1.14.0
-
Controller callbacks can now specify
:only
and:except
to apply just to specific Rodauth routes. For example, the following will execute before the login POST request:class RodauthController < ApplicationController before_action :verify_captcha, only: :login, if: -> { request.post? } end
-
The Rodauth controller and route name are now being instrumented instead of
RodauthApp#call
. This should improve integration with APM agents, which might rely on:controller
referencing and actual controller class name, and also better differentiate between Rodauth routes in APM dashboard. -
The URL format for Rails routes is now being correctly applied when
http_basic_auth
is called in the Rodauth middleware. -
Fixed
data-turbo="false"
being added in the wrong place in reset password request form on login validation errors. -
The Rodauth app middleware subclass now uses
Module#set_temporary_name
on Ruby 3.3+ instead of custom#inspect
output. -
The generated fixtures now retrieve the auth class though the Rodauth app (
RodauthApp.rodauth
instead ofRodauthMain
), to avoid errors with BCrypt gem not being loaded. -
The account model is generated with
include Rodauth::Rails.model
again, to avoid errors with BCrypt gem not being loaded. -
Make generated
convert_token_id_to_integer?
configuration also work when switching to UUID primary key, while still avoiding DB queries at boot time. -
Custom column attributes can now be referenced on
rails_account
before the account is persisted (e.g. in abefore_create_account
callback). -
Dropped support for Ruby 2.3 and 2.4.