v0.10.0: What's new?

[pilcrowonpaper]

Hello! v0.10.0 is finally here, big thanks for waiting!

This update completely overhauls Lucia, transitioning to session tokens from JWTs and cookies from cookies/bearer token combo. I've improved the APIs as well and introduced a sleuth of lower-level APIs. Finally, I've rebuilt the documentation from scratch. It should be easier to understand Lucia, and the site is better designed as well, if I say so myself.

If you need to migrate your app, refer to v0.10.0: Migration guide.

Some major changes

• User ids are no longer generated by Lucia by default: User id generation is now handled by the database by default. So, the value type of the id column should be UUID or similar. You can still generate your own user id if you need to.
• Users and sessions are now separate: Minor but still important. createUser and authenticateUser no longer creates a new session. This also means you can create a new session just with the user's id.
• No more multiple request validation method: All requests can be validated using validateRequest().
• No more secrets: Lucia no longer requires a secret.
• No more tokens in the client: You no longer have to worry about adding the access token to forms or fetch request.
• Adapters are not cross-compatible: v0.10.0 adapters are vastly different from previous versions'.
• Everything is camelCase: For easier de-structuring.
• User data column names are converted to camelCase: some_column is converted to someColumn when accessing user data using Lucia.
• Sessions last 8 hours: Previously it was 15 minutes
• Renamed identification_token to provider_id: Provider ID conveys the meaning better

What's next?

I've removed the function that handles silent refresh since sessions last 8 hours. This should be fine for most cases, but it might be worth adding a wrapper around fetch() that refreshes the session and call the request again when an endpoint returns a 401. I thinking about making the error messages more specific.

As for the docs, I'll be adding more content as it only provides the bare minimum right now.

Finally, I'll be listening to community feedback to improve the library

As always, thank you for the continued support!!