1.11.2

Fixed

• Fixed issue with requests sometimes falling back to public schema

1.11.1

Fixed

• Fixed issue with author-only restrictions sometimes not applying correctly

1.11.0

Added

• Added PHP 8 support (the required minimum PHP version is now 7.4)

Changed

• User mutation fields are now typed correctly, allowing improved TypeScript codegen

Fixed

• preferredLanguage field wasn't available on per user group register mutations
• username field wasn't available on per user group register mutations
• Fixed error when trying to save a table field on user mutations
• Fixed issue with site permissions not being enforced correctly per user group

1.10.3

Changed

• Expired refresh tokens are now hard deleted

Fixed

• Fixed issue with schema scope not being retrieved from JWT correctly when restricting mutation arguments
• Ensured error codes are consistent when throwing invalid auth header errors

1.10.2

Fixed

• Fixed issue with schema injection not always resetting session correctly

1.10.1

Changed

• Improved field restriction logic and fallbacks

Fixed

• Fixed issue with refreshToken mutation throwing an error (#56 via @GMConsultant)

1.10.0

Added

• Added support for granular (per schema) field permissions – it's now possible to disable fields from being updated via mutations; or being completely private to both mutations and queries. See new Fields section in settings
• Added user avatar support – see new photo field on updateViewer, sending this argument as null will remove the avatar

1.9.1

{warning} BREAKING: This release migrates deleteCurrentToken and deleteAllTokens mutations to deleteRefreshToken and deleteRefreshTokens, respectively

Changed

• Further improvements to performance by reducing the number of database calls and loops
• deleteCurrentToken and deleteAllTokens mutations have been migrated to deleteRefreshToken and deleteRefreshTokens – due to no longer storing Craft GraphQL tokens, there's no longer a need for a way of deleting them

Fixed

• Fixed updateViewer mutation error (#54)
• Fixed mutations firing twice (#55 via @tam)
• Fixed plugin causing an error with console requests

1.9.0

Added

• Added separate Service ID and Service Secret fields for Sign in with Apple web implementations – if both native and web settings are populated, it is now necessary to pass a platform (NATIVE/WEB) argument to the appleSignIn mutation

Changed

• The plugin no longer creates Craft GraphQL tokens – schemas encoded into JWTs are now directly passed into Craft's GraphQL controller! (#29 via @approached)
• Lots of under-the-hood improvements to improve performance by reducing the number of database calls
• Removed unused JWT GraphQL type

Fixed

• Fixed Invalid Authorization Header error on sites using Apache (#52 and #53 via @GMConsultant)

Misc

• Added class method documentation blocks throughout plugin for easier third-party extensibility
• All services are now available as static properties on the plugin instance, i.e. GraphqlAuthentication::$tokenService

1.8.0

Added

• Added preferredLanguage argument to register and updateViewer mutations (#49 via @andrewfairlie)
• Added username arguments to register and updateViewer mutations. If username isn't set, it will fall back to the user's email address

Changed

• firstName and lastName are now optional on the register mutation

Fixed

• Fixed potential issue with queries against the public schema (PR #48 via @tam)
• Fixed error when sending a malformed JWT (PR #48 via @tam)
• Fixed potential error when visiting the plugin settings