apostrophe 3.16.0 → 3.16.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +7 -1
  2. package/modules/@apostrophecms/login/index.js +4 -0
  3. package/package.json +1 -1
package/CHANGELOG.md CHANGED
@@ -1,10 +1,16 @@
1
1
  # Changelog
2
2
 
3
+ # 3.16.1 (2022-03-21)
4
+
5
+ ### Fixes
6
+
7
+ * Fixes a bug in the new `Cache-Control` support introduced by 3.16.0 in which we get the logged-out homepage right after logging in. This issue only came into play if the new caching options were enabled.
8
+
3
9
  ## 3.16.0 (2022-03-18)
4
10
 
5
11
  ### Adds
6
12
 
7
- * Offers a simple way to set a Cache-Control max-age for Apostrophe page and GET REST API responses for pieces and pages.
13
+ * Offers a simple way to set a Cache-Control max-age for Apostrophe page and GET REST API responses for pieces and pages. [See the documentation for more information](https://v3.docs.apostrophecms.org/guide/caching.html).
8
14
  * API keys and bearer tokens "win" over session cookies when both are present. Since API keys and bearer tokens are explicitly added to the request at hand, it never makes sense to ignore them in favor of a cookie, which is implicit. This also simplifies automated testing.
9
15
  * `data-apos-test=""` selectors for certain elements frequently selected in QA tests, such as `data-apos-test="adminBar"`.
10
16
  * To speed up functional tests, an `insecurePasswords` option has been added to the login module. This option is deliberately named to discourage use for any purpose other than functional tests in which repeated password hashing would unduly limit performance. Normally password hashing is intentionally difficult to slow down brute force attacks, especially if a database is compromised.
package/modules/@apostrophecms/login/index.js CHANGED
@@ -682,6 +682,10 @@ module.exports = {
682
682
 
683
683
  // Awaitable wrapper for req.login. An implementation detail of the login route
684
684
  async passportLogin(req, user) {
685
+ const cookieName = `${self.apos.shortName}.${loggedInCookieName}`;
686
+ if (req.cookies[cookieName] !== 'true') {
687
+ req.res.cookie(cookieName, 'true');
688
+ }
685
689
  const passportLogin = (user) => {
686
690
  return require('util').promisify(function(user, callback) {
687
691
  return req.login(user, callback);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "apostrophe",
3
- "version": "3.16.0",
3
+ "version": "3.16.1",
4
4
  "description": "The Apostrophe Content Management System.",
5
5
  "main": "index.js",
6
6
  "scripts": {