v0.6.2

• Fixed other direct usage of OmniAuth::Builder erroring when the omniauth_base Rodauth feature is loaded (thanks to @igor-alexandrov).

v0.6.1

• Fixed accidentally overriding Rodauth::ClassMethods and causing auth class to not get freezed when the Roda app is frozen.
• Automatically retrieve existing omniauth identity when calling #omniauth_identity earlier on during the callback phase (e.g. in the before_omniauth_callback_route hook).

v0.6.0

• OmniAuth login can now count as two factors when account is using 2FA. This is useful when using OmniAuth login as SSO, and one can rely on an 2FA policy on the external provider.

  omniauth_two_factors? true

  This can also be made conditional based on data from the external provider, for example:

  omniauth_two_factors? do
    # only count as two factors if external account uses 2FA
    omniauth_extra["raw_info"]["two_factor_authentication"]
  end

v0.5.1

• Fixed email auth link on login page being incorrectly hidden after valid email was entered when the account has linked external identities.

v0.5.0

• Added the omniauth_create_account? configuration method for disabling automatic account creation.

  For example, if you have OmniAuth links on both login and registration pages, and you want the OmniAuth login on the login page to only log into existing accounts, you could configure this so that it's controlled via a query parameter:

  # somewhere in your view template:
  rodauth.omniauth_request_path(:google, action: "login") #=> "/auth/github?action=login"

  # in your Rodauth configuration:
  omniauth_create_account? { omniauth_params["action"] != "login" }

v0.4.0

• Unverified accounts are now automatically verified when logging in via OmniAuth if the external email matches the email of the local account. This can be disabled by adding omniauth_verify_account? false to your Rodauth configuration.

• When making a GET request to the request path when only POST requests are allowed, a 404 response is now returned instead of an error.

• Calling omniauth_* methods that read data from Rack env hash will now return nil instead of raising a KeyError when the omniauth.<key> item isn't present in the env hash.

v0.3.4

• Fix NoMethodError: undefined method 'destroy' for nil when login is trying to clear the session in JWT mode without session middleware (#13).

v0.3.3

• Use account_id column for the foreign key in the identities model association instead of the id column (thanks to @Dainii).

v0.3.2

• Fixed identities model association not being defined.

v0.3.1

• Ship with EN translations for the rodauth-i18n gem