fortify

Fixed

• Fix missing current password (#194)

Security

• Revert "Retrieve user through provider" (#195)

Changed

• Retrieve user through provider (#189)

Fixed

• Tweak how rate limiting is implemented (8609af2)
• Fix Two Factor prepare auth session (#181)

Fixed

• Fix route prefix (#152)
• Fire Failed events (#154)

Changed

• Add the prefix and domain configuration options (#143)
• Change how feature options are stored to work with config caching (b2430958)

Fixed

• Fix 2FA disabled routes via views config (#142)

Added

• PHP 8 Support (#130)
• Add views config option (#133, ff155d0)

Changed

• Redirect to intended URL after email verification (#119)
• Only use two factor action when enabled (#127)

Added

• Add FailedTwoFactorLoginResponse contract (#106)

Changed

• Redirect to intended after two factor login (#105)
• Allow Fortify views to accept Responsable objects (#107)
• Use the Rule::unique for new user validation (#108)

Added

• Add attempts method to rate limiter (#85)
• Add name to Profile update and Password update routes (#89)

Fixed

• Fix for empty password during confirmation (#87)

Added

• Add option to force the password to have a special character (#65)

Fixed

• Allow 'confirmPasswordView' to use view prefixes (#71)
• Send JSON response if request is an AJAX request (#75)

Fixed

• Fix flawed logic in the UpdateUserProfileInformation action (#68, fea6473, 91518af)

Changed

• Remove unnecessary bag (85a7dfb)

Fixed

• Fix test bug when use sqlite database (#69)

Added

• Allow the expected email address request variable to be changed (#28)
• Update configuration stub with middleware option (#55)

Changed

• Make routes more dynamic (#41)
• Add illuminate/support dependency (#46)
• Resend email verification after user update (#52, 951d943)

Fixed

• Only register two-factor-challenge routes if TFA feature enabled (#44)
• Added missing request to the throwFailedAuthenticationException method (#61)

Added

• Confirmed password status controller (fe5821f)
• Configurable password timeout (f0a6477, 2b4fa36)

Changed

• Switch the TwoFactorLoginResponse for a contract bound in container (#34)
• Enable password confirmation (9e9d154)

Changed

• Extract ConfirmPassword action (a9e68f2)

Fixed

• Update what is passed to custom callback (9215e54)

Added

• Google2fa v8 support (#25)
• Add support for password confirmation (#6, 3ed5e87, 865ed4f, c58a2fb)

Fixed

• Pass request through to the callback (#21)

Added

• Allow granular authentication customization (cd8b6aa)

Added

• Allow full customization of authentication pipeline (6c36b08)

Changed

• Use PasswordValidationRules trait in CreateNewUser action (#18)
• Callable customization of any view (661d726)

Initial stable release.