2FAuth/changelog.md
2022-07-18 14:54:29 +02:00

8.2 KiB

Change log

[3.2] - 2022-07-18

Added

  • Support of Google Authenticator migration data: QR codes generated by the G-Auth export feature can be flashed/uploaded to import their data into 2FAuth. (Import doc, #74)
  • Partial support of STEAM TOTP. See the Steam Guard doc for detailed informations about this support (#30)

Changed

  • Pages now have a unique title
  • Signing in while already authenticated no longer display the "Already authenticated" error message (#88)
  • The Auto lock feature now forwards to a dedicated page to ensure proper logout and prevent CSRF token mismatch error (see issue #73) that still occurred in certain situation

Fixed

  • issue #90 Empty page after deletion of all accounts
  • issue #97 Secret's format selector should not clear the locked field in edit form

[3.1.1] - 2022-05-31

Fixed

[3.1.0] - 2022-05-20

Added

  • PROXY_LOGOUT_URL environment variable to specify a custom logout url when using an auth proxy
  • Locked/Unlocked state for the Secret field in the 2FA account Edit form to prevent undesirable edit.

Fixed

  • Fix OAuth setting view returning an error when auth is handled by a proxy
  • issue #57 Can't save icons or upload QR codes - Docker installation
  • issue #81 Unable to create configured logger. Using emergency logger
  • issue #82 Autolock feature should be disabled while auth is handled by a proxy
  • issue #84 Reverse-proxy-guard authenticates request without valid headers configuration

[3.0.2] - 2022-05-14

Added

  • Mail settings section in the docker readme by @aronmal

Fixed

  • issue #72 2FA secret passed as plain text rejected by form validation
  • issue #73 CSRF token mismatch
  • issue #78 Add tags other then latest when pushing images to dockerhub

[3.0.1] - 2022-05-11

Fixed

  • issue #68 2fauth not run after update
  • issue #71 Cannot view old TOTP entries on latest Docker Image
  • Missing login information on the demo website

[3.0.0] - 2022-05-09

Finally, here is version 3.0!

This is a milestone in the 2FAuth development that greatly enhances 2FAuth under the hoods and comes with a brand new documentation.

New

  • 2FAuth now exposes a REST API following the OpenAPI 3.1 specification that allows connexion with third parties (see the API doc)
  • Support of the Web Authentication standard, aka WebAuthn, to login using a security device like a Yubikey or FaceID
  • Support of authentication proxy to bypass the 2FAuth auth login
  • Heroku setup to deploy 2FAuth using the Deploy to Heroku button

Also added

  • Ability to delete the user account and reset 2FAuth
  • The content of any non-2FA QR code can be copied or followed (in case of an HTTP link)
  • PHP 8.0 support

Changed

  • 2Fauth now uses the browser language preference by default.
  • The current group is now clickable in the group selector
  • Upgrade to Laravel 8

Fixed

  • issue #45 Account or Service field containing colon breaks the Test feature in the advanced form
  • issue #47 Account creation fails when otpauth service parameter is missing
  • issue #50 Email password reset does not work
  • issue #51 Cannot delete a group with accounts (MySQL only)
  • issue #52 null "Default group" setting after group delete
  • issue #57 Can't save icons or upload QR codes - Docker installation

Removed

  • PHP 7.3 support

[2.1.0] - 2021-03-04

Added

[2.0.2] - 2020-12-04

Fixed

  • issue #20 Issues using 'Protect sensible data'

[2.0.1] - 2020-12-03

Fixed

  • issue #18 Install using MySQL causes exception
  • issue #17 Capitalization of email address during login should not matter
  • issue #15 Applied group filter is not removed if the group is deleted
  • issue #14 Cache is not refreshed automatically after group changes
  • Missing footer links at first start
  • Missing redirection after registration

[2.0.0] - 2020-11-29

2FAuth goes to v2.0!

This release comes with multiple improvements and a lot of changes under the hood. Don't forget to backup your database before you upgrade. Have fun :)

Added

  • Add Groups to enhance accounts management
  • New advanced form to define fully customized accounts without QR code
  • New user option to skip the submitting page
  • New DB protection option to encrypt sensitive 2FA data
  • QR code generation of recorded accounts
  • Support of the OTP image parameter when a QR code is imported

Changed

  • Performance improvement thanks to data caching
  • Show Register/Login forms and their links only when relevant
  • Let the user choose between all available submitting methods (livescan, qrcode upload, advanced form)
  • Translations are now managed on Crowdin.com/2fauth. You master some foreign languages? Why not help translate 2FAuth, your help would be welcome.

Fixed

  • issue #13 Long Service name push content out of viewport
  • issue #11 Token generation do not loop if TOTP period is different from 30s
  • issue #9 Upload QR code in standard form return a 422 missing uri field

[1.3.1] - 2020-10-12

Changed

  • Upgrade to Laravel 7.0
  • Drop PHP 7.2 support
  • Enable the Request reset password form in Demo mode but inactivated

Fixed

  • Fix missing notifications in Auth views

[1.3.0] - 2020-10-09

Added

  • Application lock on security code copy or after a fixed period of inactivity
  • Notify user that https is required in order to use camera streaming to flash QR code
  • Notify user that the security code has been copied to clipboard when user click it
  • Show selected accounts count in Manage view
  • New option to show/hide icons in accounts list

Changed

  • More mobile friendly Close button for modal
  • More advanced notification component
  • Fixed header to keep Search field and Delete button always visible
  • Switches replaced by checkboxes in Settings

Fixed

  • Hide context around iPhone X+ notch
  • Unwanted access to restricted pages as guest

[1.2.0] - 2020-09-18

Added

  • QR Code scan using live stream when a camera is detected. Previous QR Code scanner remains available as fallback method or can be forced in Settings.
  • New alternative layouts: List or Grid
  • Accounts can be reordered

Changed

  • Notification banner (when saving settings) now has a fixed position

[1.1.0] - 2020-03-23

Added

  • Demonstration mode with restricted features and ability to reset content with an artisan command
  • Option to close token popup when the code is pasted (by clicking/taping on it)

Changed

  • Options default values can now be set in config/app
  • Generated assets are now part of the repo to ease deployement

Fixed

  • Option labels attached to wrong checkboxes