Releases: cakephp/authentication
Releases · cakephp/authentication
CakePHP Authentication 3.1.0
What's Changed
- Fix deprecations by @markstory in #641
- 2.next: add authentication service to DIC by default by @LordSimal in #647
- 3.x: update composer.json by @LordSimal in #651
- merge 2.x -> 2.next by @LordSimal in #654
- merge 2.next -> 3.x by @LordSimal in #655
- The CREDENTIAL_* consts are in AbstractIdentifier. Fix docs to match. by @umer936 in #656
- Remove PersistenceInterface inheritance from ImpersonationInterface by @segy in #650
- add docs for 2.x to 3.x upgrade by @LordSimal in #659
- 3.x: stan update by @LordSimal in #661
- 3.next: add ability to set custom container instance by @jamisonbryant in #665
- Fix test on PHP 8.4 by @ADmad in #669
- Add convenience method to get the identifier. by @ADmad in #670
New Contributors
- @umer936 made their first contribution in #656
- @segy made their first contribution in #650
- @jamisonbryant made their first contribution in #665
Full Changelog: 3.0.3...3.1.0
CakePHP Authentication 3.0.3
What's Changed
- 3.x: change composer.json to cake5 stable version by @LordSimal in #632
- Bump actions/checkout from 3 to 4 by @dependabot in #634
- Update constants by @ADmad in #635
- adjust 3.x docs config by @LordSimal in #637
- adjust 3.x dockerfiles by @LordSimal in #638
- 3.x: adjust docs by @LordSimal in #639
- add docs on how to test basic/digest auth by @LordSimal in #640
- Fix Inline Code Formatting by @amayer5125 in #642
- Allow psr/http-message ^1.0 next to ^2.0 by @swiffer in #644
- Run composer normalize over composer.json by @dereuromark in #649
Full Changelog: 3.0.2...3.0.3
CakePHP Authentication 2.10.2
What's Changed
- Fix tests and improve CI by @LordSimal in #611
- Adjust CI for PHP 8.2 by @LordSimal in #620 #621
- add array to @return tag to support composite primary keys by @voronoy in #625
- allow manually dispatching ci workflow by @LordSimal in #628
- Fix deprecations by @markstory in #641
New Contributors
Full Changelog: 2.10.1...2.10.2
CakePHP Authentication 3.0.2
- Update to stable dependencies.
Full Changelog: 3.0.0...3.0.2
CakePHP Authentication 3.0.0
First version compatible with CakePHP 5.0
What's Changed
- Add native type declarations by @othercorey in #549
- Remove unnecessary exception on ObjectRegistry return type by @othercorey in #550
- fix Uri class usage by @LordSimal in #598
- add array to @return tag to support composite primary keys by @voronoy in #625
- Move identifier constants into respective classes. by @ADmad in #629
New Contributors
Full Changelog: 2.10.1...3.0.0
CakePHP Authentication 2.10.1
What's Changed
- Added link to Users table structure by @yosus in #601
- Add missing links to sidebar and further reading by @cleptric in #603
- Fix impersonation version info in docs by @LordSimal in #604
- Bump actions/stale from 6 to 7 by @dependabot in #599
- Update index.rst by @luizcmarin in #605
- Add example on how to mimic Auth->deny by @LordSimal in #607
- Store only the original data in the impersonation session by @markstory in #608
New Contributors
- @yosus made their first contribution in #601
- @luizcmarin made their first contribution in #605
Full Changelog: 2.10.0...2.10.1
CakePHP Authentication 2.10.0
Updated Dependencies
- The 2.10.0 release requires a minimum of CakePHP 4.4.0 and PHP 7.4.0
- The optional dependency on firebase/jwt has changed from ^5.5 to ^6.2
New Features
- Implement Impersonation by @ajibarra in #532
- Add
AuthenticationComponent
identityCheckEvent
option by @Erwane in #555 - Token Identifier: Add Option to Hash Token Before Resolving by @amayer5125 in #559
- Adds tls option to LDAP identifier by @eardkdw in #510
- Added EnvironmentAuthenticator to allow integration with Shiboleth authentication by @MolbioUnige in #565
Bug fixes
- Bump to php-jwt 6.2 and remove temporary/deprecated code by @swiffer in #507
- User friendly exception when auth middleware is not loaded by @cnizzardini in #513
- Fix
null
value causing a type error in the password identifier. by @ndm2 in #542 - Fix deprecations in tests by @markstory in #544
- Fix return type for offsetSet() by @othercorey in #547
- Fix invalid default value for $config parameter by @othercorey in #546
- Fix return type annotation for Identity::__isset() by @othercorey in #548
Documentation and tooling changes
- Fixed syntax errors in documentation @cnizzardini in #511
- Add more context to testing docs. by @markstory in #515
- Updated documentation tooling by @ndm2 in #516, #519
- Update french doc translation by @zachee54 in #523
- Update to PHPStan 1.5 and Psalm to 4.22 by @LordSimal in #522
- よりわかりやすく by @yuki-yasumura in #524
- Add note on Authentication.Password Identifier resolvers default finder by @cnizzardini in #525
- firebase/php-jwt compatibility note by @cnizzardini in #531
- Replaced Legacy AuthComponent Update password-hashers.rst by @markusramsak in #534
- update phpstan and psalm by @LordSimal in #537
- Fix typo by @PhantomWatson in #540
- Refactor example code by @PhantomWatson in #539
- [doc][fr] Translate d2db317 by @zachee54 in #541
- Remove redundant logic from login action example by @nishimura-d in #543
- Add docs for account impersonation. by @markstory in #551
- Update the middleware example by @B3none in #552
- Note about IDE comp improvement by @dereuromark in #561
- update docs links by @Arhell in #568
- Use newer ubuntu for tests. by @markstory in #578
New Contributors
- @cnizzardini made their first contribution in #511
- @yuki-yasumura made their first contribution in #524
- @dependabot made their first contribution in #526
- @markusramsak made their first contribution in #534
- @nishimura-d made their first contribution in #543
- @ajibarra made their first contribution in #532
- @B3none made their first contribution in #552
- @amayer5125 made their first contribution in #559
- @eardkdw made their first contribution in #510
- @MolbioUnige made their first contribution in #565
Full Changelog: 2.9.0...2.10.0
CakePHP Authentication 2.9.0
CakePHP Authentication 2.8.0
What's Changed
- Allow skipping the challenge exception generation for Http Basic/Digest Auth. by @ADmad in #498
- Fixed translation errors in documents. by @karintou8710 in #503
- Added the default option to add the application salt to the cookie by @RobertoRoos in #467
⚠️ Important Upgrade Information for Cookie Authenticator Users
This release changes the default stored token for Cookie Authenticator. The token is now comprised of hash(username + password-hash + hmac(username + password, salt))
. This helps prevent forged tokens from being created in case an application database is compromised. This change will invalidate all existing cookie tokens. If you do not desire that, be sure to set salt => false
in your configuration for CookieAuthenticator
New Contributors
- @karintou8710 made their first contribution in #503
- @RobertoRoos made their first contribution in #467
Full Changelog: 2.7.0...2.8.0
CakePHP Authentication 2.7.0
What's Changed
- Bump firebase/php-jwt to v5.5, and deprecate
algorithms
in favour of only using a single algorithm in JwtAuthenticator. by @markstory, @ADmad, @pabloelcolombiano in #500
Full Changelog: 2.6.2...2.7.0