This repository has been archived by the owner on Jan 24, 2019. It is now read-only.
1.0
Upgrading from 0.1
There have been significant updates to configuration options in this release including two backwards incompatible changes. Cookies are now set to httpsonly by default, and the naming of environment variables used for configuration has changed.
New Features / Changes since 0.1
- #25 - update for google OAuth migration
- #35 - Pass authenticated email as
X-Forwarded-Emailto enable SSO for tools like splunk that require the email address - thanks @rogerhu - #30 - /ping endpoint - thanks @jswank
- #22 - fix timing attack on cookie validation - thanks @dbrgn
- #34 - set httponly cookie
- #36 - updated Sign In Templates (better mobile support)
- #20 - support configuration via config file
- #37 - update environment variable parsing
- #38 - switch to gpm for dependency management
- #38 - enable httpsonly cookies by default