Skip to content

Release 0.5.0
Compare
Choose a tag to compare
@plmercereau plmercereau released this 31 Mar 08:52
· 588 commits to main since this release
v0.5.0
143af70

0.5.0 (2022-03-31)

Consistent error messages

Error messages were either sent as string or as an object (other errors). Moreover, the request payload validation was performed in two separate places in the code, as and a result, it was not possible to predict if payload validation errors were sent as a string or an object.
In addition, error codes and messages were inconsistent or missing from one endpoint to another, given the same type of error.

All errors sent back to the client now follow the same format:

{
  error: string // machine-readable error code
  status: number // http status
  message: string // human-readable message
}

The list of errors is comprehensive and available here.

Closes #98, #46

Redirect errors

Until now, endpoints that were redirecting the user to the frontend client were stopping redirection when an error occurred. It lead to bad user experience as users where stopped on a

In all the endpoints that have a redirectTo option, errors are now instead passed on to the frontend client as a query parameter, so the frontend can handle these errors and guide the user accordingly.

The two following keys are added to the query string:

  • error: machine-readable error code
  • errorDescription: human-readable message

Validate email when using OAuth providers

Email were not validated when authenticating with an Oauth provider. When the Oauth provider calls back to Hasura Auth, users with an email that don't follow the rules determined by AUTH_ACCESS_CONTROL_ALLOWED_EMAILS, AUTH_ACCESS_CONTROL_ALLOWED_EMAIL_DOMAINS, AUTH_ACCESS_CONTROL_BLOCKED_EMAILS and AUTH_ACCESS_CONTROL_BLOCKED_EMAIL_DOMAINS are now not able to complete authentication.

Closes #84

Fix allowed roles validation

The validation of allowedRoles were failing when passed on as an option.
Closes #116

Improve code readability

This release comes with improvements in the code structure and readiblity:

  • Request payload validation is consistently done by Joi prior to the handling of the endpoint logic
  • The payload validation rules have been move to each route file, instead of putting them all in the same place
  • Http status codes and messages are not hard coded anymore, but are writtent with http-status-codes
  • Helpers and utils files are restructured in a more sensible way, and exported/imported in the ESM way
  • Dead code and uneless/stale comments have been removed
Assets 2
Loading