Releases: codemation/easyauth
Releases · codemation/easyauth
2.0.3
Contributors
codemation
Assets 2
2.0.2
What's Changed
- add error handling in getuser() by @foreztgump in #100
- Refactor token validation by @codemation in #107
New Contributors
- @foreztgump made their first contribution in #100
Full Changelog: 2.0.1...2.0.2
Contributors
codemation and foreztgump
Assets 2
2.0.1 - Security Fix
What's Changed
- Security fix - CVE-2022-39227 by @codemation in #95
Disclosure date
2023-03-07T18:48:04.077Z
Title
Vulnerable python_jwt dependecy version used, leading to CVE-2022-39227
Severity
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N = Critical (10)
Vulnerability Type
Authentication Bypass by Spoofing
Thanks to @notnci for locating & @psmoros for reporting.
Full Changelog: 2.0.0...2.0.1
2.0.0
Breaking Change Alert
- Using FastAPI 0.92.0 requires that EasyAuthServer & EasyAuthClient objects be defined outside of app lifecycle. See updated documentation.
What's Changed
- Add Support for FastAPI 0.92.0 + (fixing issue caused by middleware usage post startup)
- Fix 88 importing config by @codemation in https://github.com/codemation/easyauth/pull/89\
- Improved Testing Setup / Teardown
Full Changelog: 1.0.30...2.0.0
1.0.30
1.0.29
Full Changelog: 1.0.28...1.0.29
1.0.28
Contributors
codemation
Assets 2
Support for FastAPI 0.88.0 +
What's Changed
- 76 - Fixed conversion of token cookie into authorizaiton bearer token… by @codemation in #77
Full Changelog: 1.0.26...1.0.27
1.0.26
What's Changed
- fix get_user_permissions service model usage by @codemation in #74
Full Changelog: 1.0.25...1.0.26
Contributors
codemation
Assets 2
1.0.25
What's Changed
- improved get_user_permissions usage for services by @codemation in #73
Full Changelog: 1.0.24...1.0.25
Contributors
codemation