Guardian.Plug.VerifyHeader and Guardian.Plug.VerifySession:refresh_from_cookie option will try refreshing
when access token not found, invalid or expired if cookie present #683
v2.2.0
Enhancement
Add :scheme option to Guardian.Plug.VerifyHeader#680
Add :refresh_from_cookie option to Guardian.Plug.VerifyHeader and Guardian.Plug.VerifySession
to replace Guardian.Plug.VerifyCookie plug #675
Deprecation
:realm option configuration of Guardian.Plug.VerifyHeader is deprecated
please use :scheme instead.
Guardian.Plug.VerifyCookie is deprecated in favor of :refresh_from_cookie option in
Guardian.Plug.VerifyHeader and Guardian.Plug.VerifySession
v2.1.2
Enhancement
Documentation improvements
Parse the kid from the signing secret to the signature #654
Bugfix
Fixed issue with remember_me plug not using the correct ttl #649
Fixed failing compilation if plug was not included as a dep #633
Thanks goes to all contributors
v2.1.1
Enhancement
Documentation improvements
v2.1.0
Enhancement
Add option halt to all plugs. This allows to optionally not halt the connection on error so downstream plugs are
still called #617
Added SlidingCookie plug that allows auto refreshing cookie tokens 616
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
2 years ago
Bumps guardian from 0.14.6 to 2.2.1.
Release notes
Sourced from guardian's releases.
Changelog
Sourced from guardian's changelog.
... (truncated)
Commits
9866c10chore: versioning71ab938chore: use GitHub Release to trigger the Hex releases (#684)9baef5bfix: try refreshing cookie on multiple cases (#683)4600c78Allow multipleresource_from_claims/1signatures in the README example (#682)7cabf6fAdd scheme option to VerifyHeader (#680)11bd017Fix deps (#679)a938e49Fix typo in README.md (#678)45ea60achore: improve verify cookie options (#675)92601b0Update Jose to support OTP24 (#674)4512030missing index/2 in PageController (#671)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)