Skip to content

v0.26.0

Choose a tag to compare

@github-actions github-actions released this 14 Jun 16:58
54944a3

Added

  • config.passwordless.production_env_detector — an optional callable that
    decides whether the current deploy counts as "production" for the bypass-code
    guard. When nil (default) the gem falls back to Rails.env.production?, so
    existing consumers are unchanged. Apps that distinguish a physical deploy
    environment from RAILS_ENV (e.g. a staging box still running
    RAILS_ENV=production) can supply -> { AppEnv.production? } to permit a
    bypass_code on staging while it stays refused on real production. The guard
    in Passwordless::VerificationService (which also backs Otp.verify) now
    defers to this detector instead of checking Rails.env.production? directly.