Releases: simonw/datasette-auth-existing-cookies
Releases · simonw/datasette-auth-existing-cookies
1.0a1
1.0a0
This alpha release breaks backwards compatibility, and completely redesigns how this plugin works. #13
- Plugin now uses the actor_from_request() plugin hook
- Implementation is greatly simplified: the forbidden mechanism and redirect to login via a signed
next=parameter components have been removed - Plugin configuration settings have been renamed, see the README
0.7
0.6.1
0.6
The previous release always forwarded the ?host= header on to the authentication API. This release no longer does that by default, but instead allows you to configure one or more headers that should be passed on in a similar way - issue #10.
To get back the same behavior as release 0.5, use this configuration:
{
"plugins": {
"datasette-auth-existing-cookies": {
"api_url": "http://www.example.com/user-from-cookies",
"auth_redirect_url": "http://www.example.com/login",
"original_cookies": ["sessionid"],
"headers_to_forward": ["host"]
}
}
}0.5.1
Fix error triggered by combining this plugin with datasette-upload-csvs.
0.5
- New
trust_x_forwarded_protoconfiguration setting to fix issues with the incorrect?next=URL being generated when running behind a proxy that addshttps://. #8 - The
api_urlused to check the user's identity can now also perform permission checks, returning{"forbidden": "Reason string here"}if the authenticated user should not be allowed access to the Datasette instance specified by the?host=parameter. #9 - documentation here: https://github.com/simonw/datasette-auth-existing-cookies/blob/master/README.md#permissions