Releases: nhost/hasura-auth
Release 0.6.3
Release 0.6.2
0.6.2 (2022-04-20)
Bug Fixes
- revert 00002 migration name to previous name when migration fails because of it (6a0856a)
We modified migration file names in previous versions. However while Hasura migration system seems to ignore such name changes,@djgrant/postgres-migrations
is not happy with it as it checks hashes from file names.
This fix handles the following cases:
- migration from 0.2 (
_
name) to further versions (-
name) - migration from 0.3 (
-
name) to further versions (-
name)
closes #129
Release 0.6.1
0.6.1 (2022-04-20)
Bug Fixes
- allow
redirectTo
option to start with anyAUTH_ACCESS_CONTROL_ALLOWED_REDIRECT_URLS
value (dac0332) - correct redirectTo and fall back to AUTH_CLIENT_URL if the
redirectTo
option is invalid (2e1819d), closes #137 - remove the AUTH_HOST environment variable (cacce97), closes #139
- run a metadata reload before and after applying hasura-auth metadata (bd9b361)
Performance Improvements
Release 0.6.0
Release 0.5.0
0.5.0 (2022-03-31)
Consistent error messages
Error messages were either sent as string or as an object (other errors). Moreover, the request payload validation was performed in two separate places in the code, as and a result, it was not possible to predict if payload validation errors were sent as a string or an object.
In addition, error codes and messages were inconsistent or missing from one endpoint to another, given the same type of error.
All errors sent back to the client now follow the same format:
{
error: string // machine-readable error code
status: number // http status
message: string // human-readable message
}
The list of errors is comprehensive and available here.
Redirect errors
Until now, endpoints that were redirecting the user to the frontend client were stopping redirection when an error occurred. It lead to bad user experience as users where stopped on a
In all the endpoints that have a redirectTo
option, errors are now instead passed on to the frontend client as a query parameter, so the frontend can handle these errors and guide the user accordingly.
The two following keys are added to the query string:
error
: machine-readable error codeerrorDescription
: human-readable message
Validate email when using OAuth providers
Email were not validated when authenticating with an Oauth provider. When the Oauth provider calls back to Hasura Auth, users with an email that don't follow the rules determined by AUTH_ACCESS_CONTROL_ALLOWED_EMAILS
, AUTH_ACCESS_CONTROL_ALLOWED_EMAIL_DOMAINS
, AUTH_ACCESS_CONTROL_BLOCKED_EMAILS
and AUTH_ACCESS_CONTROL_BLOCKED_EMAIL_DOMAINS
are now not able to complete authentication.
Closes #84
Fix allowed roles validation
The validation of allowedRoles
were failing when passed on as an option.
Closes #116
Improve code readability
This release comes with improvements in the code structure and readiblity:
- Request payload validation is consistently done by Joi prior to the handling of the endpoint logic
- The payload validation rules have been move to each route file, instead of putting them all in the same place
- Http status codes and messages are not hard coded anymore, but are writtent with
http-status-codes
- Helpers and utils files are restructured in a more sensible way, and exported/imported in the ESM way
- Dead code and uneless/stale comments have been removed
Release 0.4.3
Release 0.4.2
Release 0.4.1
Release 0.4.0
0.4.0 (2022-03-14)
What's new
Error Redirects
If any error happens when a user clicks on a link generated by Hasura Auth (e.g. magic link) the user now gets redirected to the client app together with information about the error as query parameters.
Errors:
- MissingVerificationTicket
- MissingVerificationType
- InvalidOrExpiredVerificationTicket
The previous behavior was to not redirect the user and instead show an error message that was not meant for users.
Options for providers
Signup options (like defaultRole
or metadata
) and the redirectTo
parameter now work when signing up with a provider.