You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- Added `InvalidClaimStatusCode` optional config to set the status code of InvalidClaim errors.
19
+
- Added `OverrideGlobalClaimValidators` to options of `getSession` and `verifySession`.
20
+
- Added `MergeIntoAccessTokenPayload` to the Session recipe and session objects which should be preferred to the now deprecated `UpdateAccessTokenPayload`.
21
+
- Added `AssertClaims`, `ValidateClaimsForSessionHandle`, `ValidateClaimsInJWTPayload` to the Session recipe to support validation of the newly added `EmailVerificationClaim`.
22
+
- Added `FetchAndSetClaim`, `GetClaimValue`, `SetClaimValue` and `RemoveClaim` to the Session recipe to manage claims.
23
+
- Added `AssertClaims`, `FetchAndSetClaim`, `GetClaimValue`, `SetClaimValue` and `RemoveClaim` to session objects to manage claims.
24
+
- Added sessionContainer to the input of `GenerateEmailVerifyTokenPOST`, `VerifyEmailPOST`, `IsEmailVerifiedGET`.
25
+
- Adds default UserContext for verifySession calls that contains the request object.
26
+
- Added `UserRoleClaim` and `PermissionClaim` to user roles recipe.
27
+
28
+
### Breaking changes
29
+
- Changed `SignInUp` third party recipe function to accept an email string instead of an object that takes `{ID: string, IsVerified: boolean}`.
30
+
- The frontend SDK should be updated to a version supporting session claims!
31
+
- supertokens-auth-react: >= 0.25.0
32
+
- supertokens-web-js: >= 0.2.0
33
+
-`EmailVerification` recipe is now not initialized as part of auth recipes, it should be added to the `recipeList` directly instead.
34
+
- Email verification related overrides (`EmailVerificationFeature` prop of `Override`) moved from auth recipes into the `EmailVerification` recipe config.
35
+
- ThirdParty recipe no longer takes EmailDelivery config -> use Emailverification recipe's EmailDelivery instead.
36
+
- Moved email verification related configs from the `EmailDelivery` config of auth recipes into a separate `EmailVerification` email delivery config.
37
+
- Updated return type of `GetEmailForUserId` in the `EmailVerification` recipe config. It should now return `OK`, `EmailDoesNotExistError` or `UnknownUserIDError` as response.
38
+
- Removed `GetResetPasswordURL`, `GetEmailVerificationURL`, `GetLinkDomainAndPath`. Changing these urls can be done in the email delivery configs instead.
39
+
- Removed `UnverifyEmail`, `RevokeEmailVerificationTokens`, `IsEmailVerified`, `VerifyEmailUsingToken` and `CreateEmailVerificationToken` from auth recipes. These should be called on the `EmailVerification` recipe instead.
40
+
- Changed function signature for email verification APIs to accept a sessionContainer as an input.
41
+
- Changed Session API interface functions:
42
+
-`RefreshPOST` now returns a Session container object.
43
+
-`SignOutPOST` now takes in an optional session object as a parameter.
44
+
-`SessionContainer` is renamed to `TypeSessionContainer` and `SessionContainer` is now an alias for `*TypeSessionContainer`. All `*SessionContainer` is now replaced with `SessionContainer`.
45
+
- Removed unused parameter `email` from `thirdpartyemailpassword.GetUserByThirdPartyInfoWithContext` function.
The UserRoles recipe now adds role and permission information into the access token payload by default. If you are already doing this manually, this will result in duplicate data in the access token.
183
+
184
+
- You can disable this behaviour by setting `SkipAddingRolesToAccessToken` and `SkipAddingPermissionsToAccessToken` to true in the recipe init.
185
+
- Check how to use the new claims in the updated guide: https://supertokens.com/docs/userroles/protecting-routes
186
+
187
+
10
188
## [0.8.3] - 2022-07-30
11
189
### Added
12
190
- Adds test to verify that session container uses overridden functions
0 commit comments