What's Changed

Added

• Allow OmniAuth setup phase to be configured (#76)
• Add RpiAuth::Models::Roles#parsed_roles (extracted from experience-cs) (#87)
• Add RpiAuth::Models::AccountTypes#student_account? (extracted from experience-cs) (#87)

What's Changed

Fixed

• Fix requiring of oauth2 to avoid NoMethodError: undefined method 'config' for module OAuth2 (#86)

What's Changed

Added

• Add access token-related functionality including auto-refresh (#83)

Fixed

• Fix use of User#expires_at in SpecHelpers#stub_auth_for (#82)

What's Changed

Added

• Support for Ruby 3.3 (#78)

Fixed

• Load error when using Rake (#77)
• Don't use cached user if session has been reset (#79)

Removed

• Support for Ruby 2.7 (#78)

What's Changed

Added

• Add test route to avoid the shadow root/having to render the global nav (#70)

What's Changed

• Allow specific session keys to bypass reset_session by @grega in #63
• Migrate to GitHub Actions CI, fix test builds on main by @grega in #66

Full Changelog: v3.4.0...v3.5.0

v1.4.1 was reverted, so we're skipping to v1.4.2 for clarity.

Adds session_keys_to_persist config option to allow for specific session keys to be persisted across logins (since logging in will reset the session: https://guides.rubyonrails.org/security.html#session-fixation-countermeasures)

Removes v1_signup param as it is no longer required (RaspberryPiFoundation/profile#1512)

Added

• Add country attribute to Authenticable (#60)

Added

• Allow for customisation of returnTo param on log out (#56)
• Allow success_redirect to be configured as a block that is executed in the context of the AuthController (#57)