v4.3.0

What's Changed

Added

• Add optional on_login_success callback (#90)

Fixed

• Return boolean from AccountTypes#student_account? (#91)

v4.2.1

What's Changed

• Refresh access tokens before expiry by @chrisroos in #89

Full Changelog: v4.2.0...v4.2.1

v4.2.0

What's Changed

Added

• Allow OmniAuth setup phase to be configured (#76)
• Add RpiAuth::Models::Roles#parsed_roles (extracted from experience-cs) (#87)
• Add RpiAuth::Models::AccountTypes#student_account? (extracted from experience-cs) (#87)

v4.1.1

What's Changed

Fixed

• Fix requiring of oauth2 to avoid NoMethodError: undefined method 'config' for module OAuth2 (#86)

v4.1.0

What's Changed

Added

• Add access token-related functionality including auto-refresh (#83)

Fixed

• Fix use of User#expires_at in SpecHelpers#stub_auth_for (#82)

v4.0.0

What's Changed

Added

• Support for Ruby 3.3 (#78)

Fixed

• Load error when using Rake (#77)
• Don't use cached user if session has been reset (#79)

Removed

• Support for Ruby 2.7 (#78)

v3.6.0

What's Changed

Added

• Add test route to avoid the shadow root/having to render the global nav (#70)

v3.5.0

What's Changed

• Allow specific session keys to bypass reset_session by @grega in #63
• Migrate to GitHub Actions CI, fix test builds on main by @grega in #66

Full Changelog: v3.4.0...v3.5.0

v1.4.2

v1.4.1 was reverted, so we're skipping to v1.4.2 for clarity.

Adds session_keys_to_persist config option to allow for specific session keys to be persisted across logins (since logging in will reset the session: https://guides.rubyonrails.org/security.html#session-fixation-countermeasures)

v3.4.0

Removes v1_signup param as it is no longer required (RaspberryPiFoundation/profile#1512)