Skip to content

Releases: cakephp/authentication

CakePHP Authentication 2.0.0

16 Dec 03:19
@markstory markstory
2.0.0
4a6b561
Compare
Choose a tag to compare
CakePHP Authentication 2.0.0
  • Compatible with CakePHP 4.0
Assets 2
Loading

1.4.0

09 Nov 19:56
@dereuromark dereuromark
1.4.0
007d62a
Compare
Choose a tag to compare
1.4.0

Improvements

  • getIdentificationProvider() has been added to get the successful identification provider if available.
Assets 2
Loading

Authentication 1.3.0

05 Nov 14:23
@markstory markstory
1.3.0
db4163e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Authentication 1.3.0

Added

  • AuthenticationComponent::getLoginRedirect() was added to make getting the post-login redirect URL simpler.
  • Documentation organization has been improved.
  • Upgrade guide documentation improved.
Assets 2
Loading

CakePHP Authentication 1.2.1

22 Sep 15:26
@markstory markstory
1.2.1
98dce91
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.2.1

Fixes

  • Fix logout not taking effect when using SessionAuthenticator.
Assets 2
Loading

CakePHP Authentication 1.2.0

21 Sep 15:26
@markstory markstory
1.2.0
4884c2b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.2.0

Deprecations

  • Setting the unauthenticatedRedirect, queryParam and identityAttribute options on AuthenticationMiddleware is deprecated. These options should now be set on the service.

New Features

  • The unauthenticatedRedirect, and queryParam options can now be configured on the AuthenticationService. This makes it easier to use Router to generate the redirect URL.

Other Changes

To fix a potential session fixation problem in the SessionAuthenticator without impacting SecurityComponent identity information is now persisted to the session after the controller action is complete. If your application accesses the currently logged in identity through the session directly you will get information from the previous request. You should consider updating your code to use $request->getAttribute('identity') instead.

Assets 2
Loading

CakePHP Authentication 1.1.5

21 Sep 00:28
@markstory markstory
1.1.5
d39e50f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.5

Fixes

  • The session id rotation changes added in 1.1.3 have been reverted. They broke compatibility with SecurityComponent in a way that could not be fixed without other changes.
  • This release is susceptible to session fixation attacks due to the removed session id regeneration. Upgrade to 1.2.0 to resolve this.
Assets 2
Loading

CakePHP Authentication 1.1.4

09 Sep 14:13
@markstory markstory
1.1.4
72c26cf
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.4

Fixes

  • Fixed session being rotated on each request. Now the session is only rotated when the session storage moves from empty to not empty.
Assets 2
Loading

CakePHP Authentication 1.1.3

06 Sep 13:57
@markstory markstory
1.1.3
d7659d5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.3

Fixes

  • Removed protocol and host from redirect query string parameter.
  • Improved documentation on migrating from AuthComponent.
  • Improved doc strings.
  • SessionAuthenticator now rotates the session ID when persisting or clearing an identity.

Other

  • Updated dependency on firebase/php-jwt
Assets 2
Loading

CakePHP Authentication 1.1.2

17 Mar 01:58
@markstory markstory
1.1.2
eaae8b0
Compare
Choose a tag to compare
CakePHP Authentication 1.1.2
  • Fixed redirect URL generation when the target URL contains a fragment.
Assets 2
Loading

CakePHP Authentication 1.1.1

12 Mar 00:17
@markstory markstory
1.1.1
524dc70
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
CakePHP Authentication 1.1.1
  • Fixed base directory handling for CakePHP applications inside a subdirectory.
Assets 2
Loading