Skip to content

Latest commit

 

History

History
320 lines (185 loc) · 12 KB

CHANGELOG.md

File metadata and controls

320 lines (185 loc) · 12 KB

Change Log

All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.

Added

  • Add Rails 6 support for Mongoid Adapter - @unused

1.16.0 - 2019-08-20

Added

  • Add Rails 6 support - @MatthiasRMS

Fixed

  • Removed the Gemfile.lock - mostly to acknowledge that it was used only in development and is not really needed.

1.15.1 - 2017-01-26

Fixed

  • Work around jbuilder issues caused by the Rails API adapter - @IvRRimum with help from @Pepan

1.15.0 - 2017-01-14

Added

  • Support for hooks, specifically after_successful_token_authentication for now
  • A Contributor Code of Conduct to ensure everyone feels safe contributing

1.14.0 - 2016-07-09

Added

  • Rails 5 support - with help from @chrisvel, @fighterii and @jblac

Changed

  • Travis CI now only relies on Appraisal for dependency management

1.13.0 - 2016-04-20

Added

  • Support for Devise 4
  • This change log : )

Changed

  • The Travis CI build matrix to improve the regression testing coverage
  • The migration suggestion to make it safer - by @halilim

1.12.0 - 2016-01-06

Added

  • Rails Metal support, using the public adapter interface : ) - @singfoom

1.11.0 - 2015-12-14

Added

Changed

  • The license identifier format to match the SPDX guidelines

1.10.1 - 2015-11-10

Added

  • The NoAdapterAvailableError now provides details about its cause and hints to solve it.
  • A Testing section to the README - John Mosesman

Fixed

  • An unnecessary Ruby 2.0 requirement caused by an indirect dependency, let's keep backward compatibility as long as possible
  • A couple of typos - @eliotsykes and @jtperreault

1.10.0 - 2015-06-03

Added

  • The fallback option, and support for the fallback: :exception which mimics the Devise behaviour when authentication fails

Changed

  • The fallback_to_devise option to fallback: :devise and fallback: :none to get more flexibility and be able to support fallback: :exception. The older syntax is not officially deprecated, but using the fallback option is completely equivalent, and recommended.

1.9.1 - 2015-04-28

Fixed

  • The Mongoid adapter loading (which I did break when refactoring v1.9.0) - fixed with help from @krsyoung

1.9.0 - 2015-04-24

Added

  • More filters to scope acts_as_token_authentication_handler_for: :if and :unless, expected to be used with a Proc.
  • Alias names for token authenticatable classes can now be defined (in the token authentication handlers declarations): e.g. acts_as_token_authentication_handler_for Vehicle::User, as: pilot

Fixed

  • Errors defining namespaced classes as token authenticatable, by allowing aliases to be defined for them - with help from @joshblour, @jessesandford, @ivan-kolmychek and @bbuchalter

1.8.0 - 2015-02-21

Added

  • Custom identifiers option, using other fileds than :email to identify records is now possible. When this option is in use, the default header names are updated acordingly. - @nicolo
  • The skip_devise_trackable option - @nMustaki

Fixed

  • A typo - @joelparkerhenderson

1.7.0 - 2014-11-27

Added

  • Rails API support, controllers which inherit from ActionController::API can now be token Authentication handlers! - with help from @DeepAnchor
  • Integration with Devise case-insensitive keys, keys configured to be case insensitive in Devise are now automatically case insensitive in Simple Token Authentication as well - @munkius
  • Some important inline documentation

1.6.0 - 2014-10-24

Added

  • Mongoid support, using the adapter interface : )

1.5.2 - 2014-10-21

Added

  • Public specification of the adapter interface
  • Documentation about the new specs and how to contribute

Fixed

  • The option header_names can now also be used to set a single custom header, either for the identifier (e.g. user_email) or the token (e.g. user_token). Previously, setting both at once was required.
  • Memoization implementation error in several class methods. The bug didn't modify the public behaviour of the gem, but did create bunches of instances of EntityManager and FallbackAuthenticationHandler without necessity.

Removed

  • The Cucumber features, in favor of faster and more flexible RSpec specs

Changed

  • The internal syntax for the fallabck_to_devise option is now fallback: :devise and fallback: :none for added flexibility. The change is transparent for end users, and will only be made official if new fallback mechanisms are introduced.
  • Refactored heavily the code base to allow the introduction of the RSpec test suite, contributing should now be a lot easier
  • Optional dependencies (e.g. ActiveRecord, ActionController) are now encapsulated into independent adapters

1.5.1 - 2014-09-18

Added

  • Support for Devise 3.3 - @prabode

1.5.0 - 2014-05-31

Added

  • Support for multiple Devise scopes per token authentication handler, a single controller can now independently handle token authentication for User and AdminUser for example - @donbobka

1.4.0 - 2014-05-24

Added

  • Filters to scope acts_as_token_authentication_handler_for: :only and :except, so token authentication handling can be restricted to a set of controller actions - @donbobka

Changed

  • The authentication token condition of existence for improved readability - @lenart

1.3.0 - 2014-05-17

Added

  • The fallback_to_devise option allows to disable the default fallback to Devise authentication when token authentication fails - @donbobka

Security

  • Add documentation: the fallback to Devise MUST be disabled when CSRF protection is disabled (often the case for API controllers)

1.2.1 - 2014-04-26

Fixed

  • The integration with Devise trackable, the sign in count is no longer increased when token authentication succeeds - @adamniedzielski
  • A typo - @nickveys

1.2.0 - 2014-02-24

Added

  • Configuration framework, allows Simple Token Authentication to be configured using an initializer - @krsyoung and @joel
  • The sign_in_token option allows to create persistent sessions when token authentiation succeeds (can be used to sign in users from a link in an e-mail, for example) - @krsyoung
  • The header_names option allows to define custom names for HTTP headers, e.g. X-User-Authentication-Token

1.1.1 - 2014-02-20

Fixed

  • The Travis CI build is now testing the correct release, I did make a mistake when releasing v1.1.0

1.1.0 - 2014-02-20

Added

  • Add support for multiple token authenticatable classes, any model known to Devise can now be made token authenticatable, not only User - @invernizzi

1.0.1 - 2014-01-26

Changed

  • Nothing, this is a replacement for v1.0.0 (because I messed up with Rubygems)

1.0.0 - 2014-01-26 [YANKED]

Added

  • A test suite, using Cucumber : )

1.0.0.pre.5 - 2014-01-09

Fixed

  • Authentication was required as soon as the gem was loaded - reported by @pdobb and @AhmedAttyah

Changed

  • Use the Bundler-friendly format for version numbers instead of follwing strictly the Semantic Versionning specification

1.0.0-beta.4 - 2013-12-26

Fixed

  • The user record is now fetched using find_by_email when find_by is not present (Rails 3.2) - with help from @AhmedAttyah

1.0.0-beta.3 - 2013-12-17

Fixed

  • Redundant dependencies: Simple Token Authentication only depends on ActionMailer and ActiveRecord, not Rails

1.0.0-beta.2 - 2013-12-16

Added

  • Explicit dependency on Devise

1.0.0-beta - 2013-12-16

Added

  • Documentation

Previously

This gist did refactor the Jose Valim's code into an ActiveSupport::Concern.

Inspiration

Thanks to @nTraum for pointing me at http://keepachangelog.com and to @olivierlacan for writing it in the first place!