v1.0.0

1.0.0 (2022-12-23)

Bug Fixes

• _getSessionFromUrl() test (4838a4b)
• (hopefully the last). Errors don't need to be recreated since they bubble up as full errors (4aebf50)
• #175 return token from cookie helper (7234843)
• #34 (8339678)
• #38 & fix: #41 (aac85e6)
• #45 (3501d62)
• #52 - documents the "expires_in" field (2a797b1)
• #65 sends redirect in query param instead of referer header (7a65014)
• #66. Missing redirects on some routes (ad8131d)
• /invite API (inviteUserByEmail) returns a User (d17e687)
• add a new TOKEN_REFRESHED event (0add695)
• add Apple as Provider in types (dae28f6)
• add AuthResponse type (d7881b3)
• add ban_duration (ea900c7)
• add config for sign in endpoints (84c28df)
• add custom error classes (0e0cac4)
• add discord provider (f389578)
• add email change types to generateLink (fe0663e)
• add forgotten data option for sign ins (37d19aa)
• add initial enroll and challenge implementations (e978aac)
• Add new fields on User type (14e1441)
• add no signup param for otp endpoints (0ad92ae)
• add notes for v1.6.1 (76c989f)
• add option to pass in data (d728b6f)
• add phone field to user attr (05863f0)
• add phone_change otp type (855d494)
• add semantic-release-plugin-update-version-in-files to devDependencies (8b2c224)
• add typescript mapping for identities type (d31509c)
• add warning msg if redirect_to is used for non-oauth sign-ups/sign-ins (cd9eff7)
• added 'twitch' to Providers (9a05b90)
• adds test for current user (986ab36)
• allow custom storage key in localstorage (9335ccc)
• as per #129 (57b34a2)
• async storage class (494d70d)
• Automatically recover expired sessions. (a9718e9)
• await _saveSession and _removeSession (ebf4ce4)
• await getSessionFromUrl in _recoverAndRefresh (4506866)
• broken error in test (98b4a4f)
• broken import (c752839)
• bump to v1.22.1 (8629963)
• bump version (02876d7)
• calc expiresAt before returning verifyMobileOtp (0bca3fd)
• call token refreshing with arrow function (5b7fbda)
• change enroll params to snake case (78044a4)
• change setSession to take in an access token (ed87b76)
• change setSession to take in an object (f7e3bc1)
• change types to return appropriate signatures (3c5f2e0)
• change var passed in (20f3f16)
• clean up signInWithOAuth types (ef1011f)
• clean up signInWithOAuth types (9fce93e)
• cleanup localStorage session format (a93adc6)
• cleanup type docs (0fe005c)
• clear refreshTokenTimer on session remove (34ddd23)
• client signOut doesn't trigger api.signOut #73 (155ae0d)
• correct typo (828b0b3)
• create refreshTokenTimer to manage refresh token (5694ade)
• decode base64 to UTF8. (#528) (b4ddf4c)
• destructure currentSession from persistedSession (420b71f)
• distinguish between malformed urls and errors (5db69b0)
• docs build (8e71574)
• don't error if process is undefined (70ade22)
• don't throw errors in constructor (250923e)
• drop experimental MFA tag (#547) (5826e9b)
• eof newline (2eea38f)
• es2020 (bb21023)
• existing tests (c22f054)
• export errors (4c07a72)
• exports ApiError (de87da1)
• fire PASSWORD_RECOVERY auth event (81a0879)
• Fire signed in event on recoverSession. (5de6b7f)
• fix broken test (fc7ac57)
• fix test for json error response (06746fe)
• fix ts error introduced with prettier changes (709e3f4)
• fixes exponential backoff upon token refresh (01e39c6)
• force release (286fe86), closes #50
• getSession() read from localStorage every time (e18334e)
• getUser should accept jwt (7a7075f)
• getUser should default to authorization header (9e8d89f)
• globalThis polyfill for Mobile Safari <= 12.0 (eb6bb6e)
• handle custom fetch response in error handler (7371ad6)
• supabase/auth-js#184 (0ae593b)
• supabase/supabase#492 (b58d924)
• supabase/supabase#492 (c376764)
• ignore no-extra-semi (8ed1dd7)
• import cross-fetch conditionally (96b633a)
• include src for source maps (06d755a)
• listFactors should use getUser (e214bdb)
• LocalStorage class implements Storage (0a05071)
• magicLink -> magiclink (5ed89c9)
• make types tigher for generateLink (07adc58)
• make types tighter (77299d3)
• makes setAuth work with inMemorySession (9794043)
• mark captchaToken option on verifyOtp deprecated (#532) (c8b73df), closes #795
• mark verifyMobileOTP as deprecated & update verifyOTP (c9b23a6)
• Merge pull request #128 from supabase/da/hcaptcha-support (edcd2ff)
• Merge pull request #244 from fspijkerman/feat/keycloak-provider (f80da9d)
• merge rc into mfa (4f2ada3)
• mfa admin list factors (#562) (2b65646)
• mfa challenge and verify (bf53819)
• mfa verify should update current session (9ed8fcc)
• Minor typo fix just because I found it... (f1f17f2)
• move isBrowser localStorage check (dffd2b9)
• move options into verifyOtp params (262f7e9)
• move resetPasswordForEmail and refreshAccessToken to GoTrueClient (8f1d19e)
• moves tests to not use snapshot (41eaa8a)
• notify all subscribers when calling setAuth (8af8a0b)
• notify subscribers when setting session (d55d750)
• onAuthStateChange returns data object (0210ed2)
• only remove session when there is an invalid one (ef412f1)
• only saveSession when persistSession is true (815a9bf)
• persist session if user is null. (8754ccb)
• prefer global fetch to cross-fetch (e440a90)
• properly default shouldCreateUser flag (8a4087e)
• properly handle non AuthError's (ff228a7)
• push release for React Native (00c278d)
• recover and refresh token on startup (3a670be)
• recovers user from local storage on init (4da5a9f)
• refactor update method (f794b1b)
• refactor user methods (49aef46)
• refreshSession should take in an optional refreshToken (4d20e57)
• refreshSession() test (62996c2)
• refreshTokenTimer blocks node event loop exit (94740ad), closes #99
• release v1.22.1 (a019403)
• remove _recoverSession (6ee6f10)
• remove access token and jwt code (b5d807d)
• remove duplicated methods in GoTrueApi (f6d9c41)
• remove multitab stuff (0a9814b)
• remove unnecessary notify events (31c9041)
• remove xform methods (5c43ca5)
• Removes deprecated data for session (492d6d7)
• removes dotenv which will should be handled by the user of this library (a78fb42)
• removes redirectTo from UserCredentials (a6af15d)
• removes stray console log (28cda7b)
• removes the removeUser method from the client (108945b)
• rename captcha field (edc8c50)
• rename localstorage to storage (41e66e6)
• rename method name (5db0631)
• renames types to be more consistent across all of our libraries (209a678)
• require was breaking some builds (ab73b08)
• resolve & reset deferred upon refresh error (90ed495)
• return provider refresh token (7640bd7)
• returns meaningful errors (1207790)
• revert "fix: respect EXPIRY_MARGIN on getSession" (#533) (e9e0a01), closes supabase/gotrue-js#482 #529
• rolls back the 2.0.0 release (83549ac)
• save the user when the libary is loaded (9462e4b)
• saveSession and auto trigger refresh token (90ba6ff)
• Secure cookies when development with a vhost (4f72248)
• semantic release now requires node 14 (57797dd)
• send application/json in Content-Type header (#429) (0fc980c)
• send headers on all requests (5dfdd94)
• send magiclink should use otp endpoint (9c2d9a8)
• session not recovering in React Native #76 (56b6feb)
• set default X-Client-Info and trigger release (fe0e4fa)
• setAuth should not set user to null (53c725a)
• sets current user on sign up and sign in (787bffb)
• setSession is in broken state after v2.4.0 (#548) (0fcc8f5)
• signIn() with the wrong password unit test message check (d4f24fd)
• signInWithPassword should send sign-in event (92e4f0e)
• signout should remove session if user doesn't exist (#541) (ed8fe4f), closes #540 #520
• Simplify user and session methods. (#20) (18859b3)
• spelling (56b765e)
• supabase/supabase-js#178 handle JWT expiry <= 60s (7502d3a)
• supabase/supabase#1915 encode query string parameter values (0aefd9a)
• test isnt accurate (93c1544)
• throw AuthRetryableFetchError on network errors only (7e7f32f)
• tidy up tab issue in unrelated code (9031ee9)
• token refresh retry offline + recover on visible (#278) (8c6373b)
• trigger new patch version (99a11bb)
• tsc output for types (1974177)
• turns out that GoTrue doesn't have a consistent error format. Adding another possible variation (3771344)
• typedocs docs (d4a49ee)
• types in package.json (dc49554)
• typo (f3124d1)
• typo in auth cookie error (489af4d)
• unit test by replacing inbucket image with a custom one (3d5d39d)
• update corresponding type for TOTP (65d9505)
• update default value from totp -> TOTP (c36fa1c)
• update getAAL and getAMR methods (792ea21)
• update getAuthenticatorAssuranceLevel (4559cf3)
• update mfa methods (#551) (958d948), closes /github.com/supabase/gotrue-js/blob/0fcc8f576d255b92e4e8bdc57c450e8b3390b700/src/lib/fetch.ts#L42
• update redirectURL type docs (1f45f02)
• update session userData and save to storage (b61ecee)
• update snapshot (6c68782)
• update tsdocs (#559) (a2920dd)
• update types for generateLink (99f1bec)
• updates confirmed_at to email_confirmed_at (582a3d4)
• use captcha_token in verifyOtp (#525) (321a95e)
• use current session in _startAutoRefreshToken callback (83f48ab)
• use snake_case in req body keys (fcc4306)
• validate error callback urls (c065fd4)
• var to const (ed8b13f)
• verify email otp to verifyOTP (78f2458)
• verifyOTP should send session (81b52db)
• wait for _getSessionFromUrl (4018cae)

Features

• add setSession support for a SSR context (be413ca)
• add signInWithSSO method as [@experimental](https://github.com/experimental) (#526) (a441eef)
• add challengeAndVerify (711fcd5)
• add cookie options to the jsdocs params (5314ce2)
• add export of types for downstream use (b78b003)
• add getAMR and getAAL (fa38a48)
• add getUser method (d32ae77)
• Add magic link api method and sign in. (#19) (e988987)
• add more method implementations (d8c5234)
• Add Next.js & Express cookie helpers. (#33) (f09d4cb)
• add provider refresh token (7c310ea)
• added async getSession method (a722840)
• adds docs (ad08a48)
• adds generateLink api method (9c54259)
• adds inviteUserByEmail for api users (6503a6c)
• adds sign up + sign in with mobile/password and mobile OTP (15a20a9)
• adds spotify and slack providers (897b020)
• adds Subscriptions (6d2ef91)
• allow clients to provide an hcaptcha response token (7d4fdf1)
• allow providing custom fetch implementation (967b145)
• allow twitter profile (c51767e)
• create Forgot password feature (61e4fec)
• create Remember me feature (801141f)
• creates a basic client (b7e4c04)
• createUser() (e278708)
• delete user (2ac0c3f)
• disallow setSession loophole (#536) (21e496c), closes #490
• documents release of client.user(), client.session(), and client.refreshSession() (d6a10ab)
• Give the ability for developers to redirect their users to a specified URL after they are logged in. (aa3ed98)
• initial MFA stubs (358e602)
• Merge pull request #304 from supabase/km/refactor-sign-in (f14cc9f)
• OAuth providers can now be supplied scopes (6e0e02c)
• refactor returns types to always return data (0b3086a)
• release v1.12.7 (28e8863)
• Release V2 RC (9d6d199)
• remove all cookie related methods (6211cf1)
• remove deprecated functions (1e3ce97)
• remove unused packages (7eca9d3)
• rename GoTrueApi to GoTrueAdminApi (4f6b92a)
• return pagination data for the listUsers() method (#544) (d4fe148), closes #537 #537 #537 #537
• start adding admin mfa bindings (496f1ec)
• support pagination options for listUsers() method (#537) (90495c9), closes /github.com/supabase/gotrue/blob/930f5affdab112db81e17ef799418206bead9092/api/pagination.go#L42-L43 /github.com/supabase/gotrue-js/blob/master/src/GoTrueAdminApi.ts#L105 /github.com/supabase/gotrue/blob/master/api/admin.go#L103
• update JSDoc with return doc (0c5e53b)
• update setSession (e6ee0c6)

Performance Improvements

• ♻️ applying early returns concept to reduce complexity and refactoring some methods to improve our performance (98d04e2)

Reverts

• Revert "test:remove unused test" (5cd249f)
• Revert "refactor: remove unused test" (7dcf48f)
• Revert "fix tests" (29e3ada)

BREAKING CHANGES

• Release V2