Revision history for Dancer2-Plugin-Auth-Extensible 0.711 Thu 29 Aug 10:28:00 BST 2024 [BUG FIXES] * Ensure uninit warnings not emitted 0.710 Sat 15 May 08:02:00 BST 2021 [BUG FIXES] * Add Test::Fatal to list of dependencies (thanks yldr) * Fix config for test (thanks Nick Tonkin) 0.709 Sun 19 Apr 17:44:00 BST 2020 [BUG FIXES] * Update tests to match RFC 7231 behavior of Dancer2 (thanks Ruth Holloway) 0.708 Fri 26 Apr 09:47:00 GMT 2019 [BUG FIXES] * Attempt to fix intermittent test failures (thanks Tom Hukins) * Better check for HTTP::BrowserDetect to prevent strange test failures 0.707 Mon 20 Dec 21:55:00 GMT 2018 [ENHANCEMENTS] * Add after_reset_code_success hook (thanks Nathan Bailey) 0.706 Mon 17 Dec 18:37:00 GMT 2018 [BUG FIXES] * Fix various problems with return_url functionality 0.705 Mon 16 Oct 11:54:34 CEST 2017 [BUG FIXES] * Correctly escape return URLs (Ben "whosgonna" Kaufman GH#79) [ENHANCEMENTS] * Add before_logout hook (Dominic Sonntag GH#70) [DOCS] * Add docs about making your own login pages (Jason Lewis GH#62) 0.704 Wed 12 Apr 15:04:46 CEST 2017 [BUG FIXES] * Fix password reset when user is object (Andy Beverley GH#73) * Fix custom login template (Tadeusz “tadzik” Sośnierz GH#72) [MISC] * Deduplicate code related to login page rendering (Tadeusz “tadzik” Sośnierz GH#71) 0.703 Tue 29 Nov 10:25:10 CET 2016 [BUG FIXES] * Bump dep on Dancer2 to 0.204000. Prior to that release after `forward` `params` were still available but were not cloned into `parameters`. This should fix GH #66. 0.702 Mon 28 Nov 12:34:53 CET 2016 [TESTS] * Chasing down GH#66 and (hopefully) cut down on unexpected warnings causing no-realms-configured test to fail. 0.701 Tue 22 Nov 10:32:27 CET 2016 [BUG FIXES] * Try to make File::ShareDir::Install more reliable (Peter Mottram). [TESTS] * Stop tests failing due to 'Name "YAML::XS::NonStrict" used only once' warning (Peter Mottram). * Remove debug log from output in no-reset-password-handle test (Peter Mottram). 0.700 Fri 18 Nov 13:13:36 CET 2016 [ENHANCEMENTS] * Add new "no-redirect" login handler (Peter Mottram). * Break out /login and /login/denied html into external files (Peter Mottram). [BUG FIXES] * Escape all params used as input to default login page to prevent potential injection attacks (Peter Mottram). * Bump dep on Test::Deep for noneof (Peter Mottram GH#65). [TESTS] * Lots more tests added resulting in much better coverage (Peter Mottram). 0.622 Wed 9 Nov 11:35:15 CET 2016 * Add back missing $VERSION to Provider::Example 0.621 Tue 8 Nov 16:44:51 CET 2016 [ENHANCEMENTS] * auth_provider now croaks if no realm is supplied (Peter Mottram). [BUG FIXES] * query_parameter should be query_parameters in get /login route (Peter Mottram). * user_password logic corrected (Peter Mottram). * realm_name should be realm_names in update_user (Peter Mottram). [TESTS] * Huge number of new tests added (Peter Mottram). * Add build dep on HTTP::Cookies (Peter Mottram). [MISC] * Remove old Provider::Example since Provider::Config is a much better example provider (Peter Mottram). * logged_in_user_lastlogin now stored in session as epoch (Peter Mottram). * Removed unused _try_realms method (Peter Mottram). 0.620 Thu 3 Nov 16:01:22 CET 2016 [ENHANCEMENTS] * User returned by providers can now be any kind of object. Previously the providers were required to return a hashref (Peter Mottram). * Most provider methods can now throw exceptions which will be caught by the plugin (Peter Mottram). * Added new hooks: after_authenticate_user, before_create_user and after_create_user (Peter Mottram). * If password is provided to create_user then set it immediately. [TESTS] * New tests for testing provider methods directly (Peter Mottram). * Major test overhaul to enable clearer testing (Peter Mottram). * Create extended version of Provider::Config for use in tests to allow most plugin features to be tested without relying on external providers. 0.614 Thu Oct 27 16:03:17 2016 CEST [ENHANCEMENTS] * Add priority attribute to force order in which realms are checked (Peter Mottram). * Upgrade default encryption algo to SHA-512 (Peter Mottram GH#57). * Implement disable_roles in plugin (Peter Mottram GH#38). [DOCUMENTATION] * Add missing optional methods to Role::Provider (Peter Mottram). [TESTS] * Convert tests to Plack::Test's OO style (Peter Mottram). [MISC] * Split out LDAP provider into its own distro (Peter Mottram). * Avoid a memory cycle (Peter Mottram). 0.613 Tue Oct 18 15:35:19 2016 CEST [DOCUMENTATION] * Update docs to reflect Provider::Database being an external module (Henk van Oers, GH #55). [TESTS] * Cope with get_user_details in providers returning an object rather than a hash reference (Peter Mottram). 0.612 Tue Oct 11 12:44:01 2016 CEST [ENHANCEMENTS] * Add before_authenticate_user hook (Peter Mottram). [DOCUMENTATION] * Add change_session_id to example POST login code (Andy Beverley). 0.611 Tue Aug 30 16:59:49 2016 CEST [ENHANCEMENTS] * Add 'after_login_success' hook (Peter Mottram). 0.610 Mon Aug 15 08:17:46 2016 CEST [ENHANCEMENTS] * Call Dancer2's change_session_id on successful login. This method has not yet been merged into Dancer2 core but we want to be ready for it (Peter Mottram). [BUG FIXES] * Incorrect call to user_password from app not plugin (Andrew Beverly, GH #53). * Avoid memory leaks in BUILD by passing weakened ref to plugin into add_route callbacks (Peter Mottram). * Call $app->session instead of $app->app->session in _post_login_route (Peter Mottram). [MISC] * Creation of temp lexical vars adds overhead so remove some where not needed (Peter Mottram). 0.601 Tue Jul 12 16:23:22 2016 CEST [BUG FIXES] * Don't localise $username in user_password when checking reset code. This caused user_password( code => '...') to always fail (Peter Mottram). * Use $plugin instead of $app to call password_reset_send method (Roman Studenikin, Peter Mottram, GH #50). * Rename generate-crypted-password (Henk van Oers, Peter Mottram, GH #30). [ENHANCEMENTS] * Use Carp::croak instead of die for better stack traces (Peter Mottram). * Added `use strict` for CPANTS Kwalitee score (Guillermo O. Freschi). * Added MIN_PERL_VERSION to Makefile.PL (Guillermo O. Freschi). * Simplify use of from_config and default in plugin attributes (Peter Mottram). * Use current plugin in route setup (Peter Mottram). 0.600 Tue May 31 15:38:56 2016 CEST [ENHANCEMENTS] * Major update for compatibility with plugin2 (Peter Mottram). For plugin2 details see: https://github.com/PerlDancer/Dancer2/pull/1010 Any old providers that have not been updated will die on using Provider::Base. * Add disable_roles attr to Provider roles. This allows this setting to be different for each realm. * Providers are now Moo classes. Provider::Base is no longer used and is replaced by Role::Provider Moo::Role. * Provider settings now handled as class attributes. * Use strict and warnings everywhere (except in Moo classes). [MISC] * Dancer2::Plugin::Auth::Extensible::Provider::Database moved into its own repository. * Switch from Types::Standard to Dancer2::Core::Types instead. * Switch all evals to Try::Tiny. * Update Moo dependency to v2. * Add security warning to Provider::Unix. [TESTS] * Make base tests compatible with Provider::Usergroup. * Split out DBIC provider role tests into new subtest. 0.502 Thu 11 Feb 16:06:29 CET 2016 [BUG FIXES] * Use getpwnam/getgrent in Unix provider instead of Unix::Passwd::File. In addition to the obvious benefit of removing a dependency this also solves a problem with Unix::Passwd::File where it likes to lock the passwd file but that will fail if the user does not have permissions which is normal for a web app (Peter Mottram). Thanks to Jason Lewis for the heads up about this issue. 0.501 Wed Jan 20 12:07:17 2016 CET [TESTS] * Always output log messages on get/post errors (Peter Mottram). 0.500 Tue Jan 19 15:08:37 2016 CET [TESTS] * Add infrastructure for provider tests and various other improvements for testing (Peter Mottram). 0.402 Tue Dec 8 14:44:19 2015 CET [BUG FIXES] * Adjust regexp for routes to be stricter in order to prevent incorrect matches causing redirect loops (Evan Brown, GH #32). 0.401 Wed Jun 10 19:23:30 2015 CEST [ENHANCEMENTS] * Allow custom random password generator to be specified (Andrew Beverly, GH #23). 0.400 Thu May 21 08:36:36 2015 CEST [ENHANCEMENTS] * Add logged_in_user_password_expired keyword (Andrew Beverly, GH #26). * Add functionality to record the last successful login (Andrew Beverly, GH #25). * Cache user details within each request (Andrew Beverly, GH #24). * Create and edit users, and manage user passwords (Andrew Beverly, GH #10). [DOCUMENTATION] * Add documentation on users method for the example provider (Stefan Hornburg). * Add documentation for methods of the base provider class (Stefan Hornburg). * Add documentation for auth_provider method (Stefan Hornburg). * Fix a few typos (Evan Brown, GH #20). [TESTS] * Add POD coverage test (Stefan Hornburg). 0.306 Thu Mar 26 18:41:53 2015 CET [BUG FIXES] * Fix crash on /login when already logged in (Gabor Szabo, Stefan Hornburg, GH #18). 0.305 Tue Mar 17 09:48:43 2015 CET [ENHANCEMENTS] * Include the dsl object in the provider constructor (Henk van Oers, GH #13). [BUG FIXES] * Fix no_default_pages and no_login_handler options (Andrew Beverly, GH #17). * Add missing "Permission Denied" route (Stefan Hornburg, GH #15). * Use Dancer2 in the example and test the example (Gabor Szabo, GH #16). * Remove Mock::Quick from prerequisites (Henk van Oers, GH #8). [DOCUMENTATION] * Include the name of the command line tool in the pod (Gabor Szabo, GH #11). 0.304 Fri Feb 20 09:12:18 2015 CET [ENHANCEMENTS] * Add support for DBI provider (Andrew Beverley, GH #7). * Add warning if no realms are configured (Andrew Beverley, GH #6). * Add simple script to generate crypted passwords (David Precious). [DOCUMENTATION] * Fix module name in POD of Database provider (Vince Willems, GH #5). * Fix mix-up of login_page and login_url (David Precious). 0.303 Tue Oct 28 09:13:46 2014 CET [BUG FIXES] * Add version to Dancer2 prerequisite (GH #2, Stefan Hornburg). Prevents test failure in case psgi_app method isn't present. [TESTS] * Suppress core and debug logging for tests. 0.302 Sun Oct 26 17:09:57 2014 CET [BUG FIXES] * Fix MANIFEST (Stefan Hornburg). 0.301 Sat Oct 25 21:26:39 2014 CEST Initial port from Dancer1 (Stefan Hornburg).