actix-identity: v0.5.2

• Fix visit deadline. #263

actix-web-httpauth: v0.7.0

• Auth validator functions now need to return (Error, ServiceRequest) in error cases. #260
• Minimum supported Rust version (MSRV) is now 1.57 due to transitive time dependency.

actix-limitation: v0.3.0

• Limiter::builder now takes an impl Into<String>.
• Removed lifetime from Builder.
• Updated actix-session dependency to 0.7.

actix-identity: v0.5.1

• Remove unnecessary dependencies. #259

actix-identity: v0.5.0

actix-identity v0.5 is a complete rewrite. The goal is to streamline user experience and reduce maintenance overhead.

actix-identity is now designed as an additional layer on top of actix-session v0.7, focused on identity management. The identity information is stored in the session state, which is managed by actix-session and can be stored using any of the supported SessionStore implementations. This reduces the surface area in actix-identity (e.g., it is no longer concerned with cookies!) and provides a smooth upgrade path for users: if you need to work with sessions, you no longer need to choose between actix-session and actix-identity; they work together now!

actix-identity v0.5 has feature-parity with actix-identity v0.4; if you bump into any blocker when upgrading, please open an issue.

Changes:

• Minimum supported Rust version (MSRV) is now 1.57 due to transitive time dependency.

• IdentityService, IdentityPolicy and CookieIdentityPolicy have been replaced by IdentityMiddleware. #246

• Rename RequestIdentity trait to IdentityExt. #246

• Trying to extract an Identity for an unauthenticated user will return a 401 Unauthorized response to the client. Extract an Option<Identity> or a Result<Identity, actix_web::Error> if you need to handle cases where requests may or may not be authenticated. #246

  Example:

  use actix_web::{http::header::LOCATION, get, HttpResponse, Responder};
  use actix_identity::Identity;
  
  #[get("/")]
  async fn index(user: Option<Identity>) -> impl Responder {
      if let Some(user) = user {
          HttpResponse::Ok().finish()
      } else {
          // Redirect to login page if unauthenticated
          HttpResponse::TemporaryRedirect()
              .insert_header((LOCATION, "/login"))
              .finish()
      }
  }

actix-session: v0.7.0

• Added TtlExtensionPolicy enum to support different strategies for extending the TTL attached to the session state. TtlExtensionPolicy::OnEveryRequest now allows for long-lived sessions that do not expire if the user remains active. #233
• SessionLength is now called SessionLifecycle. #233
• SessionLength::Predetermined is now called SessionLifecycle::PersistentSession. #233
• The fields for Both SessionLength variants have been extracted into separate types (PersistentSession and BrowserSession). All fields are now private, manipulated via methods, to allow adding more configuration parameters in the future in a non-breaking fashion. #233
• SessionLength::Predetermined::max_session_length is now called PersistentSession::session_ttl. #233
• SessionLength::BrowserSession::state_ttl is now called BrowserSession::session_state_ttl. #233
• SessionMiddlewareBuilder::max_session_length is now called SessionMiddlewareBuilder::session_lifecycle. #233
• The SessionStore trait requires the implementation of a new method, SessionStore::update_ttl. #233
• All types used to configure SessionMiddleware have been moved to the config sub-module. #233
• Update actix dependency to 0.13.
• Update actix-redis dependency to 0.12.
• Minimum supported Rust version (MSRV) is now 1.57 due to transitive time dependency.

actix-redis: v0.12.0

• Update actix dependency to 0.13.
• Update redis-async dependency to 0.13.
• Update tokio-util dependency to 0.7.
• Minimum supported Rust version (MSRV) is now 1.57 due to transitive time dependency.

actix-protobuf: v0.8.0

• Update prost dependency to 0.10.
• Minimum supported Rust version (MSRV) is now 1.57 due to transitive time dependency.

actix-session: v0.6.2

• Implement SessionExt for GuardContext. #234
• RedisSessionStore will prevent connection timeouts from causing user-visible errors. #235
• Do not leak internal implementation details to callers when errors occur. #236

actix-limitation: v0.2.0

• Update Actix Web dependency to v4 ecosystem. #229
• Update Tokio dependencies to v1 ecosystem. #229
• Rename Limiter::{build => builder}(). #232
• Rename Builder::{finish => build}(). #232
• Exceeding the rate limit now returns a 429 Too Many Requests response. #232