* improvement: set confirmed field to `nil`, for reconfirmation
* chore: format
* improvement: only change `confirmed_at_field` if its not changing, and only on updates
* improvement(TokenResource)!: Store the token subject in the token resource.
This is a breaking change because you may have to delete tokens in your database so that you can avoid the non-null constraint on subject.
* docs: Add upgrading documentation.
Changes the behaviour of the `ConfirmationHookChange` to pass the original, unmodified changeset in the sender options so that senders can account for inhibited changes.
* Adds the `require_token_presence_for_authentication?` DSL option to the Authentication extension which when enabled changes the following behaviour:
1. The `store_in_session` plug will store the user's token rather than their subject in the session.
2. The `retrieve_from_session` plug will look for a stored token in the session rather than a subject and ensure that it's present in the `TokenResource`.
3. The `retrieve_from_bearer` plug will ensure that the token is present in the `TokenResource`.
* Adds the `get_token` action to the `TokenResource`.
After #89 was merged folks were no longer able to use `AshAuthentication.Strategy.Password.HashPasswordChange` and `AshAuthentication.Strategy.Password.PasswordConfirmationValidation` in their own actions. This change fixes this issue by allowing the name of the strategy to be passed in in the changeset context.
Use the `AshAuthentication.Secret` behaviour, rather than asking the user to explicitly set it in their application environment.
This is a breaking change that will require folks to change their resource config to look up the signing secret.
Closes#79.
Closes#77.
* Fix typo
* Password strategy requires a name
* Update documentation/getting_started/getting_started_01_basic_setup.md
Co-authored-by: James Harton <59449+jimsynz@users.noreply.github.com>
Co-authored-by: James Harton <59449+jimsynz@users.noreply.github.com>
* improvement(Confirmation): Confirmation is not a strategy.
* improvement(Confirmation): Support more than one confirmation entity.
* chore: move FIXME doc to issue.
Highlights:
* Replaced `AshAuthentication.Provider` with the much more flexible `AshAuthentication.Strategy`.
* Moved strategies to within the `authentication` DSL using entities and removed excess extensions.
* Added a lot more documentation and test coverage.