Releases: skelpo/JWTMiddleware
1.0.0
Release Candidate 1
- Fully ready for Vapor 4
- Has tests now
- Switching to the Vapor style of semver
- CI enabled
- Repo cleaned up
v0.10.0 Dependencies Updated
dependency update
v0.9.0
Type Less, Type Less
Removed the Status generic type from PermissionsMiddleware because we can get that type information from the Payload generic type.
We also create a static String.payloadKey value so the key where the JWT payload is stored is type safe.
In the JWTVerificationMiddleware, if an Authorization header is not found, status code 402 (Unauthorized) is returned instead of 400 (Bad Request).
v0.8.2
v0.8.1
7f176b3
calebkleveter
Caleb Kleveter
Back to Where it Came From
In the JWTStorageMiddleware, we where pulling the payload from the request's private container, saving it back again, and continuing. Yeah, not point in doing that!
So now we get the JWT from the auth header, verify it, and store the payload in the request's private container. A much better idea.
v0.8.0
3f9493e
calebkleveter
Caleb Kleveter
The Middleware Became Agnostic
RouteRestrictionMiddleware was deemed to restrictive and relied to heavily on the parent route path. It has been replaced with PermissionsMiddleware and any route registered with the middleware is protected by it, making it agnostic to the route path it is on.
v0.7.0
This Route is Rather Restricting
And it should be, considering admins should be the only ones supposed to access the data. And you can add this functionality yourself, with RouteRestrictionMiddeware:
route.group(RouteRestrictionMiddleware(
restrictions: [
RouteRestriction(.DELETE, at: "users", User.parameter, allowed: [.admin, .moderator]),
...
],
parameters: [User.routingSlug: User.resolveParameter]
))v0.6.1
v0.6.0
Vapor Things: Season 3
Lets get away from the strangness of betas for a while. We now use the official Vapor 3.0 release.