Skip to content

Latest commit

 

History

History
575 lines (306 loc) · 25.1 KB

CHANGELOG.md

File metadata and controls

575 lines (306 loc) · 25.1 KB

Release Notes

Unreleased

v1.25.1 - 2024-11-27

v1.25.0 - 2024-11-21

  • Add Remember Me Functionality to Registered User Login by @cvairlis in #579

v1.24.5 - 2024-11-12

v1.24.4 - 2024-10-29

v1.24.3 - 2024-10-18

  • Update logo to support dark/light theme by @milewski in #569
  • Fix unnamed routes when views are disabled (with original code formatting) by @cima-alfa in #571

v1.24.2 - 2024-09-16

  • Adding context length configuration for 2FA to ensure better security standards by @MattLoyeD in #568

v1.24.1 - 2024-09-03

  • [1.x] Add X-Retry-After to /user/confirm-password/status response by @crynobone in #565

v1.24.0 - 2024-08-20

v1.23.0 - 2024-08-02

  • Fire ValidTwoFactorAuthenticationCodeProvided Event when 2FA session is authenticated by @stefanzweifel in #559

v1.22.0 - 2024-07-22

  • [1.x] Rehash password if required when user uses two factor by @gdebrauwer in #557
  • [1.x] Add TwoFactorAuthenticationFailed event by @antergos98 in #558

v1.21.5 - 2024-07-04

  • [1.x] Allow redirect()->intended() responses to be resolved via the Container by @crynobone in #551

v1.21.4 - 2024-06-27

  • [1.x] Use available $name property from SessionGuard if the value exists by @crynobone in #553

v1.21.3 - 2024-05-08

v1.21.2 - 2024-04-25

v1.21.1 - 2024-03-19

v1.21.0 - 2024-03-08

v1.20.1 - 2024-02-08

v1.20.0 - 2024-01-15

v1.19.1 - 2023-12-11

v1.19.0 - 2023-11-27

v1.18.1 - 2023-10-18

  • Fix paths in default config using nested arrays by @sebj54 in #501

v1.18.0 - 2023-09-12

v1.17.6 - 2023-09-04

  • Update logout to invalidate and regenerate session only if session is present (Issue #486) by @karmendra in #487

v1.17.5 - 2023-08-02

v1.17.4 - 2023-06-18

  • Port security fixes to default login rate limiter by @staudenmeir in #473

v1.17.3 - 2023-06-02

  • Fix contract implementation by @jessarcher in #472

v1.17.2 - 2023-04-26

  • Revert "Add rate limiter for a registration" by @taylorotwell in #465

v1.17.1 - 2023-04-19

  • Add rate limiter for a registration by @trbsi in #460

v1.17.0 - 2023-04-17

  • Add ability to override routes with custom paths by @stephenglass in #458

v1.16.0 - 2023-01-06

Added

  • Laravel v10 Support by @driesvints in #435

v1.15.0 - 2023-01-03

Changed

  • Update PrepareAuthenticatedSession.php by @francoism90 in #434
  • Uses PHP Native Type Declarations 🐘 by @nunomaduro in #421

Fixed

  • Fix error while preparing PasswordResetResponse with views turned off by @leonkllr0 in #433

v1.14.1 - 2022-12-09

Changed

v1.14.0 - 2022-11-23

Added

  • Add more Response contract bindings by @bdsumon4u in #425

v1.13.7 - 2022-11-04

Changed

  • Update parameter order for hash_equals function in TwoFactorLoginRequest by @jayan-blutui in #422

Fixed

  • Use boolean rather than filled for remember by @Codeatron5000 in #423

v1.13.6 - 2022-11-01

Fixed

  • Fix error message when entering invalid 2fa code by @emargareten in #415
  • Use Fortify username method on ConfirmPassword action by @jayan-blutui in #420

v1.13.5 - 2022-10-21

Changed

  • Add and use constants for session flashes by @dwightwatson in #409
  • Use current_password rule when changing password by @dwightwatson in #410
  • Parameters order with hash_equals by @chivincent in #411

v1.13.4 - 2022-09-30

Fixed

v1.13.3 - 2022-08-16

Changed

  • Return recovery errors under the recovery_code key by @jessarcher in #401

v1.13.2 - 2022-08-09

Fixed

  • Fix second usage of 2FA code by @xwillq in #399

v1.13.1 - 2022-07-05

Fixed

  • Call FailedTwoFactorLoginResponse::toResponse with TwoFactorLoginRequest by @ricklambrechts in #395

v1.13.0 - 2022-05-05

Added

  • Added config option for custom OTP window by @robtesch in #385

v1.12.0 - 2022-03-29

Changed

Fixed

  • Fix double error message for failed 2FA response by @driesvints in #369

v1.11.2 - 2022-03-08

Fixed

  • Ensures route password.confirm is defined when not using views by @Frozire in #368

Security

  • Cache 2FA token timestamp by @driesvints in #366

v1.11.1 - 2022-02-24

Fixed

  • Fix Exception when sending empty 2FA confirmation code by @srdante in #361
  • Unsupported operand types on rollback migration by @Jackpump in #362

v1.11.0 - 2022-02-22

Changed

  • Include the otpauth url when retrieving the QR svg by @JanMisker in #356
  • Confirmable 2FA by @taylorotwell in #358

Fixed

  • Fix incorrect key for error bag by @vaibhavpandeyvpz in #360

v1.10.2 - 2022-02-08

Changed

  • Prevent new login after 2FA challenge (#353)

Security

  • Fix throttle bypass exploit (#354)

v1.10.1 - 2022-02-01

Changed

  • Fix VerifyEmailResponse resolving (#349)

v1.10.0 (2022-01-25)

Added

  • Add VerifyEmailResponse contract (#347)

Changed

  • Switch to anonymous migrations (#348)

v1.9.0 (2022-01-12)

Changed

  • Add 2fa Events (#338)
  • Laravel 9 support (#340)

v1.8.6 (2021-12-22)

Changed

  • Customise the auth middleware name (#335)

Fixed

  • Check if authenticated user has 2FA enabled (#334)

v1.8.5 (2021-12-07)

Fixed

  • Fix an issue with array to string conversion (#333)

v1.8.4 (2021-11-23)

Changed

  • Use boolean rather than filled for remember (#328)

v1.8.3 (2021-11-02)

Changed

  • Add a check for two factor auth being enabled (#323)

v1.8.2 (2021-09-07)

Changed

  • Allow verification rate limiter to be configurable (#313)

v1.8.1 (2021-08-24)

Changed

  • Allow reset password redirect (#307)

v1.8.0 (2021-08-10)

Added

  • Redirection customization (#298)
  • Add ReplacedRecoveryCode event (#301)

Fixed

  • Fix auth guard (#296)

v1.7.14 (2021-06-29)

Changed

v1.7.13 (2021-05-25)

Changed

  • Cleanup code (#261)
  • Returns JSON response (#267)
  • Naming 2FA routes (#269)

v1.7.12 (2021-04-27)

Changed

  • Restrict guest Middleware to Fortify's guard (#258)

v1.7.11 (2021-04-20)

Fixed

  • Remove password confirmation requirement for reset password (#254)

v1.7.10 (2021-04-13)

Fixed

  • Better way of validating credentials (#248)
  • Use configured username property for qr code url (#249)

v1.7.9 (2021-03-30)

Fixed

  • Require password and confirmation (#245)

v1.7.8 (2021-03-09)

Fixed

v1.7.7 (2021-02-23)

Fixed

  • Redirect to intended URL after registration (#222)

v1.7.6 (2021-02-16)

Fixed

  • Fix password rule (#211)
  • Adds a missing scenario for the password rule (#213)

v1.7.5 (2021-01-19)

Fixed

  • Move route outside $enableViews (#203)

v1.7.4 (2021-01-07)

Fixed

  • Fix missing current password (#194)

Security

  • Revert "Retrieve user through provider" (#195)

v1.7.3 (2021-01-05)

Changed

  • Retrieve user through provider (#189)

Fixed

  • Tweak how rate limiting is implemented (8609af2)
  • Fix Two Factor prepare auth session (#181)

v1.7.2 (2020-11-24)

Fixed

  • Fix route prefix (#152)
  • Fire Failed events (#154)

v1.7.1 (2020-11-13)

Changed

  • Add the prefix and domain configuration options (#143)
  • Change how feature options are stored to work with config caching (b2430958)

Fixed

  • Fix 2FA disabled routes via views config (#142)

v1.7.0 (2020-11-03)

Added

v1.6.2 (2020-10-20)

Changed

  • Redirect to intended URL after email verification (#119)
  • Only use two factor action when enabled (#127)

v1.6.1 (2020-10-05)

Added

  • Add FailedTwoFactorLoginResponse contract (#106)

Changed

  • Redirect to intended after two factor login (#105)
  • Allow Fortify views to accept Responsable objects (#107)
  • Use the Rule::unique for new user validation (#108)

v1.6.0 (2020-09-29)

Added

  • Add attempts method to rate limiter (#85)
  • Add name to Profile update and Password update routes (#89)

Fixed

  • Fix for empty password during confirmation (#87)

v1.5.0 (2020-09-22)

Added

  • Add option to force the password to have a special character (#65)

Fixed

  • Allow 'confirmPasswordView' to use view prefixes (#71)
  • Send JSON response if request is an AJAX request (#75)

v1.4.3 (2020-09-20)

Fixed

  • Fix flawed logic in the UpdateUserProfileInformation action (#68, fea6473, 91518af)

v1.4.2 (2020-09-20)

Changed

Fixed

  • Fix test bug when use sqlite database (#69)

v1.4.1 (2020-09-18)

Added

  • Allow the expected email address request variable to be changed (#28)
  • Update configuration stub with middleware option (#55)

Changed

  • Make routes more dynamic (#41)
  • Add illuminate/support dependency (#46)
  • Resend email verification after user update (#52, 951d943)

Fixed

  • Only register two-factor-challenge routes if TFA feature enabled (#44)
  • Added missing request to the throwFailedAuthenticationException method (#61)

v1.4.0 (2020-09-14)

Added

Changed

  • Switch the TwoFactorLoginResponse for a contract bound in container (#34)
  • Enable password confirmation (9e9d154)

v1.3.1 (2020-09-11)

Changed

  • Extract ConfirmPassword action (a9e68f2)

Fixed

  • Update what is passed to custom callback (9215e54)

v1.3.0 (2020-09-11)

Added

v1.2.1 (2020-09-10)

Fixed

  • Pass request through to the callback (#21)

v1.2.0 (2020-09-10)

Added

  • Allow granular authentication customization (cd8b6aa)

v1.1.0 (2020-09-10)

Added

  • Allow full customization of authentication pipeline (6c36b08)

v1.0.1 (2020-09-08)

Changed

  • Use PasswordValidationRules trait in CreateNewUser action (#18)
  • Callable customization of any view (661d726)

v1.0.0 (2020-09-08)

Initial stable release.