Skip to content

Releases: cakephp/authentication

Authentication 2.11.1

Choose a tag to compare

@markstory markstory released this 25 Jun 03:17
9aec999

What's Changed

Full Changelog: 2.11.0...2.11.1

Authentication 4.2.0

Choose a tag to compare

@dereuromark dereuromark released this 21 Jun 10:32
d4d7804

What's Changed

Full Changelog: 4.1.1...4.2.0

Authentication 3.3.6

Choose a tag to compare

@markstory markstory released this 14 Jun 15:37
86db711

What's Changed

  • Fix an open redirect weakness in getLoginRedirect() by @markstory in #796

Full Changelog: 3.3.5...3.3.6

Authentication 4.1.1

Choose a tag to compare

@markstory markstory released this 14 Jun 15:37
ee24bd4

What's Changed

Full Changelog: 4.1.0...4.1.1

Authentication 4.1.0

Choose a tag to compare

@dereuromark dereuromark released this 22 Apr 11:31
ed41893

Improvements

  • Added AuthenticationComponent::redirectAfterLogin() helper to make the safe post-login redirect path the obvious one. It resolves the validated local redirect target via the existing getLoginRedirect() logic and falls back to the provided default, returning the controller redirect response directly (#787).

    if ($result->isValid()) {
        return $this->Authentication->redirectAfterLogin('/dashboard');
    }

Full Changelog: 4.0.1...4.1.0

Authentication 4.0.1

Choose a tag to compare

@ADmad ADmad released this 27 Feb 07:53
5c6afb1

What's Changed

Full Changelog: 4.0.0...4.0.1

Authentication 4.0.0

Choose a tag to compare

@dereuromark dereuromark released this 09 Feb 13:45

Breaking Changes

  • Identifier configuration format changed - Moved from nested array to flatter structure:

    // Before
    'identifier' => ['Authentication.Token' => ['tokenField' => 'id', ...]]
    
    // After
    'identifier' => ['className' => 'Authentication.Token', 'tokenField' => 'id', ...]
  • Class renames:

    • CakeRouterUrlCheckerDefaultUrlChecker
    • DefaultUrlChecker (framework-agnostic) → GenericUrlChecker
  • SessionAuthenticator identify option removed - This deprecated option has been removed. Use PrimaryKeySessionAuthenticator if you need session-based authentication without password re-verification.

  • Identifier parameter now optional in AbstractAuthenticator constructor

  • Removed deprecated code including loadIdentifier() method

  • Updated dependency: firebase/php-jwt now requires ^7.0

Improvements

  • Lazy identifier initialization via getIdentifier() method
  • Cleaner authenticator/identifier relationship
  • Redirect validation feature (backported from 3.x)
  • Plugin now properly declares cakephp/cakephp as dependency
  • Identity::get() now supports dot-separated field names for nested data access
  • New IdentityHelper::getIdentity() method for easier identity access in templates
  • PrimaryKeySessionAuthenticator now has a default TokenIdentifier configured

Migration

Rector rules available at cakephp/upgrade#370 for automated migration assistance.

Full Changelog: 3.3.5...4.0.0

CakePHP Authentication 3.3.5

Choose a tag to compare

@dereuromark dereuromark released this 09 Feb 13:43
9a12edc

Deprecations

  • SessionAuthenticator identify option deprecated - This option was ineffective for detecting password changes or remotely invalidating sessions. Use PrimaryKeySessionAuthenticator instead if you need to fetch fresh user data from the database on each request. (#763)

Fixes

  • Fixed PHP deprecation errors (#759)
  • Improved deprecation notice wording for authenticators without identifiers

Full Changelog: 3.3.4...3.3.5

CakePHP Authentication 3.3.4

Choose a tag to compare

@dereuromark dereuromark released this 29 Nov 15:48
8575216

What's Changed

  • Rename Plugin to AuthenticationPlugin by @ADmad in #750
  • Add optional redirect loop protection to AuthenticationService by @dereuromark in #752
  • Fix loadIdentifier called after loadAuthenticator losing resolver config by @dereuromark in #755 (Fix regression)

Full Changelog: 3.3.3...3.3.4

CakePHP Authentication 3.3.3

Choose a tag to compare

@ADmad ADmad released this 06 Nov 02:10
86b48f2

What's Changed

New Contributors

  • @txj made their first contribution in #738

Full Changelog: 3.3.2...3.3.3