Releases: jamesedmonston/graphql-authentication
Releases · jamesedmonston/graphql-authentication
1.11.2
Fixed
- Fixed issue with requests sometimes falling back to public schema
1.11.1
Fixed
- Fixed issue with author-only restrictions sometimes not applying correctly
1.11.0
Added
- Added PHP 8 support (the required minimum PHP version is now 7.4)
Changed
- User mutation fields are now typed correctly, allowing improved TypeScript codegen
Fixed
preferredLanguage
field wasn't available on per user groupregister
mutationsusername
field wasn't available on per user groupregister
mutations- Fixed error when trying to save a
table
field on user mutations - Fixed issue with site permissions not being enforced correctly per user group
1.10.3
Changed
- Expired refresh tokens are now hard deleted
Fixed
- Fixed issue with schema scope not being retrieved from JWT correctly when restricting mutation arguments
- Ensured error codes are consistent when throwing invalid auth header errors
1.10.2
Fixed
- Fixed issue with schema injection not always resetting session correctly
1.10.1
Changed
- Improved field restriction logic and fallbacks
Fixed
- Fixed issue with
refreshToken
mutation throwing an error (#56 via @GMConsultant)
1.10.0
Added
- Added support for granular (per schema) field permissions – it's now possible to disable fields from being updated via mutations; or being completely private to both mutations and queries. See new
Fields
section in settings - Added user avatar support – see new
photo
field onupdateViewer
, sending this argument asnull
will remove the avatar
1.9.1
{warning} BREAKING: This release migrates
deleteCurrentToken
anddeleteAllTokens
mutations todeleteRefreshToken
anddeleteRefreshTokens
, respectively
Changed
- Further improvements to performance by reducing the number of database calls and loops
deleteCurrentToken
anddeleteAllTokens
mutations have been migrated todeleteRefreshToken
anddeleteRefreshTokens
– due to no longer storing Craft GraphQL tokens, there's no longer a need for a way of deleting them
Fixed
1.9.0
Added
- Added separate
Service ID
andService Secret
fields for Sign in with Apple web implementations – if both native and web settings are populated, it is now necessary to pass aplatform
(NATIVE
/WEB
) argument to theappleSignIn
mutation
Changed
- The plugin no longer creates Craft GraphQL tokens – schemas encoded into JWTs are now directly passed into Craft's GraphQL controller! (#29 via @approached)
- Lots of under-the-hood improvements to improve performance by reducing the number of database calls
- Removed unused
JWT
GraphQL type
Fixed
- Fixed
Invalid Authorization Header
error on sites using Apache (#52 and #53 via @GMConsultant)
Misc
- Added class method documentation blocks throughout plugin for easier third-party extensibility
- All services are now available as static properties on the plugin instance, i.e.
GraphqlAuthentication::$tokenService
1.8.0
Added
- Added
preferredLanguage
argument toregister
andupdateViewer
mutations (#49 via @andrewfairlie) - Added
username
arguments toregister
andupdateViewer
mutations. If username isn't set, it will fall back to the user's email address
Changed
firstName
andlastName
are now optional on theregister
mutation