v1.7.0

SMS Authentication Added

This feature is disabled by default and should not be used under normal circumstances. However, this feature is useful if your application doesn't need users to enter an email/password and you simply want them to enter their phone number and verify it with an authentication code.

You will need to provide your own implementation of the SMS sending, but the README provides an example.

v1.6.0

Tested and added compatibility for Rails 8.0.0 beta1

v1.5.1

Added installation rake task

bin/rails action_auth:install

Which will install the routes, migrations and configurations.

v1.5.0

Updates and UI Changes

- Added Webauthn Key Types
- Updated text for Passkey Only login that it doesn't work with hardware keys
- Fixed attr_accessors for passkey_only and pwned_enabled

Database Migration!

This release includes a migration. Be sure to run

bin/rails action_auth:install:migrations

v1.4.2

Second times a charm

v1.4.1

Forgot to bump the version.rb.

v1.4.0

Support for Passkey login without requiring email/password.

v1.2.0

Account deletion is a feature that is enabled by default. When a user deletes their account, the account is marked as deleted and the user is logged out. The user will no longer be able to log in with their email and password. The user will need to create a new account if they wish to continue using the application.

Here's an example of how you may want to add a delete account button to your application. Obviously, you will want to style this to fit your application and have some kind of confirmation dialog.

<p>
  Unhappy with the service?
  <%= button_to "Delete Account", action_auth.users_path, method: :delete %>
</p>

v1.1.0 Magic Links

Magic Links are released and enabled by default. You can disable this functionality in your initializer file.

ActionAuth.configure do |config|
  config.magic_link_enabled = false
end

v1.0.0

Remove ActionAuth Namespace

• the user, session and webauthn_credential tables have had their ActionAuth namespace removed
• tests updated to reflect the new tables
• updated the models to use the table_name
• updated README

Breaking Changes - Coming from v0.3.0 to v1.0.0, you will need to create a migration to rename the table and foreign keys.

class UpgradeActionAuth < ActiveRecord::Migration[7.1]
  def change
    rename_table :action_auth_users, :users

    rename_table :action_auth_sessions, :sessions
    rename_column :sessions, :action_auth_user_id, :user_id

    rename_table :action_auth_webauthn_credentials, :webauthn_credentials
    rename_column :webauthn_credentials, :action_auth_user_id, :user_id
  end
end

You will then need to undo the migrations where the foreign keys were added in cases where foreign_key: true was
changed to foreign_key: { to_table: 'action_auth_users' }. You can do this for each table with a migration like:

add_foreign_key :user_settings, :users, column: :user_id unless foreign_key_exists?(:user_settings, :users)
add_foreign_key :profiles, :users, column: :user_id unless foreign_key_exists?(:profiles, :users)
add_foreign_key :nfcs, :users, column: :user_id unless foreign_key_exists?(:nfcs, :users)