2.0.0-rc.6
Pre-release
Pre-release
What's Changed
- fix: use JWTPublicKey for ECDSA token parsing by @lakhansamani in #487
- test: add missing test coverage for admin queries and edge cases by @lakhansamani in #498
- fix: respect isStrongPasswordDisabled in password validator by @lakhansamani in #488
- fix: use crypto/rand for OTP generation by @lakhansamani in #489
- fix: use constant-time comparison for admin secret by @lakhansamani in #490
- fix: add revoked user check to VerifyEmail and VerifyOTP by @lakhansamani in #491
- fix: correct boolean condition for password change in UpdateProfile by @lakhansamani in #493
- fix: add OTP expiration check in ResetPassword by @lakhansamani in #494
- fix: use zero-length slice with capacity for EmailTemplates by @lakhansamani in #496
- fix: validate roles in VerifyEmail HTTP handler by @lakhansamani in #497
- fix: correct verification request expiry logic in Login by @lakhansamani in #492
- fix: check verificationRequest.Identifier for login method in VerifyEmail by @lakhansamani in #495
Full Changelog: 2.0.0-rc.5...2.0.0-rc.6
Contributors
lakhansamani