A Time-Based One-Time Password (TOTP) Authentication Strategy for Remix-Auth.
Full Changelog: https://github.com/dev-xo/remix-auth-totp/compare/v3.2.0...v3.3.0
This release is focused on bringing enhanced security improvements.
A quick summary of the changes and updates applied:
v3.2.0 have been deprecated.Example Templates have also been updated reflecting these new changes.
Huge thanks to @ryan0x44 who let us know about a critical security issue this release has fixed. And as always, a million thanks to @mw10013 for the time invested and the effort put into the library itself.
Full Changelog: https://github.com/dev-xo/remix-auth-totp/compare/v3.1.0...v3.2.0
AppLoadContext as context to sendTOTP and verify by @ryan0x44 in https://github.com/dev-xo/remix-auth-totp/pull/53
maxAge unit from milliseconds to seconds. by @lean-dev in https://github.com/dev-xo/remix-auth-totp/pull/51
Full Changelog: https://github.com/dev-xo/remix-auth-totp/compare/v3.0.0...v3.1.0
Remix Auth TOTP v3 is here! 🎉
This major release centers on eliminating the reliance on the database and simplifying the overall Strategy. Learn more about it from the official PR: https://github.com/dev-xo/remix-auth-totp/pull/45
coerce utilityTOTPPayload structuregenerateAndSendTOTP
validateTOTP
totpFieldKey to codeFieldKey
MagicLinkGenerationOptions
form and request from SendTOTPOptions
code, magicLink, form, and request from TOTPVerifyParams
SendTOTPOptions with request and formData
TOTPVerifyParams with request and formData
v3.0.0
Special thanks to @mw10013 for taking responsibility of the entire release, including implementation, tests, migration documents, and all the care and effort put into it! 🙏
That's all for this release. Happy coding, folks!
Remix Auth TOTP v2 is here! 🎄
This major release focuses on splitting and introducing key improvements, enhancing both functionality and simplicity for developers and maintainers. You can learn more about it from the following PR: https://github.com/dev-xo/remix-auth-totp/pull/37
TOTPData and CRUD interfaces, laying a solid foundation for more structured and efficient TOTP operations.handleTOTP: We've divided handleTOTP into two distinct functions: readTOTP and updateTOTP.expiresAt: We've removed the setting of expiresAt from handleTOTP. Now, expiresAt is only relevant at the time of creation, reducing complexity and potential errors.storeTOTP: Simplifying the overall codebase.sendTOTP wrapper: In our pursuit of simplicity, the sendTOTP wrapper wasn't adding much value to the overall codebase.v1 to v2 migrations.v2.0.0.Special thanks to @mw10013 for taking responsibility for the entire release, including implementation, tests, migration documents, and all the care and effort put into it!
Merry Christmas, folks!
Implemented a solution for generating magic links using the request's origin instead of the host in the request headers when hostUrl is not provided. This addresses issues in environments like Cloudflare local development (wrangler/miniflare), ensuring the correct cookies are used. See https://github.com/dev-xo/remix-auth-totp/pull/29 for more details.
hostUrl is not provided.getHostUrl and its respective tests, along with HOST constant and its calls in test headers.v1.4.1.Special thanks to @mw10013 for issuing this and for taking the time to look into it!
That's all for this release. Happy coding, folks!
Introducing Cloudflare Support! 🎉
This has been achieved this by switching from jsonwebtoken library to jose, enhancing our support for JSON Web Tokens (JWT) - Issued https://github.com/dev-xo/remix-auth-totp/issues/28
jsonwebtoken with jose, adapting the codebase accordingly - https://github.com/dev-xo/remix-auth-totp/issues/28
v1.4.0.Special thanks to @mw10013 for issuing this and for taking the time to test the codebase updates.
That's all for this release. Happy coding, folks!
This update focuses on simplifying our codebase with a couple of refactors, such as removing the generic User type from sendTOTP calls and the TOTPStrategyOptions interface. We've also updated dependencies to resolve issues with the latest version of vitest.
sendTOTP calls — Issue resolved https://github.com/dev-xo/remix-auth-totp/issues/27.TOTPStrategyOptions interface — No longer necessary, related to https://github.com/dev-xo/remix-auth-totp/issues/27.1.0.0-beta.3 version of vitest.That's it for this release. Happy coding folks!
This release mostly concentrates on minor internal fixes and documentation updates. Also made some type adjustments and added Husky for better Git hooks.
expiresAt field is no longer Number type, instead Date or String types.maxAttempts property from TOTPGenerationOptions set as optional.pre-commit and pre-push hooks.That's it for this release. Happy coding folks!
This release focuses on new example integrations and feature enhancements. We've also done some housekeeping, improving documentation and updating dependencies.
expiresAt database field for better data management. Ref: https://github.com/dev-xo/remix-auth-totp/issues/23
CODE_OF_CONDUCT.md
That wraps it up for this Release. Happy coding folks!