Releases: cofoundry-cms/cofoundry
Releases · cofoundry-cms/cofoundry
0.12.0
0.11.4
0.11.3
0.11.2
v0.11.1
0.11.0
0.10.3
0.10.2
0.10.1
0.10.0
Features
Pages and Directories
- #187 Pages / Directories: Restrict by User Area
- #200 Pages / Directories: Increase maximum url slug length
- #464 Page Directories: "Name" property is superfluous
- #465 Pages / Directories: Naming of FullUrl inconsistent
- #288 Page & Custom Entity: Add update date
- #463 Page Directories: extract ChangePageUrlCommand from UpdatePageDirectoryCommand
- #462 Improve Page Message Publishing: Including changed urls and propagate directory changes
- #461 Page Directories: Publish Command Messages
User Areas
- #467 Users: Name should not be required
- #496 Users: Add "DisplayName"
- #495 UserMicroSummary: Remove FirstName, LastName, Email fields
- #490 Users: Deactivate
- #485 Users: Confirm Account
- #479 Self-service Password Reset: Rename to "Account Recovery" and audit/tidy
- #470 User Area Admin: Misc improvements
Configuration
- #493 AuthenticationSettings: Move to UserSettings.Authentication
- #477 UserArea: Make unique validation of emails optional
- #476 User Areas: Configurable Email and Username validation
- #468 Email Uniqueness: Support IDNs and improve uniqueness handling
- #499 Roles: Improve initialization
API Improvements
- #82 UserRepository, LoginService and missing queries/command
- #473 IAdvancedContentRepositoryUserRepository: Move "Current" out to own child repository
- #489 Rework the auth controller helpers, replacing with a solution based on the content repository
- #488 User Auth: Replace ILoginService with Queries and Commands
- #482 UserLoginInfoAuthenticationResult: Replace Error enum with a ValidationError with standardized error codes
- #487 Change uses of the term "Login" and "Logout" to "SignIn" and "SignOut"
- #281 Add message/event publishing for Users
- #474 Remove UserAccountDetails projection
Security
- #494 Users: Soft-deletes should anonymize data
- #492 UserLoginLog: Rename to UserAthentication and move rate limit settings to user settings
- #491 Users: Add duration padding to the execution of commands and queries succeptible to time-based enumeration attacks
- #480 User Admin: Force password reset
- #478 Users: Security stamp / session invalidation
- #469 User Areas: Configurable password policies
- #454 Migrate to ASP.NET Core Identity IPasswordHasher
Mail Templates
- #215 Allow admin mail templates to be easily overridden
Misc
- #405 Show friendly enumeration item names
- #415 Improved handling of AuthenticationFailedException in ApiResponseHelper.RunCommandAsync
- #497 ContentRepository: Add overloads to patch update commands
- #483 IDomainRepository.WithExecutionContext: Support passing in IUserContext
- #472 IUploadedFile: Improve the public API and document
- #484 Domain.Data: Specifiy DateTime properties as DateTimeKind.Utc
- #481 Remove obsolete APIs (pre v0.10)
Bugs
- #409 Improved error handling for serialization errors
- #458 Page Template has two Regions but Admin says it has none
Docs
- #162 Provide better documentation for authentication
- #190 User Areas: Samples and better documentation of creating user management screens
- #200 Add guide for setting up email via plugins
- #423 Configuring data protection system
- #419 Nested Transactions
Breaking changes
Term Changes (system wide)
- Term "PasswordReset" (self-service forgot-password style) changed to "AccountRecovery" to avoid confusion with passwords being reset by an administration user.
- Term "Login/Logged In" changed to "Sign in/signed in"
Models
CustomEntityDetails.FullPath
is nowCustomEntityDetails.FullUrlPath
IPageRoute.FullPath
is nowIPageRoute.FullUrlPath
PageRoute.FullPath
is nowPageRoute.FullUrlPath
CustomEntityPage.FullPath
is nowCustomEntityPage.FullUrlPath
PageSummary.FullPath
is nowPageSummary.FullUrlPath
CurrentUserViewHelperContext.IsLoggedIn
is nowCurrentUserViewHelperContext.IsSignedIn
Queries
GetUserLoginInfoIfAuthenticatedQuery
now returnsUserLoginInfoAuthenticationResult
instead ofUserLoginInfo
directly and now includes checks for max login attempt validation.- Role queries such as
GetRoleByIdQuery
now return null if an id is specified but no role is found. The original behavior returned the anonymous role, which was unintentional; specifying null as the Id however still returns the anonymous role as intended. GetEntityDependencySummaryByRelatedEntity
is nowGetEntityDependencySummaryByRelatedEntityId
(naming consistency)IsEmailUniqueQuery
is nowIsUserEmailAddressUniqueQuery
GetUserLoginInfoIfAuthenticatedQuery
is nowAuthenticateUserCredentialsQuery
GetUpdateCommandQuery
is nowGetPatchableCommandQuery
GetUpdateCommandByIdQuery
is nowGetPatchableCommandByIdQuery
Commands
AddCofoundryUserCommand
has been removed and replaced with the more genericAddUserWithTemporaryPassword
.- Url updating parts of
UpdatePageDirectoryCommand
replaced with dedicatedUpdatePageUrlCommand
CompleteUserPasswordResetCommand
is nowCompleteUserPasswordResetRequestCommand
InitiatePasswordResetRequestCommand
is nowInitiateUserPasswordResetRequestCommand
CompleteUserAccountRecoveryByEmailCommand.SendNotification
has been removed and replaced with a config settingCofoundry:Users:Password:SendNotificationOnUpdate
UpdateUnauthenticatedUserPasswordCommand
is nowUpdateUserPasswordByCredentialsCommand
UpdateCurrentUserAccountCommand
is nowUpdateCurrentUserCommand
Content Repository
IAdvancedContentreporsitory.Users().AddUserCommandAsync
is nowIAdvancedContentreporsitory.Users().AddUserWithTemporaryPasswordAsync
ContentRepository.Users().AddUserWithTemporaryPasswordAsync()
is nowContentRepository.Users().AddWithTemporaryPasswordAsync()
ContentRepository.Users().UpdateUserAsync()
is nowContentRepository.Users().UpdateAsync()
ContentRepository.Users().DeleteUserAsync()
is nowContentRepository.Users().DeleteAsync()
IAdvancedRepository.Users().IsEmailUniqueAsync
is nowIAdvancedRepository.Users().IsEmailAddressUniqueAsync
IContentRepository.CustomEntities().GetByDefinitionCode(string).AsRenderSummary()
is nowAsRenderSummaries()
Auth
IAuthConfiguration
has been updated to make it easier to override specific parts of the configuration. See the class for more details.CofoundryAuthenticationConstants.FormatAuthenticationScheme
is nowAuthenticationSchemes.UserArea
IUserAreaDefinition.IsDefaultAuthSchema
is nowIUserAreaDefinition.IsDefaultAuthScheme
(typo)AuthenticationFailedException
has been removed as it is unused. If an action is not permitted useNotPermittedException
instead.
Misc
IUserAreaDefinitionRepository.GetByCode
renamedIUserAreaDefinitionRepository.GetRequiredByCode
to be consistent with other definition repositories- Much of Cofoundry.Web.Identity has changed, but should still be familiar. If you're using these do check ...