Skip to content

Release v0.3.6

Latest

Choose a tag to compare

@github-actions github-actions released this 30 Jun 21:55
0d0d411

MantisBase v0.3.6

This release standardizes the REST API surface, scopes authentication to
individual entities, and moves admin management into a dedicated namespace.
It includes breaking API changes — see the migration notes below.

Blog post available here

🚨 Breaking Changes

  • Auth endpoints are now per-entity. The target entity moved from the
    request body into the URL path:
    • POST /api/v1/auth/loginPOST /api/v1/auth/<entity>/login
    • POST /api/v1/auth/refreshPOST /api/v1/auth/<entity>/refresh
    • POST /api/v1/auth/logoutPOST /api/v1/auth/<entity>/logout
    • The "entity" field is no longer read from the login body.
  • Admin auth & setup moved out of /auth into the system namespace:
    • POST /api/v1/auth/setup/adminPOST /api/v1/sys/admins/setup
    • Admin login/refresh/logout now live under /api/v1/sys/admins/.
  • File serving path is now versioned:
    GET /api/files/<entity>/<filename>GET /api/v1/files/<entity>/<filename>
  • Auth login response is now wrapped in the standard envelope
    ({ "status", "data", "error" }) instead of returning the token/user at
    the top level.

✨ Features & Improvements

  • Standardized API namespaces — all endpoints grouped consistently under
    /api/v1/: auth/<entity>, entities, schemas, files, health,
    sys/logs, sys/admins, sys/settings, realtime.
  • Full admin CRUD under /api/v1/sys/admins/ (list, get, create, update,
    delete) alongside admin auth and initial setup.
  • Settings endpoints documented: GET|PATCH /api/v1/sys/settings/config.
  • Health check moved back out of /sys to /api/v1/health.
  • Auth routes now validate the target entity (must be an auth-type,
    non-system, API-enabled entity) and return 404 otherwise.

🧹 Internal / Refactors

  • Centralized entity CRUD routes into unified generic handlers to reduce
    memory usage
    (no longer one handler set per entity).
  • Decoupled schema route handlers from the schema object.
  • Pulled in WolfSSL updates; disabled a WolfSSL string-overflow warning.
  • Updated bundled submodules: json, jwt-cpp, spdlog, wolfssl,
    mb-admin.
  • Fixed clashing build targets for the zstd target.

📖 Docs

  • Rewrote the Authentication API guide, API reference, and Quick Start for the
    new per-entity auth and /api/v1/sys/* layout.

Full Changelog: v0.3.5...v0.3.6