This package is the Yesod.Auth.HashDB plugin, originally included as part of yesod-auth, but now modified to be more secure and placed in a separate package.
It provides authentication using hashed passwords stored in a database, and works best in situations where an administrator is involved in setting up a user with an initial password.
The complete login process, including a default form, is implemented by this plugin, but the application developer must design the interfaces for setting up users and allowing them to change their own passwords, since only the low-level password-setting functions are provided by this package. (Note that other authentication plugins may be more appropriate if you wish to use email verification to set up accounts).
- Bump upper bound on
yesod-formto allow 1.7
- Fix test to allow use of persistent-template-2.8
- Fix test and relax upper bound for persistent-2.10 / persistent-template-2.7
- Replace use of deprecated
- Relax upper bounds to allow persistent-2.9 (for GHC 8.6 versions of Stackage nightly)
- Remove testing of GHC below 8.0.2, and lts below 9
- Update for changes in yesod version 1.6, but retain compatibility with previous versions
- Remove support for GHC below 7.10, and lts below 6
- Relax upper bound on persistent
- Fix serious documentation layout problem caused by typo
This release completes the breaking changes started in 1.5. For details of upgrading, please see Upgrading.md.
- Complete removal of compatibility with old databases designed for versions before 1.3
- Add JSON support
- Fix test failure with basic-prelude >= 0.6 (#6)
- Relax upper bound to allow persistent-2.6
- Minor documentation improvement
- Reduce external-library dependencies for tests
- Include CSRF token in default form
This release can break both old code and old database entries. For details of upgrading, please see Upgrading.md.
- First phase of removing compatibility with old databases designed for versions before 1.3
- Remove deprecated utilities (
- Changes to work with persistent-2.5
- Relax upper bound to allow persistent-2.2.*
- Add ChangeLog
- Use internationalized messages
- Minor documentation change
- Expose additional validation function which does not need to read the database
- Deprecate compatibility with old data which includes a salt field
- Changes for Yesod 1.4
- Documentation improvement
- Optional custom login form
- Deprecate predefined
- Changes for Persistent 2
- Version bounds
- Minor documentation changes
- First release as a separate package, not part of yesod-auth