- Convert to TypeScript
- Fix for pin verification.
- Don't allow duplicate register calls with only case differences
- Made compatible with templateMode: auto
- Made compatible with templateMode: auto
- Added sendmail call when password changed from token
- Fixed typo that prevented password change messages from coming out
- Added segragation by channel (filterProperty/filterValue) per application
- lower case login
- Support for knex
- Fixed information leak issue
- Changes for admin users
- Typeo in password composition
- Allow login to provide new password and change password
- Make sure email validation code has leading zeros rather than suppressing them
- Support for deferred email changes
- For admin users
- Password lockout on bad attempts
- Password expiration
- Forbid use of the last n passwords
- Forcing password changes on new accounts
- reset of admin user passwords
- Composition rules that are principal specific
- Fixed lost password
- Don't auto-login on email verification
- Don't destroy email change token on verification
- Made case insensitive login work with special characters
- Case insensitive login
- New config element validateEmailForce to force email validation prior to login
- Change email was not handling emails correctly
- Allow user friendly validation codes to go in emails
- Added verify from token when principal already fetched
- Admin creation in one step
- Don't use configurable principal in securityContext
- Let you configure principal property in controller
- Compatibility with requirement that all object.create must have a classname
- No longer require that Principal has an init method
- Can use xxxField ids in form container to limit scope of validation
- Allowed principal declaration to be an array
- Registration ensuring password verification was not working properly
- Registration itself on verify email was not setting things up properly
- When creating the default user there was no first and last name attached