v0.29.1

Changes

• fix: grant: respect dynamic options @dbarrosop (#503)
• fix: verify hostname during STARTTLS correctly @dbarrosop (#504)

v0.29.0

Changes

• chore: override execa to >=2.0.0 @dbarrosop (#500)
• fix: go: minor fixes in /token endpoint @dbarrosop (#501)
• feat: go: migrate /token @nunopato (#492)

v0.28.1

Changes

• fix: support SMTP over TLS @dbarrosop (#498)
• fix: regression - return refreshTokenID alongside session as before @dbarrosop (#496)
• chore: update deps due to GO-2024-2687 @dbarrosop (#497)

v0.28.0

Changes

• fix: minor fixes to startup config @dbarrosop (#495)
• [Scheduled] Update dependencies @github-actions (#493)
• fix: typo on signinPasswordless type @dbarrosop (#490)
• feat: added integration with postmark @dbarrosop (#484)
• feat: go: migrate /signup/webauthn[/verify] @dbarrosop (#487)
• feat: go: migrate /user/deanonymize @dbarrosop (#488)
• feat: go: added middleware for elevated check @dbarrosop (#489)
• feat: go: migrated /user/email/send-verification-email @dbarrosop (#485)
• feat: allow connecting social logins to existing users even if emails don't match @dbarrosop (#459)
• chore: go: refactor @dbarrosop (#483)
• chore: bump nixbuild/nix-quick-install-action from 26 to 27 @dependabot (#482)
• feat: go: migrate /pat and /signin/pat @dbarrosop (#481)
• feat: go: migrate /healthz and /version @dbarrosop (#480)
• feat: go: migrate /user/password/reset @dbarrosop (#479)
• feat: go: migrate /signin/passwordless/email @dbarrosop (#478)
• feat: go: migrate /user/email/change @dbarrosop (#477)
• feat: go: migrate /signin/email-password @dbarrosop (#476)

v0.27.0

Changes

• chore: node: update webauthn dependencies @dbarrosop (#474)
• fix: go: automatically use paths compatible with cli/prod @dbarrosop (#473)
• fix: go: add default locale/roles to allowed list @dbarrosop (#472)
• migrate: /signup/email-password @dbarrosop (#467)
• chore: fix role to assume in gen update dependencies @dbarrosop (#470)
• chore: bump github/codeql-action from 2 to 3 @dependabot (#466)
• feat: add golang entrypoint that acts as reverse-proxy when routes don't match @dbarrosop (#464)

0.26.0

Minor Changes

• 0c52594: feat: added AUTH_REQUIRE_ELEVATED_CLAIM to require elevated permissions for certain action

0.25.0

Minor Changes

• 93abd35: feat: added endpoint to "elevate" permissions using webauthn

Patch Changes

• fcec7fa: chore: update dependencies
• 27aeca6: fix: replace helper.error with helper.message due to joi's breaking changes

0.24.1

Patch Changes

• 68aa985: chore: add pnpm audit to the CI and update deps
• 00b3994: Adding an index on refresh_tokens to increase performances
• 011516e: fix: parse stringified metadata during oauth callback

0.24.0

Minor Changes

• 634f2bf: feat: add AUTH_WEBAUTHN_RP_ID environment variable

Patch Changes

• 2e3096c: fix: conceal error if AUTH_CONCEAL_ERRORS is set

0.23.0

Minor Changes

• cd8c786: feat: add option to disable user sign-up through AUTH_DISABLE_SIGNUP

Patch Changes

• 003cfd6: fix: make sure existing modified permissions are not overwritten
• 15459a9: fix: use empty as AUTH_API_PREFIX default value
• ffba7d8: fix: move catch-all route-not-found handler to root