UNPKG

supertokens-node

Version:

NodeJS driver for SuperTokens core

github.com/supertokens/supertokens-node

supertokens/supertokens-node

192 lines (154 loc) 6.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
# Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [4.3.3] - 2021-04-25 ### Changed: - Fixes case when bodyParser is not used in serverless functions - We now attempt to use bodyParser even if `req.body` is not `undefined` - as long as it's not a valid JSON. ## [4.3.2] - 2021-04-24 ### Changed: - Complies with FDI 1.7.1 for issue https://github.com/supertokens/supertokens-core/issues/233 ## [4.3.1] - 2021-04-17 ### Fixed - Issue https://github.com/supertokens/supertokens-node/issues/113: If the `idRefreshToken` is present in the request, but the refresh token is missing, we clear the `idRefreshToken` as well. ## [4.3.0] - 2021-04-15 ### Changed - verifySession now accepts an object as a parameter. Two valid parameters are sessionRequired and antiCsrfCheck. sessionRequired can be given by users if they intend to make the session requirement optional for an API. - updated type of handlePostSignIn parameter in signInFeature for thirdpartyemailpassword ### Added - handlePostSignUp parameter in signUpFeature for emailpassword recipe. - deprecation warning for handleCustomFormFieldsPostSignUp parameter. - handlePostSignIn parameter in signInFeature for emailpassword recipe. ## [4.2.0] - 2021-03-09 ### Added - Optimization for serverless execution - Config to enable serverless optimisation - apiWebProxyPath config added. This will allow user to config proxy path which would be used by browser while making request to the api-server. This enables to set correct value for the refreshTokenPath. ### Changed - allowing empty string to be passed in request body - doAntiCsrfCheck parameter for getSession in FaunaDB is now optional - Sign out API for session recipe - verifySession now accepts an object as a parameter. Two valid parameters are sessionRequired and antiCsrfCheck. sessionRequired can be by user if they intends to make the session requirement optional for the API. - Allows ";" at the end of connectionURI to core ## [4.1.3] - 2021-03-19 ### Changed - Fixes bug in NextJS wrapper which called resolve even though there was an error ## [4.1.2] - 2021-03-05 ### Changed - Fix Domain normalisation with "/.netlify/functions/api" ## [4.1.1] - 2021-03-05 ### Changed - Fix Path normalisation with "/.netlify/functions/api" ## [4.1.0] - 2021-02-23 ### Added - ThirdartyEmailpassword recipe added - sessionFeature config that allows user to set jwtPayload and sessionData during signup or signin - Changed error handling ## [4.0.1] - 2021-03-01 ### Changed - Type of authorisationRedirect params to include a function ## [4.0.0] - 2021-02-02 ### Changed - using jsonschema to validate user config input (https://github.com/supertokens/supertokens-node/issues/73) - Fixed https://github.com/supertokens/supertokens-node/issues/77 - Extracts email verification into its own recipe - Implements thirdparty recipe - Sends telemetryId for telemetry ## [3.4.2] - 2021-01-09 ## Added - Telemetry as per https://github.com/supertokens/supertokens-node/issues/85 ## [3.4.1] - 2021-02-06 ## Added - Allow users to pass FaunaDB client directly when using Session.init - Fixes https://github.com/supertokens/supertokens-node/issues/83 ## [3.4.0] - 2021-01-28 ### Changed - enableAntiCsrf as config parameter in session recipe - enableAntiCsrf boolean in session create,verify and refresh APIs if CDI version is 2.6 - cookieSecure to true by default if the apiDomain has https - if the apiDomain and websiteDomain values are different (no common top level domain), then cookieSameSite will be set to none by default, else set it to lax - Fixed https://github.com/supertokens/supertokens-node/issues/63 ## [3.3.2] - 2021-01-29 ### Fixed - Always sets httpOnly flag to be true for session cookies regardless of if secure flag is on or off. ## [3.3.1] - 2021-01-20 ### Changed - Update superTokensNextWrapper to add a return value. ## [3.3.0] - 2021-01-13 ### Added - Email verification feature - Change the User object to include timeJoined - Sends emails to our APIs only if not testing mode - Add superTokensNextWrapper generic express middleware wrapper - getUsersNewestFirst, getUsersOldestFirst and getUserCount functions ### Fixed - Bump axios from 0.19 to 0.21 to fix Critical Dependency ## [3.2.2] - 2020-12-18 ### Fixed - Removes the need for Proxy in NextJS so that if a session is created manually by the user, it still works ## [3.2.1] - 2020-12-16 ### Fixed - Fixes bug for missing return in nextjs helper - Changed name from supertokenMiddleware to superTokensMiddleware ## [3.2.0] - 2020-12-13 ### Changed - Add NextJS helper ## [3.1.1] - 2020-12-12 ### Changed - If `init` is called multiple times, it does not throw an error ## [3.1.0] - 2020-11-26 ### Added - Added changes as per new FDI: https://github.com/supertokens/frontend-driver-interface/issues/3 - API to check if an email exists ## [3.0.0] - 2020-11-18 ### Added - EmailPassword login features - https://github.com/supertokens/supertokens-node/pull/29 ### Changed - Restructures sessions to be its own recipe - Other changes: - https://github.com/supertokens/supertokens-node/pull/24 - https://github.com/supertokens/supertokens-node/pull/25 - https://github.com/supertokens/supertokens-node/pull/45 ## [2.5.0] - 2020-09-19 ### Added - FaunaDB integration ## [2.4.1] - 2020-10-15 ### Fixed - Issue #17 - Do not clear cookies if they do not exist in the first place ## [2.4.0] - 2020-09-10 ### Added - Support for CDI 2.3 and FDI 1.2 - Fixes issue #7 - Remove compatibility with CDI 1.0 ## [2.3.0] - 2020-08-05 ### Added - auth0Handler function - `getCORSAllowedHeaders` function to be used by `cors` middleware - Automatically adds a refresh API if the user calls the `init` function inside `app.use()` - Support for CDI 2.2 ## [2.2.2] - 2020-07-30 ### Fixed - Fixes #2 - Prevents duplicate `Access-Control-Allow-Credentials` header value ## [2.2.1] - 2020-07-14 ### Fixed - Fixed typo in exported typescript type ## [2.2.0] - 2020-06-29 ### Addition - Support for API key - Compatibility with CDI 2.1 ## [2.1.0] - 2020-06-18 ### Changes - config changes and code refactor ## [2.0.0] - 2020-05-04 ### Added - Middleware for verification, refreshing and error handling - `revokeMultipleSessions` function - `updateJWTPayload` function ### Changes - Code refactor ### Breaking changes - Changed `revokeSessionUsingSessionHandle` => `revokeSession` ## [1.1.0] - 2020-04-19 ### Added - Support for [CDI version 2.0](https://github.com/supertokens/core-driver-interface/blob/master/v2.0.0.txt)