Skip to content

v0.2.0

Choose a tag to compare

View all tags
@joemarct joemarct released this 04 Mar 05:53
· 21 commits to master since this release
v0.2.0
6e44d62

What's New in v0.2.0

This release introduces major improvements across all packages, focusing on production readiness, security enhancements, and developer experience.

✨ New Features

JavaScript Client (bitcoincash-oauth-client)

  • Automatic Token Refresh - Tokens automatically refresh before expiry with configurable threshold
  • Custom Error Classes - Specific errors: OAuthError, NetworkError, AuthenticationError, TokenExpiredError, UserNotFoundError, InvalidTokenError
  • Debug Mode - Optional debug logging for development
  • Custom Storage Keys - Support multiple OAuth clients with configurable token storage keys
  • Capacitor Support - Better fetch detection with helpful error messages for hybrid apps
  • authenticatedRequest() - Make authenticated API calls with automatic retry on 401

Django Package (bitcoincash-oauth-django)

  • Database Persistence - Full Django models (BitcoinCashUser, OAuthToken) replacing in-memory storage
  • Signature-Based Registration - Requires proof of wallet ownership (prevents wallet squatting)
  • Django Admin Integration - Manage users and tokens via Django admin interface
  • Management Commands:
    • bitcoincash_cleanup_tokens - Remove expired tokens
    • bitcoincash_create_user - Create users via CLI
    • bitcoincash_revoke_token - Revoke specific tokens
  • Webhook Signals - token_created, token_refreshed, token_revoked, user_registered
  • Permission Classes - IsOwner, IsOwnerOrReadOnly, HasScope
  • Token Blacklist - Cache-based blacklist for immediate token invalidation

FastAPI Package (bitcoincash-oauth-fastapi)

  • SQLAlchemy Async Models - Full async database support (PostgreSQL, MySQL, SQLite)
  • Pydantic Settings - Environment variable configuration
  • Signature-Based Registration - Configurable signature requirement
  • Redis Cache Support - Token blacklist with Redis (optional)
  • FastAPI Dependencies - get_current_user, has_scope, etc.
  • Event System - Webhook-style events for token lifecycle
  • Testing Utilities - OAuthTestClient, pytest fixtures

🔒 Security Improvements

  • Signature Verification for Registration - Prevents wallet address squatting
  • Token Rotation on Refresh - Enhanced security with automatic token rotation
  • Immediate Token Invalidation - Cache-based blacklist works across all workers
  • Database Persistence - Production-ready multi-worker support

⚠️ Breaking Changes

Django & FastAPI Packages:

  • Now require database (SQLAlchemy/Django ORM)
  • Registration requires signature by default (configurable)
  • Token response includes user_id field (standardized format)

Migration Required:

  • Django: Run python manage.py migrate
  • FastAPI: Set BITCOINCASH_OAUTH_DATABASE_URL environment variable

📦 Package Versions

  • bitcoincash-oauth-client@0.2.0
  • bitcoincash-oauth-django==0.2.0
  • bitcoincash-oauth-fastapi==0.2.0

📚 Documentation

Full documentation and migration guide available in CHANGELOG.md

Full Changelog: v0.1.1...v0.2.0

Assets 2
Loading