You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* chore: update to mfa branch of web-js
* feat: mfa recipe setup
* feat: add support for firstFactor
* fix: fix chooseComponentBasedOnFirstFactors to properly get the max count
* feat: navigation based on claim validation failures
* feat: implement factor chooser screen
* feat: factor chooser fixes and updates
* feat: update pwless to support otp based mfa
* feat: initial impl of totp mfa
* feat: export totp bundle
* feat: finish TOTP + test setup WIP
* feat: finish TOTP + test setup WIP
* feat: add back button to factor chooser and filter the options
* feat: update how back buttons are styled
* test: update how back button is selected in tests
* feat: finishing totp initial impl
* test: initial test for MFA
* feat: self-review fixes & updates
* feat: self-review fixes&cleanup
* feat: self-review fixes&cleanup
* test: add firstFactors tests
* tests: complete initial test-set of MFA
* fix: firstFactors + test helpers
* fix: small test based fixes
* feat: finishing touches
* test: update first factor tests to match new behaviour w/ extra checks
* feat: clean up first factor handling
* feat: add retry info to verifyCode/Device
* refactor: rename passwordlessFirstFactors since it's not only first factors
* feat: self-review fixes
* chore: add mfa ui to size limits
* refactor: remove updates that will be added in other PRs + simplifications
* test: clean up
* chore: increase size limits
* test: add reset method to mfa recipe
* feat: make sure firstFactor conflicts hit user error boundaries
* feat: update design and fix font-weight issues
* chore: update web-js dep
* feat: update design
* feat: update design
* refactor: self-review fixes
* refactor: self-review fixes
* chore: update changelog
* fix: revert unnecessary changes
* feat: use redirect info if available on mfa success
* refactor: use redirectToFactor instead of re-implementing
* fix: add missing param into redirectToFactorChooser call
* chore: update changelog
* test: update tests for MFA
* test: skip mock mfa tests until removal
* fix: override and routing fixes
* test: update e2e test to work with an actual BE
* fix: making sure async errors hit error boundaries + smaller test fixes
* feat: allow showing matching sub-recipe components if not on websitebasepath
* fix: auth server test
* feat: add the mfa recipe and basic support (#758)
* chore: update to mfa branch of web-js
* feat: mfa recipe setup
* feat: add support for firstFactor
* fix: fix chooseComponentBasedOnFirstFactors to properly get the max count
* feat: navigation based on claim validation failures
* feat: implement factor chooser screen
* feat: factor chooser fixes and updates
* feat: add back button to factor chooser and filter the options
* test: update how back button is selected in tests
* feat: self-review fixes & updates
* fix: firstFactors + test helpers
* feat: clean up first factor handling
* feat: self-review fixes
* chore: add mfa ui to size limits
* refactor: remove updates that will be added in other PRs + simplifications
* chore: increase size limits
* test: add reset method to mfa recipe
* feat: update design and fix font-weight issues
* chore: update web-js dep
* refactor: use redirectToFactor instead of re-implementing
* fix: override and routing fixes
* feat: allow showing matching sub-recipe components if not on websitebasepath
* chore: add missing notes to changelog
* test: ensure tests pass on older versions
* test: add missing case
* fix: exposing mfa in tppwless + cleanup/refactor
* test: split up mfa tests into multiple files
* feat: update passwordless to support OTP based MFA (#759)
* chore: update to mfa branch of web-js
* feat: mfa recipe setup
* feat: add support for firstFactor
* fix: fix chooseComponentBasedOnFirstFactors to properly get the max count
* feat: navigation based on claim validation failures
* feat: implement factor chooser screen
* feat: factor chooser fixes and updates
* feat: update pwless to support otp based mfa
* feat: add back button to factor chooser and filter the options
* feat: update how back buttons are styled
* test: update how back button is selected in tests
* feat: self-review fixes & updates
* feat: self-review fixes&cleanup
* fix: firstFactors + test helpers
* fix: small test based fixes
* feat: clean up first factor handling
* refactor: rename passwordlessFirstFactors since it's not only first factors
* feat: self-review fixes
* chore: add mfa ui to size limits
* refactor: remove updates that will be added in other PRs + simplifications
* chore: increase size limits
* test: add reset method to mfa recipe
* feat: make sure firstFactor conflicts hit user error boundaries
* feat: update design and fix font-weight issues
* chore: update web-js dep
* feat: update design
* refactor: self-review fixes
* refactor: self-review fixes
* chore: update changelog
* feat: use redirect info if available on mfa success
* refactor: use redirectToFactor instead of re-implementing
* fix: add missing param into redirectToFactorChooser call
* fix: override and routing fixes
* feat: allow showing matching sub-recipe components if not on websitebasepath
* fix: exposing mfa in tppwless + cleanup/refactor
* feat: totp recipe for MFA (#763)
* chore: update to mfa branch of web-js
* feat: mfa recipe setup
* feat: add support for firstFactor
* fix: fix chooseComponentBasedOnFirstFactors to properly get the max count
* feat: navigation based on claim validation failures
* feat: implement factor chooser screen
* feat: factor chooser fixes and updates
* feat: update pwless to support otp based mfa
* feat: initial impl of totp mfa
* feat: export totp bundle
* feat: finish TOTP + test setup WIP
* feat: finish TOTP + test setup WIP
* feat: add back button to factor chooser and filter the options
* feat: update how back buttons are styled
* test: update how back button is selected in tests
* feat: finishing totp initial impl
* test: initial test for MFA
* feat: self-review fixes & updates
* feat: self-review fixes&cleanup
* feat: self-review fixes&cleanup
* test: add firstFactors tests
* tests: complete initial test-set of MFA
* fix: firstFactors + test helpers
* fix: small test based fixes
* feat: finishing touches
* test: update first factor tests to match new behaviour w/ extra checks
* feat: clean up first factor handling
* feat: add retry info to verifyCode/Device
* refactor: rename passwordlessFirstFactors since it's not only first factors
* feat: self-review fixes
* chore: add mfa ui to size limits
* refactor: remove updates that will be added in other PRs + simplifications
* test: clean up
* chore: increase size limits
* test: add reset method to mfa recipe
* feat: make sure firstFactor conflicts hit user error boundaries
* feat: update design and fix font-weight issues
* chore: update web-js dep
* feat: update design
* feat: update design
* refactor: self-review fixes
* refactor: self-review fixes
* chore: update changelog
* fix: revert unnecessary changes
* feat: use redirect info if available on mfa success
* refactor: use redirectToFactor instead of re-implementing
* fix: add missing param into redirectToFactorChooser call
* chore: update changelog
* test: update tests for MFA
* test: skip mock mfa tests until removal
* fix: override and routing fixes
* feat: allow showing matching sub-recipe components if not on websitebasepath
* fix: exposing mfa in tppwless + cleanup/refactor
* refactor: cleanup&renames
* refactor: consistency fixes
* docs: add storybook (#774)
* ci: add storybook
* ci: update stories after merge
* ci: update&add stories
* refactor: small code-changes to help storybooks build/work right
* docs: fix usesDynamicLoginMethods control in storybooks
* docs: reset uis properly when re-rendering auth page stories
* docs: provide better error reporting in auth page stories
* docs: add separate stories for different button configs in totp
* test: add stories for auth recipe screens
* fix: type fixes and design updates + extended storybook
* test: make tests backward compatible
* fix: fix recipe name in error message
* test: fix enableMFA
* test: update tests to work w/ new BE behaviour
* fix: small self-review fixes
* fix: self-review fixes
* fix: add missing type to prebuiltuis
* fix: fix console errors
* fix: small design and usability upgrades
* docs: update with-phone-password to use MFA
* docs: remove 2fa examples and update the README to point to new mfa examples
* fix: add missing arg to redirectToFactorChooser
* fix: add missing param
* fix: add missing param
* docs: add mfa example with recovery codes
* docs: save netlify-cli version in netlify example
* fix: mfa otp loading screen override
* docs: add mfa-with-phone-chooser example
* fix: remove duplicate type + rebuild
* refactor: removed unused state and related action/types
* refactor: simplify impl
* refactor: make usage of FeatureBaseProps consistent
* refactor: consistency updates
* chore: remove unused test code
* feat(mfa): finish todo list (#782)
* feat: updated when we ask for contact info based slack discussion
* fix: make sure change email address shows up at the right time
* docs: update emailverification-with-otp example to use MFA
* test: add test cases that check if redirectToPath is respected in mfa
* fix: small fixes and updates for the updated node impl
* test: update tests to match new behaviour/utils
* docs: reset dependencies to latest
* feat(mfa!): w1 discussions (#787)
* feat: update to match new BE interface
* feat: simplifications and consistency fixes
* test: remove test changes & rebuild
* fix: manual-test fixes
* chore: update to match new st-web types
* feat: add totp events + update types
* chore: add clarification comment
* refactor: clean up todos
* feat(mfa): implement w2 discussion (#788)
* feat: updates based on w2 discussions
* chore: update changelog
* test: test app consistency fixes
* chore: remove duplicate deps
* chore: add storybook to npmignore
* feat: implementing review comments
* fix: update how we decide when to show the back button
* fix: remove !important from css styles (#791)
* feat: fix types and add newSessionCreated to redirect context
* feat: implementing review feedback + discussion
* feat: update getLoginMethod types and related logic
* fix: test fixes
* feat: expose FactorIds through the mfa recipe
* feat: add rid to success events
* docs: update examples to newest API
* feat: redirect to the email verification page in case MFA requires it
* docs: update account-linking example
* docs: update recovery code example to separate the create recovery code page
* docs: update example readmes and minor cleanup
* feat\!: rename isNewPrimaryUser to createdNewUser
* chore: update changelog and PR template checklist with review comments
* docs: add error codes to translation files
* chore: move and update version requirements in changelog
* chore: add factor id list update to pr checklist
* docs: complete error code list in translation files
* feat: add consistent fallbacks to every onFetchError
* docs: removed example we will be splitting up
* docs: implement review comments in examples and extend the changelog
* docs: replace custom API with session based linking
* docs: update examples to new interface
* feat: update totp logo
* feat: update after web-js types changed
* fix: minor test fixes and updates
* chore: update size limits
* docs: update examples
* docs: rename updated phone-pw example to phone-pw-mfa and reset the phone-pw to master
---------
Co-authored-by: Sattvik Chakravarthy <[email protected]>
Co-authored-by: Ankit Tiwari <[email protected]>
Copy file name to clipboardExpand all lines: .github/PULL_REQUEST_TEMPLATE.md
+2
Original file line number
Diff line number
Diff line change
@@ -31,6 +31,8 @@
31
31
-[ ] If added a new recipe interface, then make sure that the implementation of it uses NON arrow functions only (like `someFunc: function () {..}`).
32
32
-[ ] If I added a new recipe, I also added the recipe entry point into the `size-limit` section of `package.json` with the size limit set to the current size rounded up.
33
33
-[ ] If I added a new recipe, I also added the recipe entry point into the `rollup.config.mjs`
34
+
-[ ] If I added a new login method, I modified the list in `lib/ts/types.ts`
35
+
-[ ] If I added a factor id, I modified the list in `lib/ts/recipe/multifactorauth/types.ts`
Copy file name to clipboardExpand all lines: CHANGELOG.md
+244
Original file line number
Diff line number
Diff line change
@@ -5,6 +5,250 @@ All notable changes to this project will be documented in this file.
5
5
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6
6
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html)
7
7
8
+
## [0.39.0] - 2024-03-07
9
+
10
+
### Overview
11
+
12
+
#### Introducing MFA
13
+
14
+
With this release, we are introducing MultiFactorAuth and TOTP, this will let you:
15
+
16
+
- require (2FA or MFA) during sign in
17
+
- make use of TOTP (e.g.: Google authenticator) as an MFA challenge
18
+
19
+
Check our [guide](https://supertokens.com/docs/mfa/introduction) for more information.
20
+
21
+
### Breaking changes
22
+
23
+
-`SUCCESS` redirections are now handled by the `getRedirectionURL` callback passed to the `SuperTokens.init` config, instead of the recipe level callbacks
24
+
-`isNewPrimaryUser` is renamed to `createdNewUser`
25
+
- Refactored/renamed some styling options (`resetPasswordHeaderTitle` -> `headerTitle withBackButton`)
26
+
- Some default styling has changed related to how fonts/font-weights are applied
27
+
- Changed how `headerSubtitle` is styled in components: `EmailPasswordResetPasswordEmail`, `EmailPasswordSubmitNewPassword`, `EmailPasswordSignInHeader`, `EmailPasswordSignUpHeader`
28
+
- Removed an `ErrorBoundary` wrapping all our feature components to make sure all errors are properly catchable by the app
29
+
- In `supertokens-web-js` (which you may also be using), we added `firstFactors` into the return type of `getLoginMethods` and removed the enabled flags of different login methods.
30
+
- For older FDI versions, the firstFactors array will be calculated based on those enabled flags.
- Please note, that during MFA we re-use the existing overrideable comps for the form section:
238
+
-`PasswordlessEmailForm_Override`
239
+
-`PasswordlessPhoneForm_Override`
240
+
-`PasswordlessEmailOrPhoneForm_Override`
241
+
- Added a `useShadowDom` prop to the `AccessDeniedScreen`
242
+
- Added an `error` prop to the `AccessDeniedScreen` that can be used to describe the reason access is denied.
243
+
- Added a `footer` prop to `EmailOrPhoneForm`, `EmailForm` and `PhoneForm` which is used to override the default sign in/up footers in case the component is for MFA
244
+
- Sign in/up functions can now return new (MFA related) error codes.
245
+
- New (MFA related) error codes have been added to the default translation files.
246
+
- Updated how we select which login UI to show to take the `firstFactors` config value into account (defined in the `MultiFactorAuth` recipe or in the tenant information)
247
+
- The passwordless and thirdpartypasswordless sign in/up screens now respect the firstFactors configuration (defined in the `MultiFactorAuth` recipe or in the tenant information) when selecting the available contact methods.
248
+
- Added TOTP recipe. For more details please check our guide MFA guide.
249
+
- Fixed a font loading issue, that caused apps using the default (Rubik) font to appear with the incorrect font weights
250
+
- Added `rid` and `createdNewSession` to events with `action: "SUCCESS"`
0 commit comments