Releases: curveball/a12n-server
Releases · curveball/a12n-server
v0.14.0
- Now requires Node 14, due to the use of
fs/promises. - The 'logout' feature will now expire any OAuth2 codes and tokens if they
were initiated by the current browser session. - The 'logout' endpoint now has support for a
continuequery parameter, to
let the user get redirected back to a new endpoint after logout. - Now using an 'ip to country' database to figure out where users are logging
in from, to aid with intrusion detection features if these ever land. - A new system that will warn the user and prevent starting if some of the
database patches have not been applied. - New database patches! Apply them before starting the new version.
v0.13.6
v0.13.5
v0.13.4
dotenvis used for setting environment variables in development
environments.- Added an API and simple interface for seeing OAuth2 clients and adding new
ones. - Fixed a bug related to the OAuth2
authorization_codeflow that prevented
completing the process if the user used an incorrect password the first time.
v0.13.3
v0.13.2
v0.13.1
- Docker build can now fully run without a pre-existing development
environment. - Public Docker Image: https://hub.docker.com/r/curveballjs/a12n-server
- WebauthN and TOTP MFA are now enabled by default.
- No longer using
unpkgfor browser dependencies. - Upgraded from
hal-browserto@curveball/browser. - Better error messaging in the OAuth2 flow when a
redirect_uriis
incorrect.
v0.13.0
- Support for WebauthN / Yubikeys (@mhum)
- Logging in is now a multi-step process, with 2FA (Webauthn/Yubikey/TOTP)
as the second step. (@mhum) - It's now possible to setup 2FA during registration. (@mhum)
/validate-bearerand/validate-totpendpoints have been removed.- Support for OAuth2 PKCE (@mhum)
- tslint -> eslint
- Typescript 4.
- Compatible with Typescript strict mode.