-
Notifications
You must be signed in to change notification settings - Fork 11
Change Log
Mohamad El-Husseini edited this page May 28, 2013
·
5 revisions
- Added some flash messages to
redirectIfLoggedIn()
andisAuthorized()
methods. - Simplified authentication logic in the sessions controller.
- Changed bCyrpt object creation to dynamically detect server type. Suggested by James Harvey.
- Removed
IsapiRewrite4.ini
andweb.config
to reduce clutter. If you use IIS, you may want to add either one depending on your version. Grab them from CFWheels repo. - Fixed typo in
Users.cfc
filters arguments. Adam Chapman.
Version 2.2.0 requires a new SQL file (included). The SQL file included in previous versions is no longer compatible.
The following changes have been made in version 2.2.0:
- Added a new RESTful
Confirmations.cfc
controller for confirming email addresses. - Added two columns in the schema:
boolean confirmed
, andvarchar confirmation_token
. - Added new SQL file to reflect changes to the schema.
- Refactored how tokens are generated for password resets and confirmations. Using a stripped UUID as a secret key caused bad URLs.
- Added an Admin link that appears if the user is signed in as an admin.
- Moved
isAthorized()
method toController.cfc
so it can be reused byConfirmations.cfc
. - Added new callback to create a confirmation token when the user signs up.
- Removed dead code and email templates left over from version 1.
- The
Users#index.cfm
page now shows confirmation status for users. - Switched all places using
DateFormat()
to a customformatDate()
. This makes changing the date format easier as it's in a single place.
- Password hashing is now done using
BCrypt.class
instead of a SHA-512 key with 1024 iterations.
- Added friendly redirects.
- Minor bug fixes and dead code clean-up.
- Replaced the Sessions controller with a new RESTful style one.
- Replaced the PasswordResets controller with a new RESTful style one.
- Various changes to the schema:
- The app no longer uses a separate table to store password reset tokens. Password reset tokens are now stored in their own column in the users table.
- The
role
column is dropped from the users table, and in place of it is aboolean admin
column. This means refactoring the Authorization and Authentication controllers, and recreating the schema. - Dropped the
tokens
androles
tables.
- Removed account verification. I will add this at a later stage using a cleaner implementation.
- Massive refactoring.