Releases: curveball/a12n-server
Releases · curveball/a12n-server
v0.28.2
- Add a new privilege for managing user identities. Before this change it was required to have the 'admin' privilege to do this.
- Verify response endpoint is now exposed as a form on the identity resource.
- It's now possible to mark an identity as an MFA identity when verifying using the 'enableMfa' property.
v0.28.1
v0.28.0
- #563: Users can now enter a code sent to them by email as a one-time-password. This feature has been added to the authorizion_challege / first party auth API but is not yet exposed to the admin interface.
- Refactored and centralized abstract cache system, supporting redis/valkey and memory stores.
- Email identities can now be verified in the admin UI and via the API.
- Allow authorization_challenge to be preselected in 'new client'
- Add button in admin UI to enable/disable MFA for a specific email identity.
- Dropped support for Node 16, which is EOL.
v0.27.6
v0.27.5
v0.27.4
v0.27.3
v0.27.2
v0.27.1
v0.27.0
authorization_challengenow supports a TOTP challenge step!- Refactored logging system. Less ugly now with fewer enums!
authorization_challengeclients can now specifyremote_addranduser_agent, so the server can keep accurate logs of the users' browser that's trying to authenticate.- Return the correct 'ttl' value for a verification-token.
- Instead of 1 generic error with a few parameters, the server now emits invididual error codes for each kind of error that may be emitted from the authorization_challenge endpoint. This is change is based on examples in more recent drafts and should simplify the process for clients a bit. This is a BC break for
authorization_challenge. - Renamed
login_failedevent topassword-check-failed. - Added events:
password-check-succes,totp-success,login-challenge-started,login-challenge-success