Releases: cakephp/authentication
Releases · cakephp/authentication
CakePHP Authentication 3.0.3
What's Changed
- 3.x: change composer.json to cake5 stable version by @LordSimal in #632
- Bump actions/checkout from 3 to 4 by @dependabot in #634
- Update constants by @ADmad in #635
- adjust 3.x docs config by @LordSimal in #637
- adjust 3.x dockerfiles by @LordSimal in #638
- 3.x: adjust docs by @LordSimal in #639
- add docs on how to test basic/digest auth by @LordSimal in #640
- Fix Inline Code Formatting by @amayer5125 in #642
- Allow psr/http-message ^1.0 next to ^2.0 by @swiffer in #644
- Run composer normalize over composer.json by @dereuromark in #649
Full Changelog: 3.0.2...3.0.3
Contributors
dereuromark, ADmad, and 4 other contributors
Assets 2
CakePHP Authentication 2.10.2
What's Changed
- Fix tests and improve CI by @LordSimal in #611
- Adjust CI for PHP 8.2 by @LordSimal in #620 #621
- add array to @return tag to support composite primary keys by @voronoy in #625
- allow manually dispatching ci workflow by @LordSimal in #628
- Fix deprecations by @markstory in #641
New Contributors
Full Changelog: 2.10.1...2.10.2
Contributors
markstory, voronoy, and 2 other contributors
Assets 2
CakePHP Authentication 3.0.2
- Update to stable dependencies.
Full Changelog: 3.0.0...3.0.2
CakePHP Authentication 3.0.0
First version compatible with CakePHP 5.0
What's Changed
- Add native type declarations by @othercorey in #549
- Remove unnecessary exception on ObjectRegistry return type by @othercorey in #550
- fix Uri class usage by @LordSimal in #598
- add array to @return tag to support composite primary keys by @voronoy in #625
- Move identifier constants into respective classes. by @ADmad in #629
New Contributors
Full Changelog: 2.10.1...3.0.0
Contributors
skie, ADmad, and 4 other contributors
Assets 2
CakePHP Authentication 2.10.1
What's Changed
- Added link to Users table structure by @yosus in #601
- Add missing links to sidebar and further reading by @cleptric in #603
- Fix impersonation version info in docs by @LordSimal in #604
- Bump actions/stale from 6 to 7 by @dependabot in #599
- Update index.rst by @luizcmarin in #605
- Add example on how to mimic Auth->deny by @LordSimal in #607
- Store only the original data in the impersonation session by @markstory in #608
New Contributors
- @yosus made their first contribution in #601
- @luizcmarin made their first contribution in #605
Full Changelog: 2.10.0...2.10.1
Contributors
markstory, yosus, and 4 other contributors
Assets 2
CakePHP Authentication 2.10.0
Updated Dependencies
- The 2.10.0 release requires a minimum of CakePHP 4.4.0 and PHP 7.4.0
- The optional dependency on firebase/jwt has changed from ^5.5 to ^6.2
New Features
- Implement Impersonation by @ajibarra in #532
- Add
AuthenticationComponentidentityCheckEventoption by @Erwane in #555 - Token Identifier: Add Option to Hash Token Before Resolving by @amayer5125 in #559
- Adds tls option to LDAP identifier by @eardkdw in #510
- Added EnvironmentAuthenticator to allow integration with Shiboleth authentication by @MolbioUnige in #565
Bug fixes
- Bump to php-jwt 6.2 and remove temporary/deprecated code by @swiffer in #507
- User friendly exception when auth middleware is not loaded by @cnizzardini in #513
- Fix
nullvalue causing a type error in the password identifier. by @ndm2 in #542 - Fix deprecations in tests by @markstory in #544
- Fix return type for offsetSet() by @othercorey in #547
- Fix invalid default value for $config parameter by @othercorey in #546
- Fix return type annotation for Identity::__isset() by @othercorey in #548
Documentation and tooling changes
- Fixed syntax errors in documentation @cnizzardini in #511
- Add more context to testing docs. by @markstory in #515
- Updated documentation tooling by @ndm2 in #516, #519
- Update french doc translation by @zachee54 in #523
- Update to PHPStan 1.5 and Psalm to 4.22 by @LordSimal in #522
- よりわかりやすく by @yuki-yasumura in #524
- Add note on Authentication.Password Identifier resolvers default finder by @cnizzardini in #525
- firebase/php-jwt compatibility note by @cnizzardini in #531
- Replaced Legacy AuthComponent Update password-hashers.rst by @markusramsak in #534
- update phpstan and psalm by @LordSimal in #537
- Fix typo by @PhantomWatson in #540
- Refactor example code by @PhantomWatson in #539
- [doc][fr] Translate d2db317 by @zachee54 in #541
- Remove redundant logic from login action example by @nishimura-d in #543
- Add docs for account impersonation. by @markstory in #551
- Update the middleware example by @B3none in #552
- Note about IDE comp improvement by @dereuromark in #561
- update docs links by @Arhell in #568
- Use newer ubuntu for tests. by @markstory in #578
New Contributors
- @cnizzardini made their first contribution in #511
- @yuki-yasumura made their first contribution in #524
- @dependabot made their first contribution in #526
- @markusramsak made their first contribution in #534
- @nishimura-d made their first contribution in #543
- @ajibarra made their first contribution in #532
- @B3none made their first contribution in #552
- @amayer5125 made their first contribution in #559
- @eardkdw made their first contribution in #510
- @MolbioUnige made their first contribution in #565
Full Changelog: 2.9.0...2.10.0
Contributors
markstory, dereuromark, and 18 other contributors
Assets 2
CakePHP Authentication 2.9.0
Contributors
swiffer
Assets 2
CakePHP Authentication 2.8.0
What's Changed
- Allow skipping the challenge exception generation for Http Basic/Digest Auth. by @ADmad in #498
- Fixed translation errors in documents. by @karintou8710 in #503
- Added the default option to add the application salt to the cookie by @RobertoRoos in #467
⚠️ Important Upgrade Information for Cookie Authenticator Users
This release changes the default stored token for Cookie Authenticator. The token is now comprised of hash(username + password-hash + hmac(username + password, salt)). This helps prevent forged tokens from being created in case an application database is compromised. This change will invalidate all existing cookie tokens. If you do not desire that, be sure to set salt => false in your configuration for CookieAuthenticator
New Contributors
- @karintou8710 made their first contribution in #503
- @RobertoRoos made their first contribution in #467
Full Changelog: 2.7.0...2.8.0
Contributors
ADmad, RobertoRoos, and karintou8710
Assets 2
CakePHP Authentication 2.7.0
What's Changed
- Bump firebase/php-jwt to v5.5, and deprecate
algorithmsin favour of only using a single algorithm in JwtAuthenticator. by @markstory, @ADmad, @pabloelcolombiano in #500
Full Changelog: 2.6.2...2.7.0
Contributors
markstory, ADmad, and pabloelcolombiano
Assets 2
CakePHP Authentication 2.6.2
What's Changed
- Improve Documentation including translations to Spanish and French @zachee54, @davidyell, @opeadeyomoye, @enviniom, @Arhell, @LordSimal, @ADmad, @ndm2, @ravage84 in #452, #455, #456, #457, #461, #463, #466, #469, #474, #475, #477, #480, #478, #487, #490
- Improve CI tooling @othercorey, @CriztianiX in #483, #460, #489, #491
- Add php 8.1 to matrix by @othercorey in #484, #482, #492, #496
- Fix cakephp 4.3 deprecations by @othercorey in #486
Security Improvements
New Contributors
- @zachee54 made their first contribution in #452
- @opeadeyomoye made their first contribution in #463
- @enviniom made their first contribution in #469
- @albertcansado made their first contribution in #472
- @Arhell made their first contribution in #477
- @LordSimal made their first contribution in #478
- @CriztianiX made their first contribution in #482
Full Changelog: 2.6.1...2.6.2
Contributors
davidyell, ADmad, and 10 other contributors