Skip to content

Releases: cakephp/authentication

CakePHP Authentication 1.2.0

21 Sep 15:26
@markstory markstory
1.2.0
4884c2b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.2.0

Deprecations

  • Setting the unauthenticatedRedirect, queryParam and identityAttribute options on AuthenticationMiddleware is deprecated. These options should now be set on the service.

New Features

  • The unauthenticatedRedirect, and queryParam options can now be configured on the AuthenticationService. This makes it easier to use Router to generate the redirect URL.

Other Changes

To fix a potential session fixation problem in the SessionAuthenticator without impacting SecurityComponent identity information is now persisted to the session after the controller action is complete. If your application accesses the currently logged in identity through the session directly you will get information from the previous request. You should consider updating your code to use $request->getAttribute('identity') instead.

Assets 2
Loading

CakePHP Authentication 1.1.5

21 Sep 00:28
@markstory markstory
1.1.5
d39e50f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.5

Fixes

  • The session id rotation changes added in 1.1.3 have been reverted. They broke compatibility with SecurityComponent in a way that could not be fixed without other changes.
  • This release is susceptible to session fixation attacks due to the removed session id regeneration. Upgrade to 1.2.0 to resolve this.
Assets 2
Loading

CakePHP Authentication 1.1.4

09 Sep 14:13
@markstory markstory
1.1.4
72c26cf
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.4

Fixes

  • Fixed session being rotated on each request. Now the session is only rotated when the session storage moves from empty to not empty.
Assets 2
Loading

CakePHP Authentication 1.1.3

06 Sep 13:57
@markstory markstory
1.1.3
d7659d5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.3

Fixes

  • Removed protocol and host from redirect query string parameter.
  • Improved documentation on migrating from AuthComponent.
  • Improved doc strings.
  • SessionAuthenticator now rotates the session ID when persisting or clearing an identity.

Other

  • Updated dependency on firebase/php-jwt
Assets 2
Loading

CakePHP Authentication 1.1.2

17 Mar 01:58
@markstory markstory
1.1.2
eaae8b0
Compare
Choose a tag to compare
CakePHP Authentication 1.1.2
  • Fixed redirect URL generation when the target URL contains a fragment.
Assets 2
Loading

CakePHP Authentication 1.1.1

12 Mar 00:17
@markstory markstory
1.1.1
524dc70
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.1
  • Fixed base directory handling for CakePHP applications inside a subdirectory.
Assets 2
Loading

CakePHP Authentication 1.1.0

25 Jan 03:32
@markstory markstory
1.1.0
525f0e0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.0
  • Fixed deprecation warnings related to CakePHP 3.7
  • Started using new methods offered by CakePHP 3.7+
Assets 2
Loading

1.0.1

17 Nov 06:49
@ADmad ADmad
1.0.1
This tag was signed with the committer’s verified signature.
markstory Mark Story
GPG key ID: 3C070F5E55B3AEA0
Learn about vigilant mode.
17db134
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0.1
  • Fixed status code on AuthenticationException.
Assets 2
Loading

1.0.0

17 Nov 06:49
@ADmad ADmad
1.0.0
This tag was signed with the committer’s verified signature.
markstory Mark Story
GPG key ID: 3C070F5E55B3AEA0
Learn about vigilant mode.
8760443
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0.0
  • Authentication 1.0.0
Assets 2
Loading

Authentication 1.0.0-rc9

12 Sep 10:38
@robertpustulka robertpustulka
1.0.0-rc9
8760443
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Authentication 1.0.0-rc9 Pre-release
Pre-release

Changes

  • Unauthenticated requests are redirected with 302 response code.

New Features

  • AuthenticationComponent::getAuthenticationService() has been added.
Assets 2
Loading