v1.7.2

On logout the SessionsController#destroy action sets a “Clear-Site-Data” header to clear the browser cache. This is in order to prevent possible data leakage after logout via the browser’s “back/forward cache”.

v1.7.1

Small update to add subdomain support.

config.insert_cookie_domain = true # false by default

Closes #9

v1.7.0

SMS Authentication Added

This feature is disabled by default and should not be used under normal circumstances. However, this feature is useful if your application doesn't need users to enter an email/password and you simply want them to enter their phone number and verify it with an authentication code.

You will need to provide your own implementation of the SMS sending, but the README provides an example.

v1.6.0

Tested and added compatibility for Rails 8.0.0 beta1

v1.5.1

Added installation rake task

bin/rails action_auth:install

Which will install the routes, migrations and configurations.

v1.5.0

Updates and UI Changes

- Added Webauthn Key Types
- Updated text for Passkey Only login that it doesn't work with hardware keys
- Fixed attr_accessors for passkey_only and pwned_enabled

Database Migration!

This release includes a migration. Be sure to run

bin/rails action_auth:install:migrations

v1.4.2

Second times a charm

v1.4.1

Forgot to bump the version.rb.

v1.4.0

Support for Passkey login without requiring email/password.

v1.2.0

Account deletion is a feature that is enabled by default. When a user deletes their account, the account is marked as deleted and the user is logged out. The user will no longer be able to log in with their email and password. The user will need to create a new account if they wish to continue using the application.

Here's an example of how you may want to add a delete account button to your application. Obviously, you will want to style this to fit your application and have some kind of confirmation dialog.

<p>
  Unhappy with the service?
  <%= button_to "Delete Account", action_auth.users_path, method: :delete %>
</p>