixtures` directory when using RSpec (@benkoshy)
174
-
175
- * Generate account fixtures in `test/fixtures` directory instead of `app/test/fixtures` (@benkoshy)
176
-
177
- * Use string status column values in generated accounts fixture (@janko)
178
-
179
- * Create integer status column in generated Sequel migration (@janko)
180
-
181
- * Store password hash in accounts table in generated Sequel migration (@janko)
182
-
183
- ## 1.5.3 (2022-07-21)
184
-
185
- *Yanked*
186
-
187
- ## 1.5.2 (2022-07-03)
188
-
189
- * Bump Rodauth dependency version to 2.25+ (@janko)
190
-
191
- * Generate fixture file for accounts on `rodauth:install` (@benkoshy)
192
-
193
- * Fix error about undefined `controller_path` method in `newrelic_rpm` gem instrumentation (@janko)
194
-
195
- * Don't display disabled routes in `rodauth:routes` (@janko)
196
-
197
- * Display HTTP verbs of endpoints in `rodauth:routes` rake task (@janko)
198
-
199
- ## 1.5.1 (2022-06-19)
200
-
201
- * Fix syntax for creating `citext` PG extension in Sequel base migration (@Empact)
202
-
203
- ## 1.5.0 (2022-06-11)
204
-
205
- * Remove `content_for` calls from generated view templates (@janko)
206
-
207
- * Set title instance variable to `@page_title` in generated configuration (@janko)
208
-
209
- * Set title instance variable on the controller when `title_instance_variable` is set (@HoneyryderChuck)
210
-
211
- ## 1.4.2 (2022-05-15)
212
-
213
- * Stop passing email addresses in mailer arguments on verifying login change (@janko)
214
-
215
- * Extract finding account into a method in the generated mailer (@janko)
216
-
217
- * Make generated Action Mailer integration work with secondary Rodauth configurations (@janko)
218
-
219
- * Include `Rodauth::Rails.model` in generated Sequel account model as well (@janko)
220
-
221
- ## 1.4.1 (2022-05-08)
222
-
223
- * Deprecate `Rodauth::Rails::Model` constant (@janko)
224
-
225
- * Remove `Rodauth::Rails::Auth#associations` in favour of new association registration API (@janko)
226
-
227
- * Extract model mixin into the rodauth-model gem (@janko)
228
-
229
- ## 1.4.0 (2022-05-04)
230
-
231
- * Move association definitions to `#associations` Rodauth method, allowing external features to extend them (@janko)
232
-
233
- * Add Sequel support for generating database migrations, model, and mailer (@janko)
234
-
235
- * Skip calling Rodauth app on asset requests when using Sprockets or Propshaft (@janko)
236
-
237
- ## 1.3.1 (2022-04-22)
238
-
239
- * Ensure response status is logged when calling a halting rodauth method inside a controller (@janko)
240
-
241
- ## 1.3.0 (2022-04-01)
242
-
243
- * Store password hash on the `accounts` table in generated Rodauth migration and configuration (@janko)
244
-
245
- * Add support for controller testing with Minitest or RSpec (@janko)
246
-
247
- * Fix `enum` declaration in generated `Account` model for Active Record < 7.0 (@janko)
248
-
249
- * Ensure `require_login_redirect` points to the login page even if the login route changes (@janko)
250
-
251
- ## 1.2.2 (2022-02-22)
252
-
253
- * Fix flash messages not being preserved through consecutive redirects (@janko)
254
-
255
- ## 1.2.1 (2022-02-19)
256
-
257
- * Change `accounts.status` column type from string to integer (@zhongsheng)
258
-
259
- ## 1.2.0 (2022-02-11)
260
-
261
- * Work around Active Record 4.2 not supporting procs for literal SQL column default (@janko)
262
-
263
- * Avoid re-fetching the account in `#current_account` when it has already been fetched by Rodauth (@janko)
264
-
265
- * Extract `#current_account` helper functionality into `#rails_account` Rodauth method (@janko)
266
-
267
- * Use default account status values in generated configuration, with enum on `Account` model (@janko)
268
-
269
- ## 1.1.0 (2022-01-16)
270
-
271
- * Automatically route the path prefix in `r.rodauth` if one has been set (@janko)
272
-
273
- ## 1.0.0 (2021-12-25)
274
-
275
- * Set Rodauth's email subject in the generated mailer (@janko)
276
-
277
- * Raise error when outside of a request and `config.action_mailer.default_url_options` is unset (@janko)
278
-
279
- * Avoid method re-definition warnings with named auth classes caused by `post_configure` being called twice (@janko)
280
-
281
- * Don't modify `config.action_mailer.default_url_options` when `:protocol` is missing (@janko)
282
-
283
- * Move `Rodauth::Rails.url_options` into `Rodauth::Auth#rails_url_options` (@janko)
284
-
285
- * Generate named auth classes in `rodauth:install` generator (@janko)
286
-
287
- * Generate `rodauth_app.rb` in `app/misc` directory (@janko)
288
-
289
- * Add `--name` option to `rodauth:migration` generator (@janko)
290
-
291
- * Disable Turbo in all built-in and generated views (@janko)
292
-
293
- * Modify generated mailer integration to generate URLs according to `default_url_options` (@janko)
294
-
295
- * Skip Active Record files in `rodauth:install` if `ActiveRecord::Railtie` is not defined (@janko)
296
-
297
- * Stop loading `pass` plugin in `Rodauth::Rails::App` (@janko)
298
-
299
- * Remove deprecated `:query` and `:form` options in `Rodauth::Rails.rodauth` (@janko)
300
-
301
- * Require internal_request feature to be enabled in `Rodauth::Rails.rodauth` (@janko)
302
-
303
- ## 0.18.1 (2021-12-16)
304
-
305
- * Loosen Rails gem dependency to allow Rails 7.x (Intrepidd)
306
-
307
- ## 0.18.0 (2021-11-05)
308
-
309
- * Disable Turbo on the generated login form (@janko)
310
-
311
- * Generate controller views with `form_with` helper on Rails 5.1+ (@janko)
312
-
313
- * Fix missing layout error when rendering Rodauth's built-in templates when using Turbo on Rails 6.0+ (@janko)
314
-
315
- * Fix `Rodauth::Rails.middleware` config not actually affecting middleware insertion (@janko)
316
-
317
- * Set page titles in generated view templates (@janko)
318
-
319
- * Merge field and button partials into view templates (@janko)
320
-
321
- * Raise error for unknown configuration in `Rodauth::Rails.model` (@janko)
322
-
323
- * Generate views for all enabled features by default in `rodauth:views` generator (@janko)
324
-
325
- * Add `Rodauth::Rails::App.rodauth!` which raises an error for unknown configuration (@janko)
326
-
327
- * Remove deprecated `--features` option from `rodauth:views` generator (@janko)
328
-
329
- * Inline `_recovery_codes_form.html.erb` partial into `recovery_codes.html.erb` (@janko)
330
-
331
- * Use Rodauth helper methods for texts in generated views, for easier i18n (@janko)
332
-
333
- * Allow setting passing a `Sequel::Model` to `:account` in `Rodauth::Rails.rodauth` (@janko)
334
-
335
- ## 0.17.1 (2021-10-20)
336
-
337
- * Skip checking CSRF when request forgery protection wasn't loaded on the controller (@janko)
338
-
339
- * Create partial unique index for `accounts.email` column when using `sqlite3` adapter (@janko)
340
-
341
- * Revert setting `delete_account_on_close?` to `true` in generated `rodauth_app.rb` (@janko)
342
-
343
- * Disable Turbo in `_recovery_codes_form.html.erb`, since viewing recovery codes isn't Turbo-compatible (@janko)
344
-
345
- * Generate JSON configuration on `rodauth:install` for API-only with sessions enabled (@janko)
346
-
347
- * Generate JWT configuration on `rodauth:install` only for API-only apps without sessions enabled (@janko)
348
-
349
- * Don't generate JWT configuration when `rodauth:install --json` was run in API-only app (@janko)
350
-
351
- * Use `config.action_mailer.default_url_options` in path_class_methods feature (@janko)
352
-
353
- ## 0.17.0 (2021-10-05)
354
-
355
- * Set `delete_account_on_close?` to `true` in generated `rodauth_app.rb` (@janko)
356
-
357
- * Change default `:dependent` option for associations to `:delete`/`:delete_all` (@janko)
358
-
359
- * Add `rails_account_model` configuration method for when the account model cannot be inferred (@janko)
360
-
361
- ## 0.16.0 (2021-09-26)
362
-
363
- * Add `#current_account` to methods defined on `ActionController::Base` (@janko)
364
-
365
- * Add missing template for verify_login_change feature to `rodauth:views` generator (@janko)
366
-
367
- * Add `#rodauth_response` controller method for converting rodauth responses into controller responses (@janko)
368
-
369
- ## 0.15.0 (2021-07-29)
370
-
371
- * Add `Rodauth::Rails::Model` mixin that defines password attribute and associations on the model (@janko)
372
-
373
- * Add support for the new internal_request feature (@janko)
374
-
375
- * Implement `Rodauth::Rails.rodauth` in terms of the internal_request feature (@janko)
376
-
377
- ## 0.14.0 (2021-07-10)
378
-
379
- * Speed up template rendering by only searching formats accepted by the request (@janko)
380
-
381
- * Add `--name` option to `rodauth:views` generator for specifying different rodauth configuration (@janko)
382
-
383
- * Infer correct template path from configured controller in `rodauth:views` generator (@janko)
384
-
385
- * Raise `ArgumentError` if undefined rodauth configuration is passed to `Rodauth::Rails.app` (@janko)
386
-
387
- * Make `#rails_controller` method on the rodauth instance public (@janko)
388
-
389
- * Remove `--directory` option from `rodauth:views` generator (@janko)
390
-
391
- * Remove `#features` and `#routes` writer and `#configuration` reader from `Rodauth::Rails::Auth` (@janko)
392
-
393
- ## 0.13.0 (2021-06-10)
394
-
395
- * Add `:query`, `:form`, `:session`, `:account`, and `:env` options to `Rodauth::Rails.rodauth` (@janko)
396
-
397
- ## 0.12.0 (2021-05-15)
398
-
399
- * Include total view render time in logs for Rodauth requests (@janko)
400
-
401
- * Instrument redirects (@janko)
402
-
403
- * Instrument Rodauth requests on `action_controller` namespace (@janko)
404
-
405
- * Update templates for Boostrap 5 compatibility (@janko)
406
-
407
- * Log request parameters for Rodauth requests (@janko)
408
-
409
- ## 0.11.0 (2021-05-06)
410
-
411
- * Add controller-like logging for requests to Rodauth endpoints (@janko)
412
-
413
- * Add `#rails_routes` to Roda and Rodauth instance for accessing Rails route helpers (@janko)
414
-
415
- * Add `#rails_request` to Roda and Rodauth instance for retrieving an `ActionDispatch::Request` instance (@janko)
416
-
417
- ## 0.10.0 (2021-03-23)
418
-
419
- * Add `Rodauth::Rails::Auth` superclass for moving configurations into separate files (@janko)
420
-
421
- * Load the `pass` Roda plugin and recommend calling `r.pass` on prefixed routes (@janko)
422
-
423
- * Improve Roda middleware inspect output (@janko)
424
-
425
- * Create `RodauthMailer` and email templates in `rodauth:install`, and remove `rodauth:mailer` (@janko)
426
-
427
- * Raise `KeyError` in `#rodauth` method when the Rodauth instance doesn't exist (@janko)
428
-
429
- * Add `Rodauth::Rails.authenticated` routing constraint for requiring authentication (@janko)
430
-
431
- ## 0.9.1 (2021-02-10)
432
-
433
- * Fix flash integration being loaded for API-only apps and causing an error (@dmitryzuev)
434
-
435
- * Change account status column default to `unverified` in migration to match Rodauth's default (@basabin54)
436
-
437
- ## 0.9.0 (2021-02-07)
438
-
439
- * Load Roda's JSON support by default, so that enabling `json`/`jwt` feature is all that's needed (@janko)
440
-
441
- * Bump Rodauth dependency to 2.9+ (@janko)
442
-
443
- * Add `--json` option for `rodauth:install` generator for configuring `json` feature (@janko)
444
-
445
- * Add `--jwt` option for `rodauth:install` generator for configuring `jwt` feature (@janko)
446
-
447
- * Remove the `--api` option from `rodauth:install` generator (@janko)
448
-
449
- ## 0.8.2 (2021-01-10)
450
-
451
- * Reset Rails session on `#clear_session`, protecting from potential session fixation attacks (@janko)
452
-
453
- ## 0.8.1 (2021-01-04)
454
-
455
- * Fix blank email body when `json: true` and `ActionController::API` descendant are used (@janko)
456
-
457
- * Make view and email rendering work when there are multiple configurations and one is `json: :only` (@janko)
458
-
459
- * Don't attempt to protect against forgery when `ActionController::API` descendant is used (@janko)
460
-
461
- * Mark content of rodauth built-in partials as HTML-safe (@janko)
462
-
463
- ## 0.8.0 (2021-01-03)
464
-
465
- * Add `--api` option to `rodauth:install` generator for choosing JSON-only configuration (@janko)
466
-
467
- * Don't blow up when a Rodauth request is made using an unsupported HTTP verb (@janko)
468
-
469
- ## 0.7.0 (2020-11-27)
470
-
471
- * Add `#rails_controller_eval` method for running code in context of a controller instance (@janko)
472
-
473
- * Detect `secret_key_base` from credentials and `$SECRET_KEY_BASE` environment variable (@janko)
474
-
475
- ## 0.6.1 (2020-11-25)
476
-
477
- * Generate the Rodauth controller for API-only Rails apps as well (@janko)
478
-
479
- * Fix remember cookie deadline not extending in remember feature (@janko)
480
-
481
- ## 0.6.0 (2020-11-22)
482
-
483
- * Add `Rodauth::Rails.rodauth` method for retrieving Rodauth instance outside of request context (@janko)
484
-
485
- * Add default Action Dispatch response headers in Rodauth responses (@janko)
486
-
487
- * Run controller rescue handlers around Rodauth actions (@janko)
488
-
489
- * Run controller action callbacks around Rodauth actions (@janko)
490
-
491
- ## 0.5.0 (2020-11-16)
492
-
493
- * Support more Active Record adapters in `rodauth:install` generator (@janko)
494
-
495
- * Add `rodauth:migration` generator for creating tables of specified features (@janko)
496
-
497
- * Use UUIDs for primary keys if so configured in Rails generators (@janko)
498
-
499
- * Add `rodauth:routes` rake task for printing routes handled by Rodauth middleware (@janko)
500
-
501
- ## 0.4.2 (2020-11-08)
502
-
503
- * Drop support for Ruby 2.2 (@janko)
504
-
505
- * Bump `sequel-activerecord_connection` dependency to 1.1+ (@janko)
506
-
507
- * Set default bcrypt hash cost to `1` in tests (@janko)
508
-
509
- * Call `AR::Base.connection_db_config` on Rails 6.1+ in `rodauth:install` generator (@janko)
510
-
511
- ## 0.4.1 (2020-11-02)
512
-
513
- * Don't generate `RodauthController` in API-only mode (@janko)
514
-
515
- * Pass `test: false` to Sequel in the `sequel.rb` initializer (@janko)
516
-
517
- ## 0.4.0 (2020-11-02)
518
-
519
- * Support Rails API-only mode (@janko)
520
-
521
- * Make `rodauth:install` create `rodauth_app.rb` in `app/lib/` directory (@janko)
522
-
523
- ## 0.3.1 (2020-10-25)
524
-
525
- * Depend on sequel-activerecord_connection 1.0+ (@janko)
526
-
527
- ## 0.3.0 (2020-09-18)
528
-
529
- * Handle custom configured database migration paths in install generator (@janko)
530
-
531
- * Allow specifying features as plain arguments in `rodauth:views` generator (@janko)
532
-
533
- * Add some missing foreign key constraints in generated migration file (@janko)
534
-
535
- ## 0.2.1 (2020-07-26)
536
-
537
- * Fix incorrect JDBC connect syntax in `sequel.rb` template on JRuby (@janko)
538
-
539
- ## 0.2.0 (2020-07-26)
540
-
541
- * Drop support for Rodauth 1.x (@janko)
542
-
543
- * Change `rodauth_app.rb` template to send emails in the background after transaction commit (@janko)
544
-
545
- * Bump `sequel-activerecord_connection` dependency to `~> 0.3` (@janko)
546
-
547
- * Use the JDBC adapter in sequel.rb initializer when on JRuby (@janko)
548
-
549
- ## 0.1.3 (2020-07-04)
550
-
551
- * Remove insecure MFA integration with remember feature suggestion in `lib/rodauth_app.rb` (@janko, @nicolas-besnard)
552
-
553
- * Use correct password autocomplete value on Rodauth 2.1+ (@janko)
554
-
555
- * Enable skipping CSRF protection on Rodauth 2.1+ by overriding `#check_csrf?` (@janko)
556
-
557
- * Don't generate Sequel initializer if Sequel connection exists (@janko)
558
-
559
- * Fix typo in remember view template (@nicolas-besnard)
560
-
561
- * Fix some more typos in `lib/rodauth_app.rb` (@janko)
562
-
563
- ## 0.1.2 (2020-05-14)
564
-
565
- * Fix some typos in comment suggestions in `lib/rodauth_app.rb` (@janko)
566
-
567
- ## 0.1.1 (2020-05-09)
568
-
569
- * Include view templates in the gem (@janko)
570
- * Use `Login` labels to be consistent with Rodauth (@janko)