CHANGELOG

v2.2.22 - 2024-07-03

remove expired keys from couch auth db on startup and every 6 hours

v2.2.21 - 2024-04-05

bugfix: handle user:user_id role

v2.2.20 - 2023-11-20

oauth profile id to lower case

v2.2.18 - 2022-06-10

Replaced node-extend with node.extend due to https://github.com/advisories/GHSA-cg42-4wrc-gp47

v2.2.17 - 2022-29-06

bugfix azure
improved error handling in auth callback template

v2.2.16 - 2022-19-05

reduced payload in login response

v2.2.14 - 2022-10-05

optional redirect_uri on login

v2.2.13 - 2022-06-05

lang param for email templates

v2.2.4 - 2022-02-09

add replyTo header to emails

v2.2.3 - 2022-01-13

bugfix generate password

v2.2.2 - 2022-01-13

added missing dependency @node-redis/bloom for redis

v2.2.1 - 2021-12-13

dependencies updates/upgrades

v2.1.3 - 2021-09-02

logging for pouch db instance observation

v2.1.2 - 2021-09-01

actively close pouchdb instances when no longer needed

v2.1.1 - 2021-08-26

handle concurrency issues on login and refresh

v2.1.0 - 2021-08-23

bumped dependency versions

v2.0.31 - 2021-03-29

cleanup arrays

v2.0.30 - 2021-03-25

dedicated default roles config for social auth providers and local registration

v2.0.29 - 2021-03-23

bugfixes design docs
short one time passwords for email confirmation and password reset
error handling for expired sessions during refresh
better user name / email validation

v2.0.28 - 2021-03-18

revert to 2.0.27 (had no effect)

v2.0.27 - 2021-03-18

better handle new sessions on first access

v2.0.26 - 2021-03-18

bugfix in error handling (jsCallback is not defined)

v2.0.25 - 2021-03-15

file adapter thread save bugfix

v2.0.24 - 2021-03-15

pouchdb 7
pouchdb-security-helper
file adapter thread save
oauth error handling
doc

v2.0.23 - 2021-03-02

better error messages

v2.0.22 - 2021-03-02

bugfixes
better error messages

v2.0.21 - 2021-03-01

better error messages

v2.0.20 - 2021-03-01

fixed typo in FileAdapter

v2.0.18 - 2021-03-01

optimized oAuth handling with new routes, channels, sessions, configurable callbacks, etc.

v2.0.16 - 2021-01-27

new route /profile

Fixes

bugfix when using email style username

v2.0.15 - 2020-12-17

Fixes

avoid 409 on session cleanup/sync

v2.0.14 - 2020-12-11

Fixes

better error messages

sync session refresh to userDB

v2.0.13 - 2020-11-20

Fixes

json (instead of plain text) response when session invalid

v2.0.12 - 2020-11-26

Fixes

change listener on sl-users triggers updates on sessions and authDb when roles are modified

v2.0.11 - 2020-11-22

Fixes

sync roles from user to session when refreshing session

v2.0.6 - 2019-11-11

Fixes

better error messages
bugfix FileAdapter

v2.0.3 - 2019-02-21

Fixes

avoid exceptions in user-design views

v2.0.2 - 2019-01-23

Fixes

clone design doc instance to enable multiple independent instances of superLogin

v2.0.1 - 2019-01-22

Fixes

fixed express error handler signature

v2.0.0 - 2019-01-16

Dependencies

mocha from 5.1.1 to 5.2.0
sinon from 5.0.4 to 7.2.2

Features

superlogin.initialized()

Fixes

default http status code for error message in '/register'
generic error message in http response for '/validate-username/' and '/validate-email/'
delegate method invocations from routes via superlogin instance instead of user instance to allow effective patching of superlogin methods

v1.2.1 - 2018-05-07

Dependencies

fs-extra from 4.0.3 to 6.0.0
mocha from 3.5.3 to 5.1.1
passport from 0.3.2 to 0.4.0
pouchdb from 6.3.4 to 6.4.3
pouchdb-seed-design from 0.2.2 to 0.3.0
sinon from 3.3.0 to 5.0.4
sinon-chai from 2.14.0 to 3.0.0

Fixes

Send a 400 with a JSON object when registration fails.

v1.2.0 - 2017-11-07

Dependencies

bluebird from 3.3.4 to 3.5.1
express from 4.13.3 to 4.16.2
nodemailer from 4.1.1 to 4.3.1
superagent from 3.6.0 to 3.8.0
sinon-chai from 2.8.0 to 2.14.0
Ignore package-lock.json

Tests

previous usage as a promise anti-pattern, removed.
moved require calls to the top
Always test err in callbacks
before should not include a promise in onCreate
Missed returning a promise in user spec: bulkDocs

CI

Test node 9

package.json

Point to this repo for this fork

v1.1.0 - 2017-09-27

Update fs-extra from ^0.3.0 to ^4.0.2
Update nodemailer from ^2.3.0 to ^4.1.1
Update superagent from ^1.2.0 to ^3.6.0
Remove gulp, gulp-mocha, gulp-jshint
Improve linting
Drop support for node 4
Whitespace cleanup
Do not cache node modules
Remove cloudant test
Do not publish test directory or .travis.yml or .jshintrc to npm

v1.0.0 - 2017-09-19

Updated CHANGELOG formatting
Change couch-pwd to @sensu/couch-pwd
Update Travis CI config to test modern versions of node
Update chai, gulp-mocha, mocha, & sinon to modern versions
Add some missing newlines at ends of files

v0.6.1 - 2016-04-02

Misc bugfixes
Documentation improvements
Now testing against Node 4.x and 5.x

v0.6.0 - 2016-04-02

Updated dependencies
Improved unit tests (thanks @tohagan and @ybian)
CouchDB server can now have a separate URL for public access
Misc bug fixes

v0.5.0 - 2015-10-08

Previously a user could only logout if the session token was still valid. API keys would be expired, but database credentials could still be used. Now logout will ensure the user is completely logged out, even if the session is already expired.
Fixed a bug that was causing sessionLife and tokenLife settings not to work.

v0.4.0 - 2015-09-21

Default per-DB Cloudant permissions no longer save in the user doc. You can set custom permissions in the user doc, otherwise it will use the settings in your config. Misc bug fixes.

v0.3.0 - 2015-09-18

Created configuration options to setup _security roles when user databases are created
Improved tests and updated PouchDB.

v0.2.0 - 2015-09-13

Added client access_token strategies to support OAuth2 flows from Cordova, PhoneGap, and native apps

v0.1.0 - 2015-09-10

The intense power of SuperLogin is unleashed on a world that may not be ready! Tested with Node.js 0.12.7 and 4.0.0