Revision history for CGI-Application-Plugin-Authentication

0.25      2024-06-28 16:32:46-05:00 America/Chicago
   Fix tests failing on CGI.pm >= 4.66 (thanks Chris Peterson)

0.24      2024-01-05 15:30:08-06:00 America/Chicago
   Fix tests failing on CGI.pm >= 4.58 (Gregor Herrmann and Debian Perl)

0.23      2018-03-05 13:15:54-06:00 America/Chicago
   Support SQLite 3.22.0 in tests (thanks to Gregor Herrmann and Debian Perl)

0.22      2018-02-07 14:24:30-06:00 America/Chicago
   Fix failing tests on Win32

0.21      2017-03-15 22:54:23-05:00 America/Chicago
    Fix list-context calls to CGI::param().
    Fix failing tests with newer CGI versions.

0.20 Fri 29 Apr 2011
    Use Test::ConsistentVersion rather than Test::CheckVersion
    Fixed spelling errors and added descriptions - Closes #rt63839
    Removed now unused login_styles method from core module
    Added more tests completing test coverage for the Cookie module.
    Changed from using the Digest::SHA1 module to usuing Digest::SHA
    instead - Closes #rt67840

0.19 Wed 24 Nov 2010
    Incoporated developer changes. Made pod tests only run when TEST_AUTHOR=1.
    Automatically generate README.

0.18_2  Mon 20 Jul 2010
    Separate out display code and provide Basic and Classic alternatives to
    the login form. Added more examples. Implementd typo fix reported by
    Alexandr Ciornii. Added copyright declaration for icons in the login form.

0.18_1 Thu Jun 25 2010
    Put OS dependent guards in certain tests.
    Removed deprecated *_DESTINATION parameters.
    Added first test for devpopup and fixed undefined variable therein.
    Cannot use Test::More 0.92 as that has an issue with subtests.

0.18 Mon Jun 23 2010
    Completed test coverage for Driver and below
    TABLES parameter was not made mandatory in DBI driver.
    Fixed dependency on Test::More - must be at least version 0.90.
    Fixed handling of custom filters - now they must have a $param and a $value.
    Incorporated Christian Walde's suggested changes for compatibility with
    CGI::Application::Plugin::ActionDispatch.
    Adding tests around the HTML generated by the login_box function and
    verifying that it is taint free.
    Upped requiredment on CGI to 3.16 as that seems to cause unusual behaviour in returning
    self referring urls and further upped requirement on CGI to 3.16 as 3.15 has an
    unusual  interpretation of redirection headers.
    Fixed regular expressions in destination test to respect HTTP header CRLF conventions.

0.17  Thu Jan 21 19:16 GMT 2010
    Bug Fixes
    rt53533 - During initialization deferred checking the users credentials to the last possible moment.
    This ensures that sessions are not created unless actually required.
    Also attempted to document which functions add session/cookie state.

    Build Fixes
    rt35030 - Upped the requirement on Apache::Htpasswd to 1.8 as this simplifies our dependency management.

0.16  Mon Jan 18 22:18 GMT 2010
    Release dedicated to improving CPAN readiness - see RT:50670.
    Fixed spelling mistakes and added a test script that uses Test::Spelling.
    Fixed dependency on Test::Exception and added a test script that uses Test::Prereq::Build.
    Added test scripts to validate the MANIFEST file and Changes file.
    Removed files that are generated during './Build dist' from repository.

0.15  Tue Jan 12 15:42 GMT 2010
    Redist to fix tar format issues RT:45155 & 23705

0.14  Sun Oct 18 02:48:10 EST 2009
    Bug Fixes
    - Make sure the 'action' attribute of the login_box includes the
      path_info in the URL (resolves RT:38049 patch by Alex Becker)

    New Features
    - Add options for LIMIT and ORDER_BY to DBI driver (requested by tbone)
    - Add FORM_SUBMIT_METHOD option to the login box which allows you to
      change the form method to GET instead of the default POST.
      (resolves RT:34198 requested by jaldhar)
    - Add hooks for devpopup (resolves RT:35989 patch by Alexandr Ciornii)

0.13  Mon Mar 30 23:58:25 EST 2009
    Build fixes
    - There are no code changes to this release, just fixes in the build and
      test systems to solve some outstanding test failures
    - unit tests now skip tests where optional modules are not installed
      (gtermars@cpan.org)
    - remove build dependency on Test::Exception, replacing it with hand-rolled
      equivalent methods.  Newer Perls have been seen to fail our tests with
      "Bizarre copy of HASH in sassign..." when using Test::Exception.  Cause
      of the issue may be far lower/internal than Test::Exception, but
      replacing these methods eliminates the issue for us.  (gtermars@cpan.org)
    - cleanup prerequisites and build files (Alexandr Ciornii)

0.12

    Bug Fixes
    - when issuing a redirect, remember to set header_type to 'redirect'
      (reported by Graham TerMarsch)

    Other updates
    - Fix inconsistency in doc example (reported by POLETTIX)

0.11  Wed Jul 26 11:16:12 EDT 2006

    - suppress warning about missing Color::Calc unless the user is actually
      trying to use it (reported by Ron Savage)
    - explicitly load CGI.pm since some users may be using CGI::Simple
      (reported by Ron Savage)
    - Fixed bug in Cookie store where the expiry time of the cookie was ignored
      (patch by POLETTIX)

0.10  Thu May 18 22:59:56 EDT 2006

    - Add support for Authen::Simple (all Authen::Simple modules can
      be used directly as Drivers)
    - Made the login page much more customizable:
      - change any of the text
      - customize the colours - provide one base colour and lighter and
        darker shades are automatically generated (requires Color::Calc)
      - offer to remember the users username in a cookie for the next
        time they login
      - add option for a 'forgotten password' URL
      - add option for a 'register new account' URL
      - add option to supress the stylesheet so you can provide your own

0.09  Thu Jan 26 20:56:29 EST 2006

    API Changes
    - Added option to provide your own HTML for the login box through a callback
      (Shawn Sorichetti)
    - Added POST_LOGIN_RUNMODE callback (Shawn Sorichetti)

0.08  Wed Nov 23 20:20:24 EST 2005

    API Changes
    - Removed ability to configure the DBI driver with a DSN and
      username/password.  CGI::Application::Plugin::DBH should be used for
      that instead (Mark Stosberg)
    - DBI driver defaults to $self->dbh() if DBH not provided (Mark Stosberg)

    Bug Fixes
    - Made MIME::Base64, Digest::SHA1 and CGI::Cookie mandatory requirements
      and load them at compile time instead of runtime in the Cookie store.
      (fixes problem reported by Richard Jones)

    Other updates
    - Added Driver that can authenticate against htpasswd files
    - Fixed typo in examples/sample.cgi
    - Fixed typo in lc filter example (Mark Stosberg)
    - Updated docs for initialize(), and made it return true value
      (Mark Stosberg)


0.07  Sat Oct 29 17:08:48 EDT 2005

    API Changes
    - Config parameters ending in _DESTINATION have
      been renamed to _URL for clarity.
      (Mark Stosberg)

    Bug Fixes
    - DBI Driver was incorrectly using DBH option when
      it should have used the DSN option
      (patch from Jim McQuillan)
    - Tests were failing if certain modules were not
      installed.
      (fixed by Shawn Sorichetti)

    Other updates
    - add negative regexp example for the
      'protected_runmodes' method
      (suggested by Larry Leszczynski)

0.06  Fri Oct 14 14:05:52 EDT 2005

    Bug Fixes
    - fix autorunmode test so it doesn't fail
      if the AutoRunmode plugin is not installed

0.05  Fri Oct 14 13:15:23 EDT 2005

    New Stuff
    - add ability to timeout logins based on last
      successful login, or with a custom callback
      (as well as the original last access timeout)
    - add 'last_access' and 'last_login' methods
    - add 'is_login_timeout' to show when a login
      request is caused by an idle login session
    - added lots more tests

    Bug Fixes
    - login timeouts were not working properly
    - the Cookie Store was not honouring the EXPIRY option
    - using :all in protected_runmodes now works
    - fix test failure when Test::Warn not installed
      (fixed by Shawn Sorichetti)

    Experimental
    - subroutine attributes: you can specify that a
      runmode should be protected with a subroutine
      attribute.  example:  sub my_rm :Authen { ... }
      This conflicts with the AutoRunmode plugin right now


0.04  Thu Sep 22 21:06:54 EDT 2005

    API Changes
    - renamed 'encoders' to 'filters' - This should only affect
      driver writers and not end users

    New Stuff
    - filters (formerly encoders) can now be chained (See docs)
    - filters can take a param (See docs)
    - added filters for uc, lc and trim
    - added a simple sample application
    - more docs (based on suggestions from Ron Savage)


0.03  Mon Sep 19 14:57:47 EDT 2005

    API Changes
    - renamed the 'auth' method to 'authen' to make it easier
      to distinguish from the upcoming 'authz' plugin.  There
      is also an alias to 'authentication' for those who like
      clarity over brevity.
    - For the DBI driver, changed credential identifiers from
      cred_1 to __CREDENTIAL_1__

    New Drivers
    - Dummy Driver - accepts any credentials as valid

    New Stuff
    - Added little icons to the default login and password
      fields (only works in Mozilla based browsers)
    - if STORE config is not given, the plugin will detect if
      you are already using the Session plugin, and use the
      Session Store instead of the Cookie Store.
    - Added a lot of new documentation

    Bug Fixes
    - 'run_modes' method was incorrectly being used in the
      test suite (reported by Ron Savage)

0.02  Fri Sep 16 00:19:10 EDT 2005

    New Drivers
    - DBI Driver

    New Stores
    - Cookie store (requires no server side storage)

    New Stuff
    - Added field encoding support for datastores that
      keep passwords in an encoded format, like Unix crypt,
      or MD5.
    - Added encoders for crypt, MD5 and SHA1
    - Added some more methods to Driver.pm that can simplify
      the building of new Driver modules (find_option, encode,
      check_encoded, strip_field_names)
    - Added lots more tests to the test suite
      (Cees and Shawn Sorichetti)

    Bug Fixes
    - Fixed Generic Driver when using array of arrays method.
    - Options no longer get clobbered by the modules.
      (reported by Shawn Sorichetti)


0.01  Fri Sep  9 00:44:17 EDT 2005

    - original version