1.7.1

• Make internal_request integration work on Rack 3.x, which will be supported in Rails 7.1
• Add missing Tailwind templates for WebAuthn feature
• Use renamed rodauth.webauthn_credential_options_for_get method in generated webauthn_auth template
• Fix generated webauthn_setup template not working with webauthn_verify_account feature
• Hide text fields in generated webauthn_{setup,auth} templates
• Fix loading JavaScript for WebAuthn in generated webauthn_{setup,auth} templates
• Make built-in mailer work in Rails 6.x on Ruby 3.2

1.7.0: Tailwind CSS support

Tailwind CSS view templates have been added to the rodauth:views generator, which can be imported by passing the --css=tailwind option to the generator (this is the default when using tailwindcss-rails).

$ rails generate rodauth:views --css=tailwind

Both light mode and dark mode are supported 🌘 Thanks to @benkoshy for the initial work! 🙏🏻

tailwind-light-dark.mov

1.6.4

• The generated logout form no longer logs out all active sessions by default. This was fixed by passing include_hidden: false to the global logout checkbox builder.
• The generated mailer has been redesigned to expose the Rodauth object, allowing for greater flexibility when wanting to call other Rodauth methods.
• The email configuration for password_reset_notify feature has been added to the install generator, commented out as this feature is not enabled by default.
• The #rails_account method can now be called on a Rodauth object that was allocated directly and that has @account set.

1.6.3

• The generated app/misc/rodauth_main.rb now suggests passing an integer to verify_account_grace_period instead of ActiveSupport::Duration, which is necessary when using the JWT feature (thanks to @vlado)
• The generated app/misc/rodauth_main.rb now sets password_minimum_length 8 as per OWASP recommendation (Rodauth's default is 6 characters), and sets password_maximum_bytes 72 due to bcrypt truncating inputs longer than 72 bytes (not needed when using argon2).
• Use pass roda plugin for automatic prefix routing after all, to prevent possible incorrect routing of custom Roda routes after Rodauth, due to request.remaining_path not being reset. It is unlikely that anyone has custom Roda routes defined in a Rails app, but it's better to have correct behaviour.

1.6.2

• The Active Record migrations now match the precision of CURRENT_TIMESTAMP default column values with the column type precision on MySQL and Rails 7.0+ (which is 6). This should avoid statement errors when running the migrations.

1.6.1

• The argument errors when calling RodauthMailer in default generated Rodauth configuration have now been fixed. This was a regression introduced in a previous release, where the default Rodauth configuration wasn't updated after making the configuration name a required argument in RodauthMailer methods.

1.6.0

• The current_account controller method doesn't redirect to the login page anymore when the current account was not found (not logged in, closed account, or deleted account record), and instead it returns nil in this case. This should make the behaviour less surprising, and work better with gems such as Audited, which expects the method for retrieving the current account to return nil.

  Applications that currently rely on current_account to redirect when there is no current account will need to be updated. In most cases, replacing rodauth.require_authenication with rodauth.require_account should be sufficient, with the active_sessions feature being a more robust solution. Given that the current_account method will clear the session if it contains the account ID of a closed/deleted account, any errors that happen should disappear on next page visit.

• The gem now works without Action Mailer being loaded. In this case, no email configuration is changed, so Rodauth's default behaviour will be called, which is to use the Mail gem directly. Loading the Mail gem can be skipped by setting require_mail? false in the Rodauth configuration.

• The Active Record migrations should now generate functional schema when using the activerecord-sqlserver-adapter gem, by avoiding creating IDENTITY columns for tables where the id column is both a primary and foreign key.

• The configuration name in the generated RodauthMailer methods is now a required argument, which should avoid Rubocop complaints.

v1.5.5

• The #current_account method doesn't raise ArgumentError anymore when called without being logged in (thanks to @benkoshy).
• The rodauth:views generator now aborts when unknown feature was specified.
• The rodauth:migration generator now aborts when unknown feature was specified.

v1.5.4

• When using Sequel as the primary database library, the generated migration now stores password hashes in the accounts table (instead of in a separate table), and creates an integer status column, which is compatible with the generated configuration and consistent with Active Record.

• The generated accounts.yml fixture now uses enum string values for status column, e.g. "verified" instead of 2.

• The fixture is now generated in test/fixtures instead of app/test/fixtures, and when using RSpec it's generated in spec/fixtures (thanks to @benkoshy).

v1.5.3

Yanked