v2.0.4

2.0.4 (2021-06-13)

Bug Fixes

• deps: bump glob-parent from 5.1.1 to 5.1.2 (#42) (aef9823)
• deps: bump lodash from 4.17.20 to 4.17.21 (#31) (640510d)

v2.0.3

2.0.3 (2021-03-04)

Bug Fixes

• user could not delete their own account (7fb76e1)

v2.0.2

2.0.2 (2021-03-04)

Bug Fixes

• anonymous users couldn't login to an existing userID using a previously linked identity (d27729b)

v2.0.1

2.0.1 (2021-03-04)

Bug Fixes

• ensure that only one user can be linked to a subject@provider identity (3fe72be)

v2.0.0

2.0.0 (2021-02-22)

Bug Fixes

• the /auth/me endpoint returns details about each provider identity rather than just the provider name (7ff94a0)

Features

• ability to delete current user profile (d006f1e)
• ability to delete current user's linked identity (00ecefb)

BREAKING CHANGES

• endpoint's providers attribute has been removed and an identities attribute is added instead.

v1.3.0

1.3.0 (2021-02-15)

Features

• Profile page now has sign-in buttons to allow l inking to other providers. (627bba9)

v1.2.0

1.2.0 (2021-02-15)

Features

• logout endpoint (clears the session) (6db3663)

v1.1.0

1.1.0 (2021-02-14)

Bug Fixes

• styling of sign in buttons for google/apple (82a7fba)

Features

• profile menu w/ login/logout (f89f9ed)

v1.0.0

1.0.0 (2021-02-07)

Bug Fixes

• all paths now support being deployed in a subdirectory like /staging/ (eab2a1c)
• cleanup handling of *.js from source files because sometimes jest will import the wrong files! (436216a)
• footer policy link color (e901545)
• full oidc flow works for google (d6ca364)
• google login works in staging (3cc0c10)
• login redirect page includes required OAuth 2 params (2dcdeff)
• move cookieconsent up the render tree into App rather than within layout (each page) (02864f4)
• redirect handler creates new session in a way that is compatible with session & csrf middleware (a6d5e72)
• session cookie is signed (ceec592)
• Support sign in with apple without arc (59ef838)
• Tokenater prevents attempting to encode values with periods (1eb6d89)
• using "@types/architect__functions" package that is about to be published via DefinitelyTyped/DefinitelyTyped#50676 (c676b5c)
• vendor scripts included and no more console warnings (3923338)

chore

• Rename TokenRepository to IdentityRepository (347edcd)

Features

• /api/login?provider=providername endpoint redirects user to login with specified provider (dc7a3f8)
• /auth/me endpoint provides user info when user is authenticated (826e91f)
• bundle static assets (js, css, images) instead of using PUBLIC_URL (7612a56)
• cookieConsent now a hook rather than a component (968777b)
• Creates users after OAuth/OpenID Connect authentication (71fb29e)
• csrf and session middleware (2bf4a0f)
• GET /me now returns a providers attribute listing the identity providers user has authenticated with (0f29b29)
• github CI with tests (799f23a)
• partial support for Signin with Apple (mostly) (3f60f47)
• redirect handler looks up user by sub claim not email claim (46466d1)
• response_mode is an environment variable (removes specialization for Sign in with Apple) (3480994)
• Store sub claim as part of token (12fd3ea)
• OAuth: Redirect handler writes session cookie to indicate the user is indeed logged in (ce2e4f7)

BREAKING CHANGES

• TokenRepository is now IdentityRepository. The DDB table token DDB table is now identity