@marcoow marcoow released this Apr 10, 2014 · 1433 commits to master since this release

Assets 6

Ember.SimpleAuth has been split up into a base library and a set of extension libraries - the OAuth 2.0 authenticator/authorizer, the cookie session store as well as the new Devise authenticator/authorizer now reside in their own extension libraries so everybody can include only what they need. If you're currently using the OAuth 2.0 authenticator and/or authorizer, you now need to include the ember-simple-auth-oauth2.js file in your app! If you're using the Cookie store you need to include ember-simple-auth-cookie-store.js.

Also using an authorizer is now optional; if none is specified no requests will be authorized. If you're currently using an authorized be sure to specify it for Ember.SimpleAuth.setup now, e.g.:

Ember.SimpleAuth.setup(container, application, {
  authorizerFactory: 'authorizer:oauth2-bearer'

Other changes in this release:

  • the new Devise authenticator and authorizer have been added, see README in the package.
  • the session is no longer injected into models and views - it was probably not working for both for some time anyway and it was also not a good idea to do it in the first place as anything related to the session should be managed by the routes and controllers; see #122.
  • the authenticator's update event is now handled correctly so that it might lead to the session being invalidated, see #121.
  • examples have been updated
  • the OAuth 2.0 authenticator will now try to refresh an expired token on refresh and only reject when that fails, see #102