Skip to content

Latest commit

 

History

History
139 lines (84 loc) · 3.28 KB

CHANGELOG.md

File metadata and controls

139 lines (84 loc) · 3.28 KB
Raw

Change Log

All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.

[2.2.0] - Unreleased

Fixed

  • Autoloading & Zeitwerk issues
  • Update dependency to JWT 2.2.1
  • Update dependency to Rails 5
  • Implement #respond_to_missing? in Authenticable module

Removed

  • Generators

[2.1.1] - 2017-02-11

Fixed

  • Stop trying to retrieve user from empty payload when no token is given

[2.1] - 2017-01-31

Fixed

  • Parsing of token controller to handle namespaces correctly

Added

  • Configurable default validations by adding verify_options parameter to AuthToken initializer

[2.0] - 2016-10-23

Added

  • Configurable unauthorized response by overriding Authenticable#unauthorized_entity

Removed

  • Deprecated features (see deprecated features in version 1.5)

[1.5] - 2016-05-29

Added

  • Exception configuration option Knock.not_found_exception_class_name
  • Multiple entity authentication (e.g. User, Admin, etc)
  • Possibility to have permanent tokens
  • Adding config options for exception class
  • Generator for token controller. E.g. rails g knock:token_controller user

Changed

  • Deprecated Authenticable#authenticate in favor of Authenticable#authenticate_user
  • Deprecated use of Knock.current_user_from_token in favor of User.from_token_payload
  • Deprecated use of direct route to AuthTokenController in favor of generating a token controller
  • No need to mount the engine in config/routes.rb anymore

[1.4.2] - 2016-01-29

Fixed

  • Allow use of any or no prefix in authorization header. This fixes an unwanted breaking change introduced in 1.4.0 forcing the use of the Bearer prefix.

[1.4.1] - 2016-01-08

Fixed

  • Use lambda for audience verification

[1.4.0] - 2016-01-02

Changed

  • Allow use of rails versions above 4.2

Added

  • Travis integration
  • Contribution guidelines
  • URL authentication
  • Allow use of different encoding algorithm
  • Expose current_user in the controllers without authenticating

Fixed

  • Audience verification in token
  • Use lambda syntax compatible with older ruby versions
  • A few typos

[1.3.0] - 2015-07-23

Added

  • Configuration option for how the current_user is retrieved when signing in.
  • Configuration option for the handle attribute (email by default).

[1.2.0] - 2015-07-16

Added

  • Configuration option for how the current_user is retrieved when validating a token. (#1)

Changed

  • Use "sub" claim to store the user id by default instead of "user_id". (#1)

Fixed

  • Decode auth0_client_secret in default configuration for Auth0

[1.1.0] - 2015-07-15

[1.1.0.rc1] - 2015-07-15

Added

  • Knock.token_lifetime configuration variable
  • Knock.token_secret_signature_key configuration variable
  • Knock.token_audience configuration variable
  • audience claim verification when decoding token
  • Knock.setup method for configuration in knock.rb initializer
  • generator for initializer (rails g knock:install)

[1.0.0] - 2015-07-14

[1.0.0.rc1] - 2015-07-14

Added

  • Knock::Authenticable to secure endpoints with before_action :authenticate
  • AuthToken model provides JWT encapsulation
  • AuthTokenController provides out of the box sign in implementation