Releases: dev-xo/remix-auth-totp
v3.3.0
What's Changed
- [ Docs ] Update README.md by @brianbancroft in #59
- [ Fix ] Update documentation. by @mw10013 in #61
- [ Fix ] Update code examples. by @brianbancroft in #62
- [ Feat ]: Pass a pre-read FormData object via context. by @themkvz @mw10013 in #64
New Contributors
- @brianbancroft made their first contribution in #59
- @themkvz made their first contribution in #60
Full Changelog: v3.2.0...v3.3.0
v3.2.0
What's Changed
This release is focused on bringing enhanced security improvements.
A quick summary of the changes and updates applied:
- Improved security through the use of JWE encryption for hashing algorithms.
- Expanded character set and updated default hashing algorithm to SHA256.
- Removed the default TOTP generation secret, which was never used in practice.
- Implemented various refactoring efforts to improve code maintainability and readability.
- Older versions below
v3.2.0
have been deprecated.
Example Templates have also been updated reflecting these new changes.
Huge thanks to @ryan0x44 who let us know about a critical security issue this release has fixed. And as always, a million thanks to @mw10013 for the time invested and the effort put into the library itself.
Full Changelog: v3.1.0...v3.2.0
v3.1.0
What's Changed
- feat: Support passing
AppLoadContext
as context tosendTOTP
and verify by @ryan0x44 in #53 - docs: Fix
maxAge
unit from milliseconds to seconds. by @lean-dev in #51 - docs: Minor documentation updates.
New Contributors
Full Changelog: v3.0.0...v3.1.0
v3.0.0
What's Changed
Remix Auth TOTP v3 is here! 🎉
This major release centers on eliminating the reliance on the database and simplifying the overall Strategy. Learn more about it from the official PR: #45
⭐ Summary
- Add
coerce
utility - Add
TOTPPayload
structure - Add tests for the 1st authentication phase
- Add tests for stale magic-link and login attempts
- Add test for custom error scenarios
- Refactor: Rename function to
generateAndSendTOTP
- Refactor: Rename function to
validateTOTP
- Refactor: Rename variable
totpFieldKey
tocodeFieldKey
- Refactor: Remove CRUD operations
- Refactor: Remove unused constants
- Refactor: Remove
MagicLinkGenerationOptions
- Refactor: Remove
form
andrequest
fromSendTOTPOptions
- Refactor: Remove
code
,magicLink
,form
, andrequest
fromTOTPVerifyParams
- Update
SendTOTPOptions
withrequest
andformData
- Update
TOTPVerifyParams
withrequest
andformData
- Update documentation
- Update dependencies
- Bump module version to
v3.0.0
Special thanks to @mw10013 for taking responsibility of the entire release, including implementation, tests, migration documents, and all the care and effort put into it! 🙏
That's all for this release. Happy coding, folks!
v2.0.0
What's Changed
Remix Auth TOTP v2 is here! 🎄
This major release focuses on splitting and introducing key improvements, enhancing both functionality and simplicity for developers and maintainers. You can learn more about it from the following PR: #37
⭐ Features
- Introduced
TOTPData
and CRUD interfaces, laying a solid foundation for more structured and efficient TOTP operations.
🧯 Refactor
- Split
handleTOTP
: We've dividedhandleTOTP
into two distinct functions:readTOTP
andupdateTOTP
. - Simplified
expiresAt
: We've removed the setting of expiresAt fromhandleTOTP
. Now, expiresAt is only relevant at the time of creation, reducing complexity and potential errors. - Removed
storeTOTP
: Simplifying the overall codebase. - Removed
sendTOTP
wrapper: In our pursuit of simplicity, the sendTOTP wrapper wasn't adding much value to the overall codebase.
👷♂️ Chores
- Added Migration Documentation: A new document has been added to assist with
v1
tov2
migrations. - Updated Documentation: Reflecting the recent changes.
- Updated Tests: Ensuring the robustness and reliability of the recent changes.
- Updated Dependencies.
- Bumped module version to
v2.0.0
.
Special thanks to @mw10013 for taking responsibility for the entire release, including implementation, tests, migration documents, and all the care and effort put into it!
Merry Christmas, folks!
v1.4.1
What's Changed
Implemented a solution for generating magic links using the request's origin instead of the host in the request headers when hostUrl
is not provided. This addresses issues in environments like Cloudflare local development (wrangler/miniflare), ensuring the correct cookies are used. See #29 for more details.
Refactor 🛠️
- Use request origin for magic link if
hostUrl
is not provided.
Chores 👷♂️
- Minor test name rearrangement.
- Remove
getHostUrl
and its respective tests, along withHOST
constant and its calls in test headers. - Bumped module version to
v1.4.1
.
Special thanks to @mw10013 for issuing this and for taking the time to look into it!
That's all for this release. Happy coding, folks!
v1.4.0
What's Changed
Introducing Cloudflare Support! 🎉
This has been achieved this by switching from jsonwebtoken
library to jose
, enhancing our support for JSON Web Tokens (JWT) - Issued #28
Refactor 🛠️
- Replaced
jsonwebtoken
withjose
, adapting the codebase accordingly - #28 - Updated and adapted tests to align with the new library.
Chores 👷♂️
- Updated dependencies.
- Formatted the repository.
- Bumped module version to
v1.4.0
.
Special thanks to @mw10013 for issuing this and for taking the time to test the codebase updates.
That's all for this release. Happy coding, folks!
v1.3.0
What's Changed
This update focuses on simplifying our codebase with a couple of refactors, such as removing the generic User type from sendTOTP
calls and the TOTPStrategyOptions
interface. We've also updated dependencies to resolve issues with the latest version of vitest
.
Refactor 🛠️
- Removed the generic User type from
sendTOTP
calls — Issue resolved https://github.com/dev-xo/remix-auth-totp/issues/27. - Removed the generic User type from the
TOTPStrategyOptions
interface — No longer necessary, related to https://github.com/dev-xo/remix-auth-totp/issues/27.
Chores 👷♂️
- Updated dependencies, resolving issues with the latest
1.0.0-beta.3
version of vitest.
That's it for this release. Happy coding folks!
v1.2.0
Patch Changes
This release mostly concentrates on minor internal fixes and documentation updates. Also made some type adjustments and added Husky for better Git hooks.
Fixes 🛠️
- Database
expiresAt
field is no longerNumber
type, insteadDate
orString
types. - Resolved a minor TypeScript mismatch issue.
Chores 👷♂️
maxAttempts
property fromTOTPGenerationOptions
set as optional.- Added Husky for
pre-commit
andpre-push
hooks. - Added customization documentation.
- Security Policy added for the repository.
That's it for this release. Happy coding folks!
v1.1.0
Patch Changes
This release focuses on new example integrations and feature enhancements. We've also done some housekeeping, improving documentation and updating dependencies.
Features 🌟
- Added
expiresAt
database field for better data management. Ref: #23- Advanced usages will be added to the Docs soon.
- New examples integrations:
- Flat-Routes
- Conform
- Sonner
- React-Email
Chores 👷♂️
- Added JWT tests
- Added
CODE_OF_CONDUCT.md
- Multiple documentation updates
- Dependency updates
- Github Workflow improvements
That wraps it up for this Release. Happy coding folks!