v3.2.0

• Upgraded to ASP.NET Core 2.1 - #115
• Added CSRF attack protection for all API methods
• Fixed decimal values corruption
• Fixed issue with anonymous user which caused bad request due to antiforgery token validation
• Authentication cookie & ASP.NET Identity options (including lockout) now can be configured in appsettings.json (and Azure app service settings) - #110, e163db9
• Fixed password confirmation check on reset password form
• Misspelling Fulfilment → Fulfillment fixed
• Fixed wrong value of page size in fulfillment center search API
• Liquid InventoryQuantity and InventoryPolicy values fixed to correspond behavior specified in Shopify documentation - #80
• Fixed address equality logic
• Added missed Tag field of BlogSearch - #113
• Fixed compiler and static checker warnings

v3.1.4

• Changed functionality for work with user claims (the previous implementation could cause some errors with store custom claims in cookies)

v3.1.3

• Fixed bug with crash of web application at startup

v3.1.2

• Fixed bug with auto log out after 20-30 min session
• Fixed null reference exception on application starting
• Updated all NuGet packages to latest versions

v3.1.1

• Cleanup the appsettings.json remove unused settings
• Fixed bug with API method storefrontapi/subscriptions/search didn't return the correct answer

v3.1.0

• Reworked Wishlists API

• Added permission-based authorization [Authorize(SecurityConstants.Permissions.CanEditUsers)]

• Completely reworked authentication/authorization to work independently from the Core module API, this allows using custom security settings (password strong, or lock-out policy) independently of the platform settings.

• Added support of user invitation and new methods for work with a user account and organizations
  DELETE: storefrontapi/account/{userId}
POST: storefrontapi/account/organization
POST: storefrontapi/account/user
POST: storefrontapi/account/invitation
PUT: storefrontapi/account/organization
GET: storefrontapi/account/organization/current
POST: storefrontapi/account/organization/users/search
POST: storefrontapi/account/{userId}/lock
POST: storefrontapi/account/{userId}/unlock

• Fixed critical bug with product availability #79

v3.0.10

• Invalidate User cache when we add external login #73
• Added authorization for static content pages #70
• Restricting access to stores which do not share accounts #67
• Added sending confirmation email when registering VirtoCommerce/vc-platform#1283
• Fixed minor bugs with external logins

v3.0.9

• Fixed GitHub external login and return url

v3.0.8

• Implemented the UserManager.AddLoginAsync method to work with the platform API. This will allow to link multiple external logins to an existing user
• Fixed bug which may lead to the caching non-actual cart object

v3.0.7

• Added theme resources watching and cache invalidation for AzureBlob provider #59
• Fixed search in static content (not worked before)
• Fixed throwing NullReferenceException when product was adding to the cart
• Fixed a critical error with the TaxEvaluationContext caching (could lead to distortion of the value of TaxPerecent for cart line items)