mirror of
https://github.com/Bubka/2FAuth.git
synced 2024-11-08 01:14:29 +01:00
11 KiB
11 KiB
Change log
[3.4.0] - 2022-10-18
This release is a big step towards more accessibility. Keyboard navigation is now fully supported, with clean and consistent focus, and several UI components have received relevant ARIA properties to support assistive technologies.
It also provides a rewritten Import feature that supports new export formats (Aegis and 2FAS Authenticators) and more to come.
⚠️ This release should be the last that supports PHP 8.0
Added
- An option to check for new release on Github (#127)
- An option to automatically copy One-Time Passwords when they are displayed (#125)
- Aegis and 2FAS export formats are now supported by the Import feature (#128)
- (Partial) Spanish and Chinese (simplified) localizations
Changed
- Password fields can reveal the password and inform about the password strength (#124)
Fixed
- issue #126 HOTP counters are not updated after OTP generation
[3.3.3] - 2022-08-16
Fixed
- issue #110 Can't sign in with login/password after the removal of the last webauthn device
- issue #111 Inappropriate notification about existing user during registration
- issue #113 Password reset does not work
- issue #115 WEBAUTHN_NAME .env variable set as null generates server error
[3.3.1-3.3.2] - 2022-08-02
Fixed
- issue #109 Timeout right after login
[3.3] - 2022-08-01
⚠️ This release drops PHP 7.4 support ⚠️
The docker image has been upgraded as well.
Added
- An option to fetch icons automatically from 2factorauth/twofactorauth (#99)
- An About page, accessible from the footer (#91)
- Alphabetical sorting feature (#95)
Changed
- The footer is now visible everywhere to ease access to the About page
Fixed
- issue #89 Deploy to Heroku fails without
composer.lock - issue #102 OTP generation from the Create/Edit form with invalid data should display errors
- issue #103 Google Authenticator import error: "Label contains a colon"
- issue #109 Account creation/import fails when encryption is On
Removed
- PHP 7.4 support
[3.2] - 2022-07-18
Added
- Support of Google Authenticator migration data: QR codes generated by the G-Auth export feature can be flashed/uploaded to import their data into 2FAuth. (Import doc, #74)
- Partial support of STEAM TOTP. See the Steam Guard doc for detailed informations about this support (#30)
Changed
- Pages now have a unique title
- Signing in while already authenticated no longer display the "Already authenticated" error message (#88)
- The Auto lock feature now forwards to a dedicated page to ensure proper logout and prevent CSRF token mismatch error (see issue #73) that still occurred in certain situation
Fixed
- issue #90 Empty page after deletion of all accounts
- issue #97 Secret's format selector should not clear the locked field in edit form
[3.1.1] - 2022-05-31
Fixed
[3.1.0] - 2022-05-20
Added
PROXY_LOGOUT_URLenvironment variable to specify a custom logout url when using an auth proxy- Locked/Unlocked state for the Secret field in the 2FA account Edit form to prevent undesirable edit.
Fixed
- Fix OAuth setting view returning an error when auth is handled by a proxy
- issue #57 Can't save icons or upload QR codes - Docker installation
- issue #81 Unable to create configured logger. Using emergency logger
- issue #82 Autolock feature should be disabled while auth is handled by a proxy
- issue #84 Reverse-proxy-guard authenticates request without valid headers configuration
[3.0.2] - 2022-05-14
Added
- Mail settings section in the docker readme by @aronmal
Fixed
- issue #72 2FA secret passed as plain text rejected by form validation
- issue #73 CSRF token mismatch
- issue #78 Add tags other then latest when pushing images to dockerhub
[3.0.1] - 2022-05-11
Fixed
- issue #68 2fauth not run after update
- issue #71 Cannot view old TOTP entries on latest Docker Image
- Missing login information on the demo website
[3.0.0] - 2022-05-09
Finally, here is version 3.0!
This is a milestone in the 2FAuth development that greatly enhances 2FAuth under the hoods and comes with a brand new documentation.
New
- 2FAuth now exposes a REST API following the OpenAPI 3.1 specification that allows connexion with third parties (see the API doc)
- Support of the Web Authentication standard, aka WebAuthn, to login using a security device like a Yubikey or FaceID
- Support of authentication proxy to bypass the 2FAuth auth login
- Heroku setup to deploy 2FAuth using the Deploy to Heroku button
Also added
- Ability to delete the user account and reset 2FAuth
- The content of any non-2FA QR code can be copied or followed (in case of an HTTP link)
- PHP 8.0 support
Changed
- 2Fauth now uses the browser language preference by default.
- The current group is now clickable in the group selector
- Upgrade to Laravel 8
Fixed
- issue #45 Account or Service field containing colon breaks the Test feature in the advanced form
- issue #47 Account creation fails when otpauth service parameter is missing
- issue #50 Email password reset does not work
- issue #51 Cannot delete a group with accounts (MySQL only)
- issue #52 null "Default group" setting after group delete
- issue #57 Can't save icons or upload QR codes - Docker installation
Removed
- PHP 7.3 support
[2.1.0] - 2021-03-04
Added
- German translation, thanks to @chenmichael
[2.0.2] - 2020-12-04
Fixed
- issue #20 Issues using 'Protect sensible data'
[2.0.1] - 2020-12-03
Fixed
- issue #18 Install using MySQL causes exception
- issue #17 Capitalization of email address during login should not matter
- issue #15 Applied group filter is not removed if the group is deleted
- issue #14 Cache is not refreshed automatically after group changes
- Missing footer links at first start
- Missing redirection after registration
[2.0.0] - 2020-11-29
2FAuth goes to v2.0!
This release comes with multiple improvements and a lot of changes under the hood. Don't forget to backup your database before you upgrade. Have fun :)
Added
- Add Groups to enhance accounts management
- New advanced form to define fully customized accounts without QR code
- New user option to skip the submitting page
- New DB protection option to encrypt sensitive 2FA data
- QR code generation of recorded accounts
- Support of the OTP
imageparameter when a QR code is imported
Changed
- Performance improvement thanks to data caching
- Show Register/Login forms and their links only when relevant
- Let the user choose between all available submitting methods (livescan, qrcode upload, advanced form)
- Translations are now managed on Crowdin.com/2fauth. You master some foreign languages? Why not help translate 2FAuth, your help would be welcome.
Fixed
- issue #13 Long Service name push content out of viewport
- issue #11 Token generation do not loop if TOTP period is different from 30s
- issue #9 Upload QR code in standard form return a 422 missing uri field
[1.3.1] - 2020-10-12
Changed
- Upgrade to Laravel 7.0
- Drop PHP 7.2 support
- Enable the Request reset password form in Demo mode but inactivated
Fixed
- Fix missing notifications in Auth views
[1.3.0] - 2020-10-09
Added
- Application lock on security code copy or after a fixed period of inactivity
- Notify user that https is required in order to use camera streaming to flash QR code
- Notify user that the security code has been copied to clipboard when user click it
- Show selected accounts count in Manage view
- New option to show/hide icons in accounts list
Changed
- More mobile friendly Close button for modal
- More advanced notification component
- Fixed header to keep Search field and Delete button always visible
- Switches replaced by checkboxes in Settings
Fixed
- Hide context around iPhone X+ notch
- Unwanted access to restricted pages as guest
[1.2.0] - 2020-09-18
Added
- QR Code scan using live stream when a camera is detected. Previous QR Code scanner remains available as fallback method or can be forced in Settings.
- New alternative layouts: List or Grid
- Accounts can be reordered
Changed
- Notification banner (when saving settings) now has a fixed position
[1.1.0] - 2020-03-23
Added
- Demonstration mode with restricted features and ability to reset content with an artisan command
- Option to close token popup when the code is pasted (by clicking/taping on it)
Changed
- Options default values can now be set in config/app
- Generated assets are now part of the repo to ease deployement
Fixed
- Option labels attached to wrong checkboxes