Skip to content

charcoal-user 0.6.0
Compare
Choose a tag to compare
@mcaskill mcaskill released this 04 Nov 23:52
· 23 commits to master since this release
0.6.0
17a32ec
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Key Features

Authenticator

Refactored Authenticator to centralize authentication and password-handling. Moved login/logout/session/cookie handling from other classes to new AbstractAuthenticator and AuthenticatorInterface classes.

Auth Tokens

Refactored AuthToken to allow easier customization through new AbstractAuthToken and AuthTokenInterface classes.

Authenticatable

Added AuthenticatableInterface and trait to decouple access to properties required for authentication; which means Charcoal is no longer hardcoded to "email" and "password" and developers can easily swap user identifier for concepts like "username".

The Authenticator is dependent on AuthenticatableInterface instead of UserInterface.

The UserInterface now extends ModelInterface instead of ContentInterface (which is provided through AbstractUser's inheritance of Content).

BC Breaks

⚠️ This release WILL break your codebase

  • Login/logout/reset-password is handled by Authenticator instead of User
  • "Remember Me" feature is supported by the Authenticator
  • User models must support AuthenticatableInterface

Complete commits list: 0.5.2...0.6.0

Deprecated:

  • AuthTokenMetadata option "cookie_name" in favour of "token_name"
  • AuthTokenMetadata option "cookie_duration" in favour of "token_duration"

Added:

  • Method AbstractUser::validateLoginRequired() to check email address is compliant
  • Method AbstractUser::validateLoginUnique() to lookup email address is unique
  • Method AbstarAuthenticator::validateAuthentication() to allow sub-classes to customize requirements
Assets 2