RubyGems - rodauth-rails - Versions diffs - 1.14.1 → 1.15.1 - Mend

rodauth-rails 1.14.1 → 1.15.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

data/CHANGELOG.md DELETED Viewed

@@ -1,570 +0,0 @@
-## 1.14.1 (2024-05-15)
-* Fix matching on account status when passing Active Record object to `Rodauth::Rails.account` (@dush)
-## 1.14.0 (2024-04-09)
-* Allow declaring controller callbacks for specific Rodauth routes via `:only` and `:except` keyword arguments (@janko)
-* Instrument Rodauth controller and route name instead of `RodauthApp#call` on Rodauth requests (@janko)
-* Remove custom `#inspect` from Rodauth app middleware subclass in favour of Ruby 3.3+ `Module#set_temporary_name` (@janko)
-* Fix `data-turbo="false"` being added in the wrong place in reset password request form on login validation errors (@janko)
-* Fix format being inferred from `Accept` header instead URL path when calling `http_basic_auth` in the Rodauth middleware (@janko)
-* Retrieve auth class through the Rodauth app in generated account fixtures (@janko)
-* Use `include Rodauth::Rails.model` again in generated account model (@janko)
-* Avoid generated `convert_token_id_to_integer?` causing tokens to get silently rejected after switching to UUIDs (@janko)
-* Allow referencing custom column attributes on `rails_account` during account creation (@janko)
-* Drop support for Ruby 2.3 and 2.4 (@janko)
-## 1.13.0 (2023-12-25) :christmas_tree:
-* Add `#rodauth` method to controller test helpers (@janko)
-* When session middleware is required by Rodauth but missing, point to Rails docs instead of Roda (@janko)
-* Set `login_confirm_param` to `"email-confirm"` in default configuration for consistency (@janko)
-* Set `convert_token_id_to_integer?` in default configuration to avoid DB queries on boot (@janko)
-## 1.12.0 (2023-10-20)
-* Allow generating view template for `confirm_password` feature (igor-alexandrov)
-* Forward all requests unhandled by the Rodauth app to the Rails router (@janko)
-* Use `Rodauth::Model()` directly for including in generated account model (@janko)
-* Set `{jwt,argon2}_secret` to `hmac_secret` on `rodauth:install` with `--{jwt,argon2}` (@janko)
-* Expose `#turbo_stream` method in `Rodauth::Rails::Auth` when using turbo-rails gem (@janko)
-* Add `#rails_cookies` method for accessing the Action Dispatch cookie jar (@janko)
-## 1.11.0 (2023-08-21)
-* Exclude WebAuthn JS routes in `rodauth:routes`, since those stop being relevant with custom JS (@janko)
-* Separate HTTP verbs with `|` symbol in `rodauth:routes` for consistency with `rails routes` (@janko)
-* Include two factor manage & auth JSON POST routes in `rodauth:routes` task (@janko)
-* Make `rodauth:routes` rake task appear in `rails -T` list (@janko)
-* Accept plugin options in `Rodauth::Rails.lib` (@janko)
-* Support skipping loading Roda `render` plugin by passing `render: false` (@janko)
-## 1.10.0 (2023-07-26)
-* Add `Rodauth::Rails.lib` for easier usage of Rodauth as a library in Rails apps (@janko)
-## 1.9.0 (2023-05-22)
-* Add support for webauthn_autofill feature to the views generator (@janko)
-* Generate view templates for two_factor_base feature only if explicitly specified (@janko)
-* Set `login_param "email"` in generated Rodauth configuration (@janko)
-* Handle Trilogy adapter in generators (@janko)
-* Use `email_subject_prefix` in generated mailer (@janko)
-* Fix typo in `unlock_account` email template (@zavan)
-* Retrieve current account using `account!` in `#rails_account` method (@janko)
-* Drop support for Rails 4.2 (@janko)
-## 1.8.0 (2023-02-25)
-* Add table argument to `rodauth:install` generator (@janko)
-* Add `--prefix` option to `rodauth:migration` generator for choosing table prefix (@janko)
-* Add `--argon2` option to `rodauth:install` generator for configuring password hashing using Argon2 (@janko)
-* Move generated Sequel setup from initializer into the Rodauth configuration for faster boot time (@janko)
-* Use `email_to` and `email_from` Rodauth methods in generated mailer (@janko)
-* Add missing foreign key constraint in `email_auth` Active Record migration (@janko)
-* Correctly retrieve JSON request body when using Falcon (@janko)
-* Render validation error correctly in generated `webauthn_remove` Tailwind template (@janko)
-## 1.7.1 (2023-01-25)
-* Make internal_request integration work on Rack 3.x (@janko)
-* Add missing Tailwind templates for WebAuthn feature (@janko)
-* Use renamed `webauthn_credential_options_for_get` method in generated `webauthn_auth` template (@janko)
-* Fix generated `webauthn_setup` template not working with webauthn_verify_account feature (@janko)
-* Hide text fields in generated `webauthn_{setup,auth}` templates (@janko)
-* Fix loading JavaScript for WebAuthn in generated `webauthn_{setup,auth}` templates (@janko)
-* Make built-in mailer work in Rails 6.x on Ruby 3.2 (@janko)
-## 1.7.0 (2022-12-21)
-* Add Tailwind CSS templates to `rodauth:views` generator via the `--css=tailwind` option (@benkoshy, @janko)
-## 1.6.4 (2022-11-24)
-* Make `#rails_account` work on directly allocated Rodauth object with `@account` set (@janko)
-* Add commented out email configuration for `password_reset_notify` feature (@janko)
-* Design generated mailer in a way that exposes the Rodauth object (@janko)
-* Fix generated logout page always logging out globally when using active sessions feature (@janko)
-## 1.6.3 (2022-11-15)
-* Suggest passing an integer to `verify_account_grace_period` instead of `ActiveSupport::Duration` (@vlado)
-* Use `pass` plugin for forwarding other `{prefix}/*` requests when automatically routing the prefix (@janko)
-* Set minimum password length to 8 in the generated configuration, as per OWASP recommendation (@janko)
-* Set maximum password bytesize to 72 in the generated configuration, as bcrypt truncates inputs longer than 72 bytes (@janko)
-## 1.6.2 (2022-09-19)
-* Use matching precision for current timestamp default values in Active Record 7.0+ migrations on MySQL (@janko)
-## 1.6.1 (2022-09-19)
-* Fix argument error when calling `RodauthMailer` in default configuration (@janko)
-## 1.6.0 (2022-09-14)
-* Avoid creating IDENTITY columns for primary foreign keys on SQL Server with Active Record (@janko)
-* Make configuration name argument required in generated `RodauthMailer` (@janko)
-* Make the Rails integration work without Action Mailer loaded (@janko)
-* Don't redirect to login page when account is missing in `current_account` method (@janko)
-## 1.5.5 (2022-08-04)
-* Don't raise `ArgumentError` when calling `#current_account` without being logged in (@benkoshy)
-* Abort `rodauth:views` generator when unknown feature was specified (@janko)
-* Abort `rodauth:migration` generator when unknown feature was specified (@janko)
-## 1.5.4 (2022-07-21)
-* Generate account fixtures in `spec/fixtures` directory when using RSpec (@benkoshy)
-* Generate account fixtures in `test/fixtures` directory instead of `app/test/fixtures` (@benkoshy)
-* Use string status column values in generated accounts fixture (@janko)
-* Create integer status column in generated Sequel migration (@janko)
-* Store password hash in accounts table in generated Sequel migration (@janko)
-## 1.5.3 (2022-07-21)
-*Yanked*
-## 1.5.2 (2022-07-03)
-* Bump Rodauth dependency version to 2.25+ (@janko)
-* Generate fixture file for accounts on `rodauth:install` (@benkoshy)
-* Fix error about undefined `controller_path` method in `newrelic_rpm` gem instrumentation (@janko)
-* Don't display disabled routes in `rodauth:routes` (@janko)
-* Display HTTP verbs of endpoints in `rodauth:routes` rake task (@janko)
-## 1.5.1 (2022-06-19)
-* Fix syntax for creating `citext` PG extension in Sequel base migration (@Empact)
-## 1.5.0 (2022-06-11)
-* Remove `content_for` calls from generated view templates (@janko)
-* Set title instance variable to `@page_title` in generated configuration (@janko)
-* Set title instance variable on the controller when `title_instance_variable` is set (@HoneyryderChuck)
-## 1.4.2 (2022-05-15)
-* Stop passing email addresses in mailer arguments on verifying login change (@janko)
-* Extract finding account into a method in the generated mailer (@janko)
-* Make generated Action Mailer integration work with secondary Rodauth configurations (@janko)
-* Include `Rodauth::Rails.model` in generated Sequel account model as well (@janko)
-## 1.4.1 (2022-05-08)
-* Deprecate `Rodauth::Rails::Model` constant (@janko)
-* Remove `Rodauth::Rails::Auth#associations` in favour of new association registration API (@janko)
-* Extract model mixin into the rodauth-model gem (@janko)
-## 1.4.0 (2022-05-04)
-* Move association definitions to `#associations` Rodauth method, allowing external features to extend them (@janko)
-* Add Sequel support for generating database migrations, model, and mailer (@janko)
-* Skip calling Rodauth app on asset requests when using Sprockets or Propshaft (@janko)
-## 1.3.1 (2022-04-22)
-* Ensure response status is logged when calling a halting rodauth method inside a controller (@janko)
-## 1.3.0 (2022-04-01)
-* Store password hash on the `accounts` table in generated Rodauth migration and configuration (@janko)
-* Add support for controller testing with Minitest or RSpec (@janko)
-* Fix `enum` declaration in generated `Account` model for Active Record < 7.0 (@janko)
-* Ensure `require_login_redirect` points to the login page even if the login route changes (@janko)
-## 1.2.2 (2022-02-22)
-* Fix flash messages not being preserved through consecutive redirects (@janko)
-## 1.2.1 (2022-02-19)
-* Change `accounts.status` column type from string to integer (@zhongsheng)
-## 1.2.0 (2022-02-11)
-* Work around Active Record 4.2 not supporting procs for literal SQL column default (@janko)
-* Avoid re-fetching the account in `#current_account` when it has already been fetched by Rodauth (@janko)
-* Extract `#current_account` helper functionality into `#rails_account` Rodauth method (@janko)
-* Use default account status values in generated configuration, with enum on `Account` model (@janko)
-## 1.1.0 (2022-01-16)
-* Automatically route the path prefix in `r.rodauth` if one has been set (@janko)
-## 1.0.0 (2021-12-25)
-* Set Rodauth's email subject in the generated mailer (@janko)
-* Raise error when outside of a request and `config.action_mailer.default_url_options` is unset (@janko)
-* Avoid method re-definition warnings with named auth classes caused by `post_configure` being called twice (@janko)
-* Don't modify `config.action_mailer.default_url_options` when `:protocol` is missing (@janko)
-* Move `Rodauth::Rails.url_options` into `Rodauth::Auth#rails_url_options` (@janko)
-* Generate named auth classes in `rodauth:install` generator (@janko)
-* Generate `rodauth_app.rb` in `app/misc` directory (@janko)
-* Add `--name` option to `rodauth:migration` generator (@janko)
-* Disable Turbo in all built-in and generated views (@janko)
-* Modify generated mailer integration to generate URLs according to `default_url_options` (@janko)
-* Skip Active Record files in `rodauth:install` if `ActiveRecord::Railtie` is not defined (@janko)
-* Stop loading `pass` plugin in `Rodauth::Rails::App` (@janko)
-* Remove deprecated `:query` and `:form` options in `Rodauth::Rails.rodauth` (@janko)
-* Require internal_request feature to be enabled in `Rodauth::Rails.rodauth` (@janko)
-## 0.18.1 (2021-12-16)
-* Loosen Rails gem dependency to allow Rails 7.x (Intrepidd)
-## 0.18.0 (2021-11-05)
-* Disable Turbo on the generated login form (@janko)
-* Generate controller views with `form_with` helper on Rails 5.1+ (@janko)
-* Fix missing layout error when rendering Rodauth's built-in templates when using Turbo on Rails 6.0+ (@janko)
-* Fix `Rodauth::Rails.middleware` config not actually affecting middleware insertion (@janko)
-* Set page titles in generated view templates (@janko)
-* Merge field and button partials into view templates (@janko)
-* Raise error for unknown configuration in `Rodauth::Rails.model` (@janko)
-* Generate views for all enabled features by default in `rodauth:views` generator (@janko)
-* Add `Rodauth::Rails::App.rodauth!` which raises an error for unknown configuration (@janko)
-* Remove deprecated `--features` option from `rodauth:views` generator (@janko)
-* Inline `_recovery_codes_form.html.erb` partial into `recovery_codes.html.erb` (@janko)
-* Use Rodauth helper methods for texts in generated views, for easier i18n (@janko)
-* Allow setting passing a `Sequel::Model` to `:account` in `Rodauth::Rails.rodauth` (@janko)
-## 0.17.1 (2021-10-20)
-* Skip checking CSRF when request forgery protection wasn't loaded on the controller (@janko)
-* Create partial unique index for `accounts.email` column when using `sqlite3` adapter (@janko)
-* Revert setting `delete_account_on_close?` to `true` in generated `rodauth_app.rb` (@janko)
-* Disable Turbo in `_recovery_codes_form.html.erb`, since viewing recovery codes isn't Turbo-compatible (@janko)
-* Generate JSON configuration on `rodauth:install` for API-only with sessions enabled (@janko)
-* Generate JWT configuration on `rodauth:install` only for API-only apps without sessions enabled (@janko)
-* Don't generate JWT configuration when `rodauth:install --json` was run in API-only app (@janko)
-* Use `config.action_mailer.default_url_options` in path_class_methods feature (@janko)
-## 0.17.0 (2021-10-05)
-* Set `delete_account_on_close?` to `true` in generated `rodauth_app.rb` (@janko)
-* Change default `:dependent` option for associations to `:delete`/`:delete_all` (@janko)
-* Add `rails_account_model` configuration method for when the account model cannot be inferred (@janko)
-## 0.16.0 (2021-09-26)
-* Add `#current_account` to methods defined on `ActionController::Base` (@janko)
-* Add missing template for verify_login_change feature to `rodauth:views` generator (@janko)
-* Add `#rodauth_response` controller method for converting rodauth responses into controller responses (@janko)
-## 0.15.0 (2021-07-29)
-* Add `Rodauth::Rails::Model` mixin that defines password attribute and associations on the model (@janko)
-* Add support for the new internal_request feature (@janko)
-* Implement `Rodauth::Rails.rodauth` in terms of the internal_request feature (@janko)
-## 0.14.0 (2021-07-10)
-* Speed up template rendering by only searching formats accepted by the request (@janko)
-* Add `--name` option to `rodauth:views` generator for specifying different rodauth configuration (@janko)
-* Infer correct template path from configured controller in `rodauth:views` generator (@janko)
-* Raise `ArgumentError` if undefined rodauth configuration is passed to `Rodauth::Rails.app` (@janko)
-* Make `#rails_controller` method on the rodauth instance public (@janko)
-* Remove `--directory` option from `rodauth:views` generator (@janko)
-* Remove `#features` and `#routes` writer and `#configuration` reader from `Rodauth::Rails::Auth` (@janko)
-## 0.13.0 (2021-06-10)
-* Add `:query`, `:form`, `:session`, `:account`, and `:env` options to `Rodauth::Rails.rodauth` (@janko)
-## 0.12.0 (2021-05-15)
-* Include total view render time in logs for Rodauth requests (@janko)
-* Instrument redirects (@janko)
-* Instrument Rodauth requests on `action_controller` namespace (@janko)
-* Update templates for Boostrap 5 compatibility (@janko)
-* Log request parameters for Rodauth requests (@janko)
-## 0.11.0 (2021-05-06)
-* Add controller-like logging for requests to Rodauth endpoints (@janko)
-* Add `#rails_routes` to Roda and Rodauth instance for accessing Rails route helpers (@janko)
-* Add `#rails_request` to Roda and Rodauth instance for retrieving an `ActionDispatch::Request` instance (@janko)
-## 0.10.0 (2021-03-23)
-* Add `Rodauth::Rails::Auth` superclass for moving configurations into separate files (@janko)
-* Load the `pass` Roda plugin and recommend calling `r.pass` on prefixed routes (@janko)
-* Improve Roda middleware inspect output (@janko)
-* Create `RodauthMailer` and email templates in `rodauth:install`, and remove `rodauth:mailer` (@janko)
-* Raise `KeyError` in `#rodauth` method when the Rodauth instance doesn't exist (@janko)
-* Add `Rodauth::Rails.authenticated` routing constraint for requiring authentication (@janko)
-## 0.9.1 (2021-02-10)
-* Fix flash integration being loaded for API-only apps and causing an error (@dmitryzuev)
-* Change account status column default to `unverified` in migration to match Rodauth's default (@basabin54)
-## 0.9.0 (2021-02-07)
-* Load Roda's JSON support by default, so that enabling `json`/`jwt` feature is all that's needed (@janko)
-* Bump Rodauth dependency to 2.9+ (@janko)
-* Add `--json` option for `rodauth:install` generator for configuring `json` feature (@janko)
-* Add `--jwt` option for `rodauth:install` generator for configuring `jwt` feature (@janko)
-* Remove the `--api` option from `rodauth:install` generator (@janko)
-## 0.8.2 (2021-01-10)
-* Reset Rails session on `#clear_session`, protecting from potential session fixation attacks (@janko)
-## 0.8.1 (2021-01-04)
-* Fix blank email body when `json: true` and `ActionController::API` descendant are used (@janko)
-* Make view and email rendering work when there are multiple configurations and one is `json: :only` (@janko)
-* Don't attempt to protect against forgery when `ActionController::API` descendant is used (@janko)
-* Mark content of rodauth built-in partials as HTML-safe (@janko)
-## 0.8.0 (2021-01-03)
-* Add `--api` option to `rodauth:install` generator for choosing JSON-only configuration (@janko)
-* Don't blow up when a Rodauth request is made using an unsupported HTTP verb (@janko)
-## 0.7.0 (2020-11-27)
-* Add `#rails_controller_eval` method for running code in context of a controller instance (@janko)
-* Detect `secret_key_base` from credentials and `$SECRET_KEY_BASE` environment variable (@janko)
-## 0.6.1 (2020-11-25)
-* Generate the Rodauth controller for API-only Rails apps as well (@janko)
-* Fix remember cookie deadline not extending in remember feature (@janko)
-## 0.6.0 (2020-11-22)
-* Add `Rodauth::Rails.rodauth` method for retrieving Rodauth instance outside of request context (@janko)
-* Add default Action Dispatch response headers in Rodauth responses (@janko)
-* Run controller rescue handlers around Rodauth actions (@janko)
-* Run controller action callbacks around Rodauth actions (@janko)
-## 0.5.0 (2020-11-16)
-* Support more Active Record adapters in `rodauth:install` generator (@janko)
-* Add `rodauth:migration` generator for creating tables of specified features (@janko)
-* Use UUIDs for primary keys if so configured in Rails generators (@janko)
-* Add `rodauth:routes` rake task for printing routes handled by Rodauth middleware (@janko)
-## 0.4.2 (2020-11-08)
-* Drop support for Ruby 2.2 (@janko)
-* Bump `sequel-activerecord_connection` dependency to 1.1+ (@janko)
-* Set default bcrypt hash cost to `1` in tests (@janko)
-* Call `AR::Base.connection_db_config` on Rails 6.1+ in `rodauth:install` generator (@janko)
-## 0.4.1 (2020-11-02)
-* Don't generate `RodauthController` in API-only mode (@janko)
-* Pass `test: false` to Sequel in the `sequel.rb` initializer (@janko)
-## 0.4.0 (2020-11-02)
-* Support Rails API-only mode (@janko)
-* Make `rodauth:install` create `rodauth_app.rb` in `app/lib/` directory (@janko)
-## 0.3.1 (2020-10-25)
-* Depend on sequel-activerecord_connection 1.0+ (@janko)
-## 0.3.0 (2020-09-18)
-* Handle custom configured database migration paths in install generator (@janko)
-* Allow specifying features as plain arguments in `rodauth:views` generator (@janko)
-* Add some missing foreign key constraints in generated migration file (@janko)
-## 0.2.1 (2020-07-26)
-* Fix incorrect JDBC connect syntax in `sequel.rb` template on JRuby (@janko)
-## 0.2.0 (2020-07-26)
-* Drop support for Rodauth 1.x (@janko)
-* Change `rodauth_app.rb` template to send emails in the background after transaction commit (@janko)
-* Bump `sequel-activerecord_connection` dependency to `~> 0.3` (@janko)
-* Use the JDBC adapter in sequel.rb initializer when on JRuby (@janko)
-## 0.1.3 (2020-07-04)
-* Remove insecure MFA integration with remember feature suggestion in `lib/rodauth_app.rb` (@janko, @nicolas-besnard)
-* Use correct password autocomplete value on Rodauth 2.1+ (@janko)
-* Enable skipping CSRF protection on Rodauth 2.1+ by overriding `#check_csrf?` (@janko)
-* Don't generate Sequel initializer if Sequel connection exists (@janko)
-* Fix typo in remember view template (@nicolas-besnard)
-* Fix some more typos in `lib/rodauth_app.rb` (@janko)
-## 0.1.2 (2020-05-14)
-* Fix some typos in comment suggestions in `lib/rodauth_app.rb` (@janko)
-## 0.1.1 (2020-05-09)
-* Include view templates in the gem (@janko)
-* Use `Login` labels to be consistent with Rodauth (@janko)