Skip to content

Releases: volatiletech/authboss

v3.5.0

30 Dec 20:13
0ab40e4
Compare
Choose a tag to compare
  • Added localizer
  • Upgraded dependencies

See CHANGELOG.md for detailed changes.

v3.4.0

19 Nov 18:22
Compare
Choose a tag to compare

See CHANGELOG.md for details.

v3.2.2

13 Mar 03:45
Compare
Choose a tag to compare
  • Upgraded dependencies
  • Upgraded min Go version

See CHANGELOG.md for detailed changes.

v3.2.1

10 Oct 17:02
Compare
Choose a tag to compare
  • Fix security issue in recover + 2fa scenarios.

See CHANGELOG.md for detailed changes.

v3.2.0

12 Aug 03:35
Compare
Choose a tag to compare
  • Add events for 2fa add/remove

See CHANGELOG.md for detailed changes.

v3.1.1

02 Jul 05:12
Compare
Choose a tag to compare

Fix a broken test. No need to upgrade.

v3.1.0

02 Jul 05:06
Compare
Choose a tag to compare
  • Increase security around totp 2fa package. See changelog for details.
  • Remove some needless flash messages

See CHANGELOG.md for detailed changes.

v3.0.5

18 May 07:19
Compare
Choose a tag to compare

Fix open redirect issue.

See CHANGELOG.md for detailed changes.

v3.0.4

27 Apr 22:54
Compare
Choose a tag to compare

Add cache-control header to totp qr codes.

See CHANGELOG.md for detailed changes.

v3.0.3

15 Feb 06:42
Compare
Choose a tag to compare

Fix that EventRecoverStart/End were not being called and so it was difficult to hook recover password flows.

Also note that remember was relying on this to delete remember cookies & all database remember tokens for a user, this previously was not happening and now it is and is sort of a behavior change. Upgrade carefully!

See CHANGELOG.md for detailed changes.