Bot releases are visible (Hide)
Published by cainlevy over 4 years ago
Content-Type: application/json
[#143]Published by cainlevy about 5 years ago
Published by cainlevy over 5 years ago
⚠️ This release includes a mandatory database migration! ⚠️
accounts.last_login_at
[#71] - @etrutaPATCH /account/:id
Published by cainlevy over 6 years ago
Two of the biggest feature requests are going live in this version!
This release improves deployment in hardened environments:
Both features require an ENV variable. My general plan is to maintain backwards compatibility during the 1.x release series using feature flags, then change defaults or consolidate configuration whenever releasing a 2.0.
Published by cainlevy almost 7 years ago
GET /accounts/:id
endpoint #30Published by cainlevy almost 7 years ago
Published by cainlevy almost 7 years ago
Published by cainlevy almost 7 years ago
Alright, I'm calling it! Here's the 1.0 release.
GET /accounts/available
Published by cainlevy almost 7 years ago
Published by cainlevy almost 7 years ago
GET /metrics
[#18]Published by cainlevy almost 7 years ago
Release candidate for v1.0!
I've tried to make any incompatible changes together, to minimize impact on production users. These need to happen before 1.0 though. There's no better time.
SECRET_KEY_BASE
is now stretched into a 128-bit key, to defeat brute guessing. This will invalidate existing password reset tokens, session tokens, and access tokens.scope
claim. This invalidates existing session tokens.Origin
instead of Referer
. This should be a sidegrade.Published by cainlevy about 7 years ago
PATCH /account
may be used to change usernames. This is helpful if usernames are emails and the host app receives a new email address that should be synchronized.POST /password
will now require a currentPassword
param for logged-in password changes. In order to accomplish a seamless upgrade, please update and deploy [email protected] first. This will begin sending currentPassword
, which can be safely ignored by [email protected].Published by cainlevy about 7 years ago
The AuthN Server written in Go now meets and exceeds the feature set of the Rails version. Update docker images from keratin/authn
to keratin/authn-server
to make the switch. Testing has been performed to verify that the Go and Ruby versions are wire- and data- compatible, given the same configuration. If that proves to not be true, it is a fixable bug and may be backported to this v0.7 release branch.