v4.33.0

4.33.0 (2021-12-03)

Important Note

There was a significant change to the storage provider in this release. You will need to configure an encryption key which is used to encrypt the TOTP secret column and U2F public key column. This can be configured via a secret which is the recommended method, though there are other methods. If you need help please contact us on Discord or Matrix. See the documentation for more details. We recommend a database backup before upgrading, though it's been thoroughly tested.

Bug Fixes

• authentication: only check argon2id salt for b64 encoding (#2529) (1ea94dd)
• notifier: force use of sender email in smtp from cmd (#2616) (ab8f9b0), closes #2571
• session: use crypto/rand for session id generator (#2594) (7efcac6)
• storage: duo/u2f upsert failure on postgresql (#2658) (a79e4dc)
• storage: new auth log schema request method length (#2656) (2075e76)
• storage: postgres schema hardcoded for tables query (#2667) (95a5e32)
• storage: rebind all queries (#2662) (9045b75)
• web: misleading 2fa registration errors (#2535) (0e8ff3b)

Features

• customizable static assets (#2597) (0be883b), closes #1630
• duo: multi device selection (#2137) (01b7738), closes #594 #1039
• oidc: include introspection_endpoint in .well-known/openid-configuration (c99b6e7)
• regulator: enhance authentication logs (#2622) (bc3b0fd), closes #116 #1293
• session: add support for acl-based sentinel auth against redis (#2516) (04831c2)
• storage: encrypt u2f key (#2664) (255aaeb)
• storage: encrypted secret values (#2588) (347bd1b), closes #682
• storage: only store identity token metadata (#2627) (9ceee6c)
• storage: postgresql schema and ssl options (#2659) (f90ca85)
• storage: primary key for all tables and general qol refactoring (#2431) (3695aa8), closes #1337
• totp: algorithm and digits config (#2634) (ad8e844), closes #1226

Docker Container

• docker pull authelia/authelia:4.33.0
• docker pull ghcr.io/authelia/authelia:4.33.0