0.20.0

• BREAKING: Removed columns address and phone_number from table users. All data stored in this columns were migrated to table user_meta and were stored under keys deprecated_address and deprecated_phone_number. Use address entity instead of these legacy columns. remp/crm#686
• Added DeviceTokenAuthorization to UserTokenAuthorization service for authorizing user by device token. remp/crm#1313
• Added UsersApiAuthorizationInterface which extends api authorization interface with getAuthorizedUsers method for usage in api handlers which require authorizing more than one user. remp/crm#1313
• Fixed public_name default value in user admin form. remp/crm#1425
• Added country_iso parameter to /api/v1/users/address endpoint (+tests). remp/crm#1060
• Added country_iso parameter to /api/v1/users/change-address-request endpoint (+tests). remp/crm#1060
• Parameter country_id in /api/v1/users/change-address-request endpoint marked as deprecated. remp/crm#1060
• Added UnclaimedUser model capable of creating unclaimed (anonymous) users and verifying them. remp/crm#1417
• Added optional parameter access_token to /api/v1/users/get-device-token endpoint (+tests). Generated device_token is paired with access_token when provided. remp/crm#1434
• Added unpairing old device_token from access_token when pairing new device_token to access_token for known user. remp/crm#1436
• Added source parameter to all access tokens to recognize originating source of newly created access tokens. #12

0.18.0

• Changed implementation of users/confirm API which returns 404 Not Found response with {"status": "error", "code": "user_not_found"} when user's email not found in DB (+tests). remp/crm#1379

0.17.0

• Added SameSite=Lax cookie settings to access cookie set by CRM (n_token). Strict wasn't used since it would prevent the cookie to be sent on requests originated by third parties. Since the cookie is meant to be used on the CRM and CMS, and articles are meant to be visited from third parties, it would cause access issues. remp/web#1212
• Added TestUserTokenAuthenticator for tests to inject custom authenticator payloads for API handlers. remp/crm#1336
• Added admin.user.detail.center placeholder for widget in admin user detail. remp/crm#913
• Add confirm button to user detail in admin UI #10

0.16.0

• BREAKING: Added source as a second parameter to Crm\UsersModule\Repository\PasswordResetTokensRepository::add() method to identify source of password request. You might want to use this parameter if you need to respond differently based on the source of reset request. #9
• Added public_name as a searched field in /users/users-admin filter. remp/crm#1347

0.15.0

• Added device_tokens table and generate device token api handler, used as identification for not logged mobile app users. remp/crm#1310

0.14.0

• Fixed issue when default application page was not able to sign users in as not_logged_in_route pointed to the default application page again. UsersModule now overrides default value to the regular sign in page.
• Added addToken parameter to UserManager::addNewUser method to specify whether CRM should also create new access_token with new user or not. Default is true. #8
• Fix abandoned admin groups after the user's role change from admin to user. remp/crm#1252

0.13.0

• BREAKING: Method resetPassword in UserManager now accepts user's IRow para meter instead of email. remp/crm#1198
• BREAKING: User meta now requires a value to be set. null should be implicit. If you want to state there's no value, don't insert anything. CRM is removing all records with null as a value. remp/crm#1224
• Disabled the password request for inactivated users. remp/crm#1128
• Changed the success message for the user's password request. remp/crm#1129
• Moved authentication of user after sign up to separate AutoLoginAuthenticator. Instead of user's email we can now pass whole user entity returned by sign up process. remp/crm#1178
• Changed authenticator credentials to autologin after user registered via /sign/up page. remp/crm#1178
• Added password parameter to users/create API and to UserManager. #7
• Added AccessTokenAuthenticator to authenticate user with access token. This was moved from internal ContentModule. remp/crm#1166
• Changed public_name column to not nullable. remp/crm#1145
  • Preparing to use public_name as main frontend user identification.
  • Added data migration to copy email to public_name field. (Only users with empty public_name).
  • UserBuilder requires public_name to be set.
• Added the logging of user's action by admin into user action log. remp/crm#1200
• Changed iso_code of country to mandatory and unique.
• Added code to generate and verify tokens, it will be used to user's email verification. remp/crm#1220
• Fixed issue with empty public_name. When updating user via admin zone and public_name is empty, use email instead. public_name cannot be empty string. remp/crm#1244
• Fixed missing title translation on user edit screen.

0.12.0

• Removed whitespaces from company information (company_id, company_vat_id, company_tax_id) in tables addresses and address_change_requests. Updated related repositories to prevent pass whitespaces again. remp/crm!839
• Added new API endpoints to manage user's meta information. remp/crm#1059
• Fixed UserMetaRepository method add now returns ActiveRow even by update. remp/crm#1059
• Added link to the sign in page into the request password page. remp/crm#1124
• Added password reset button to admin user show template. remp/crm#1106
• Removed forced lowercasing when searching for email in database. MySQL (and its spinoffs) is by default case insensitive for string search. #6

0.11.0

• Added ability to override database repositories by specifying custom implementations in config.neon file. remp/crm#822
• Added CanDeleteAddressDataProviderInterface for validating if address can be deleted. remp/crm#1022
• Fixed invalid error message during reset password flow - minimal password length was not being displayed correctly. remp/crm#1116
• Added missing addresses_meta migration, that was causing errors in some scenarios utilizing addresses metadata. remp/crm#1117
• Added pager and search by email to abusive users listing. remp/crm#1011
• Moved abusive users listing to it's own presenter for cleaner code. remp/crm#1011

0.10.0

• Added scenario filter for user source. remp/crm#955
• When currently logged in user is updated, his/her identity in session cache is updated as well.