diff --git a/.changeset-staged/breezy-moose-greet.md b/.changeset-staged/breezy-moose-greet.md deleted file mode 100644 index f24cda7ebe5..00000000000 --- a/.changeset-staged/breezy-moose-greet.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@logto/cloud": minor -"@logto/schemas": minor -"@logto/shared": minor ---- - -Add demo social connectors for new tenant diff --git a/.changeset-staged/curly-planes-relax.md b/.changeset-staged/curly-planes-relax.md deleted file mode 100644 index 3a7c5afe9ec..00000000000 --- a/.changeset-staged/curly-planes-relax.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -"@logto/ui": patch ---- - -## Implement a lite version of set password form. - -To simplify the effort when user set new password, we implement a lite version of set password form. - -The lite version of set password form only contains only one field password. It will be used if and only if the forgot-password feature is enabled (password can be reset either by email and phone). - -If you do not have any email or sms service enabled, we still use the old version of set password form which contains two fields: password and confirm password. diff --git a/.changeset-staged/curly-shoes-end.md b/.changeset-staged/curly-shoes-end.md deleted file mode 100644 index 45558306900..00000000000 --- a/.changeset-staged/curly-shoes-end.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -"@logto/ui": minor ---- - -### Simplify the terms of use and privacy policy manual agreement steps for the sign-in flow - -The Terms of Use and Privacy Policy manuel agreement are now removed from the sign-in flow. - -- The changes may take effect on all the existing sign-in flows, including password sign-in, social sign-in, and verification-code sign-in. -- The agreement checkbox in sign-in pages is now replaced with links to the Terms of Use and Privacy Policy pages. Users can still read the agreements before signing in. -- The manual agreement steps are still mandatory for the sign-up flow. Users must agree to the Terms of Use and Privacy Policy before signing up a new account. Including sign-up with new social identities. The agreement checkbox in sign-up pages remain still. diff --git a/.changeset-staged/cyan-fireants-worry.md b/.changeset-staged/cyan-fireants-worry.md deleted file mode 100644 index 4460b9d1eab..00000000000 --- a/.changeset-staged/cyan-fireants-worry.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -"@logto/phrases-ui": minor -"@logto/ui": minor ---- - -### Update the password policy - -Password policy description: Password requires a minimum of 8 characters and contains a mix of letters, numbers, and symbols. - -- min-length updates: Password requires a minimum of 8 characters -- allowed characters updates: Password contains a mix of letters, numbers, and symbols - - digits: 0-9 - - letters: a-z, A-Z - - symbols: !"#$%&'()\*+,./:;<=>?@[\]^\_`{|}~- -- At least two types of characters are required: - - letters and digits - - letters and symbols - - digits and symbols - -> notice: The new password policy is applied to new users or new passwords only. Existing users are not affected by this change, users may still use their old password to sign-in. diff --git a/.changeset-staged/eight-rocks-wave.md b/.changeset-staged/eight-rocks-wave.md deleted file mode 100644 index fbba94ac3ec..00000000000 --- a/.changeset-staged/eight-rocks-wave.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -"@logto/console": patch -"@logto/core": patch ---- - -## Refactor the Admin Console 403 flow - -- Add 403 error handler for all AC API requests -- Show confirm modal to notify the user who is not authorized -- Click `confirm` button to sign out and redirect user to the sign-in page diff --git a/.changeset-staged/eight-shoes-look.md b/.changeset-staged/eight-shoes-look.md deleted file mode 100644 index a272c4e2b66..00000000000 --- a/.changeset-staged/eight-shoes-look.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -"@logto/console": minor -"@logto/phrases": minor -"@logto/phrases-ui": minor -"@logto/schemas": minor -"@logto/ui": minor ---- - -### Add dynamic favicon and html title - -- Add the favicon field in the sign-in-experience branding settings. Users would be able to upload their own favicon. Use local logto icon as a fallback - -- Set different html title for different pages. - - sign-in - - register - - forgot-password - - logto diff --git a/.changeset-staged/flat-guests-bathe.md b/.changeset-staged/flat-guests-bathe.md deleted file mode 100644 index 8e662d40be3..00000000000 --- a/.changeset-staged/flat-guests-bathe.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@logto/console": patch -"@logto/phrases": patch ---- - -add deletion confirm for in-used passwordless connectors diff --git a/.changeset-staged/flat-mirrors-kiss.md b/.changeset-staged/flat-mirrors-kiss.md deleted file mode 100644 index b98ca8172a5..00000000000 --- a/.changeset-staged/flat-mirrors-kiss.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@logto/console": minor -"@logto/core": minor ---- - -- Automatically create a new tenant for new cloud users -- Support path-based multi-tenancy diff --git a/.changeset-staged/giant-mice-applaud.md b/.changeset-staged/giant-mice-applaud.md deleted file mode 100644 index 2e3bca4023f..00000000000 --- a/.changeset-staged/giant-mice-applaud.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/core": minor ---- - -Add storage provider: S3Storage diff --git a/.changeset-staged/gold-mugs-allow.md b/.changeset-staged/gold-mugs-allow.md deleted file mode 100644 index 0a9cbae86fc..00000000000 --- a/.changeset-staged/gold-mugs-allow.md +++ /dev/null @@ -1,16 +0,0 @@ ---- -"@logto/cli": minor -"@logto/cloud": minor -"@logto/console": minor -"@logto/core": minor -"@logto/integration-tests": minor -"@logto/phrases": minor -"@logto/phrases-ui": minor -"@logto/schemas": minor -"@logto/shared": minor -"@logto/connector-kit": minor -"@logto/core-kit": minor -"@logto/ui": minor ---- - -Allow admin tenant admin to create tenants without limitation diff --git a/.changeset-staged/good-actors-reflect.md b/.changeset-staged/good-actors-reflect.md deleted file mode 100644 index a311c14d3c1..00000000000 --- a/.changeset-staged/good-actors-reflect.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@logto/ui": minor ---- - -## Add iframe modal for mobile platform - -Implement a full screen iframe modal on the mobile platform. As for most of the webview containers, opening a new tab is not allowed. So we need to implement a full screen iframe modal to show the external link page on the mobile platform. diff --git a/.changeset-staged/gorgeous-berries-smoke.md b/.changeset-staged/gorgeous-berries-smoke.md deleted file mode 100644 index 98ab1cad359..00000000000 --- a/.changeset-staged/gorgeous-berries-smoke.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -"@logto/core": patch ---- - -Add interactionMode extra OIDC params to specify the desired use interaction experience - -- signUp: Deliver a sign-up first interaction experience -- signIn & undefined: Deliver a default sign-in first interaction experience diff --git a/.changeset-staged/great-turkeys-fry.md b/.changeset-staged/great-turkeys-fry.md deleted file mode 100644 index 699a4a5c9ff..00000000000 --- a/.changeset-staged/great-turkeys-fry.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -"@logto/console": minor -"@logto/core": minor -"@logto/phrases": minor -"@logto/schemas": minor ---- - -### Add privacy policy url - -In addition to the terms of service url, we also provide a privacy policy url field in the sign-in-experience settings. To better support the end-users' privacy declaration needs. diff --git a/.changeset-staged/happy-paws-nail.md b/.changeset-staged/happy-paws-nail.md deleted file mode 100644 index ea7bc765589..00000000000 --- a/.changeset-staged/happy-paws-nail.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/core": minor ---- - -Add API for uploading user images to storage providers: Azure Storage. diff --git a/.changeset-staged/lemon-spies-switch.md b/.changeset-staged/lemon-spies-switch.md deleted file mode 100644 index 6c87b5017ba..00000000000 --- a/.changeset-staged/lemon-spies-switch.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@logto/core": minor -"@logto/schemas": minor ---- - -**Add `sessionNotFoundRedirectUrl` tenant config** - -- User can use this optional config to designate the URL to redirect if session not found in Sign-in Experience. -- Session guard now works for root path as well. diff --git a/.changeset-staged/little-cars-impress.md b/.changeset-staged/little-cars-impress.md deleted file mode 100644 index 916cc931631..00000000000 --- a/.changeset-staged/little-cars-impress.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -"@logto/console": minor -"@logto/phrases": minor -"@logto/core": minor -"@logto/ui": minor ---- - -New feature: User account settings page - -- We have removed the previous settings page and moved it to the account settings page. You can access to the new settings menu by clicking the user avatar in the top right corner. -- You can directly change the language or theme from the popover menu, and explore more account settings by clicking the "Profile" menu item. -- You can update your avatar, name and username in the profile page, and also changing your password. -- [Cloud] Cloud users can also link their email address and social accounts (Google and GitHub at first launch). diff --git a/.changeset-staged/loud-snakes-cross.md b/.changeset-staged/loud-snakes-cross.md deleted file mode 100644 index 5420a8eaaed..00000000000 --- a/.changeset-staged/loud-snakes-cross.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/cli": minor ---- - -Add CLI command to get/set db's system table value diff --git a/.changeset-staged/lucky-shrimps-collect.md b/.changeset-staged/lucky-shrimps-collect.md deleted file mode 100644 index 401626a182d..00000000000 --- a/.changeset-staged/lucky-shrimps-collect.md +++ /dev/null @@ -1,15 +0,0 @@ ---- -"@logto/cli": major -"@logto/cloud": patch -"@logto/console": patch -"@logto/core": patch -"@logto/schemas": patch -"@logto/shared": patch ---- - -**Seed data for cloud** - -- cli!: remove `oidc` option for `database seed` command as it's unused -- cli: add hidden `--cloud` option for `database seed` command to init cloud data -- cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update -- move `UrlSet` and `GlobalValues` to `@logto/shared` diff --git a/.changeset-staged/mighty-dodos-admire.md b/.changeset-staged/mighty-dodos-admire.md deleted file mode 100644 index 49e9747000d..00000000000 --- a/.changeset-staged/mighty-dodos-admire.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@logto/phrases-ui": minor -"@logto/ui": minor ---- - -Implement a country code selector dropdown component with search box. Users may able to quick search for a country code by typing in the search box. diff --git a/.changeset-staged/nice-lions-dream.md b/.changeset-staged/nice-lions-dream.md deleted file mode 100644 index fef68012881..00000000000 --- a/.changeset-staged/nice-lions-dream.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@logto/console": minor -"@logto/core": minor -"@logto/phrases": minor -"@logto/schemas": minor -"@logto/ui": minor ---- - -remove the branding style config and make the logo URL config optional diff --git a/.changeset-staged/nice-vans-kneel.md b/.changeset-staged/nice-vans-kneel.md deleted file mode 100644 index 362a153bf24..00000000000 --- a/.changeset-staged/nice-vans-kneel.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/cloud": minor ---- - -Add send sms service diff --git a/.changeset-staged/quick-schools-complain.md b/.changeset-staged/quick-schools-complain.md deleted file mode 100644 index ebbcce19b56..00000000000 --- a/.changeset-staged/quick-schools-complain.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -"@logto/console": minor -"@logto/phrases": minor -"@logto/ui": minor ---- - -Add custom CSS code editor so that users can apply advanced UI customization. - - Users can check the real time preview of the CSS via SIE preview on the right side. diff --git a/.changeset-staged/real-carpets-wait.md b/.changeset-staged/real-carpets-wait.md deleted file mode 100644 index bb318af1770..00000000000 --- a/.changeset-staged/real-carpets-wait.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/cloud": minor ---- - -Add Cloud API: send email diff --git a/.changeset-staged/smooth-steaks-cough.md b/.changeset-staged/smooth-steaks-cough.md deleted file mode 100644 index 7020e680522..00000000000 --- a/.changeset-staged/smooth-steaks-cough.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@logto/core": minor -"@logto/schemas": minor -"@logto/ui": minor ---- - -### Add custom content sign-in-experience settings to allow insert custom static html content to the logto sign-in pages - -- feat: combine with the custom css, give the user the ability to further customize the sign-in pages diff --git a/.changeset-staged/stupid-jokes-brush.md b/.changeset-staged/stupid-jokes-brush.md deleted file mode 100644 index a8004a6fcf9..00000000000 --- a/.changeset-staged/stupid-jokes-brush.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@logto/core": major -"@logto/ui": major ---- - -**💥 BREAKING CHANGE 💥** Move `/api/phrase` API to `/api/.well-known/phrases` diff --git a/.changeset-staged/violet-cups-relate.md b/.changeset-staged/violet-cups-relate.md deleted file mode 100644 index 8256e3a990b..00000000000 --- a/.changeset-staged/violet-cups-relate.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/ui": patch ---- - -- Add Power By Logto Signature to the main-flow pages diff --git a/.changeset/afraid-eagles-retire.md b/.changeset/afraid-eagles-retire.md deleted file mode 100644 index 2cc2ce1f0a6..00000000000 --- a/.changeset/afraid-eagles-retire.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/core": minor ---- - -- mask sensitive password value in audit logs diff --git a/.changeset/breezy-socks-joke.md b/.changeset/breezy-socks-joke.md deleted file mode 100644 index 6bffc3c8434..00000000000 --- a/.changeset/breezy-socks-joke.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/cli": minor ---- - -Add `logto database alteration rollback` command for running `down()` alteration scripts diff --git a/.changeset/clever-panthers-lay.md b/.changeset/clever-panthers-lay.md deleted file mode 100644 index 101ecb805a8..00000000000 --- a/.changeset/clever-panthers-lay.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@logto/core": patch -"@logto/schemas": patch ---- - -Bump connector kit version to fix "Continue" issues on sending email/sms. diff --git a/.changeset/curly-hornets-end.md b/.changeset/curly-hornets-end.md deleted file mode 100644 index 8af6a93435f..00000000000 --- a/.changeset/curly-hornets-end.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@logto/core": patch -"@logto/ui": patch ---- - -bug fixes - -- core: fix 500 error when enabling app admin access in console -- ui: handle required profile errors on social binding flow diff --git a/.changeset/cyan-buses-trade.md b/.changeset/cyan-buses-trade.md deleted file mode 100644 index c2c83df221a..00000000000 --- a/.changeset/cyan-buses-trade.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -"@logto/core": minor -"@logto/integration-tests": minor -"@logto/schemas": minor -"@logto/ui": minor ---- - -Replace `passcode` naming convention in the interaction APIs and main flow ui with `verificationCode`. diff --git a/.changeset/empty-rockets-march.md b/.changeset/empty-rockets-march.md deleted file mode 100644 index 8a8c043b937..00000000000 --- a/.changeset/empty-rockets-march.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -"@logto/core": minor -"@logto/console": minor -"@logto/phrases": minor -"@logto/phrases-ui": minor ---- - -## Creating your social connector with ease - -We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs. - -To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format. diff --git a/.changeset/fast-toys-share.md b/.changeset/fast-toys-share.md deleted file mode 100644 index ba4d45d972a..00000000000 --- a/.changeset/fast-toys-share.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@logto/core": minor ---- - -## Enable connector method `getUserInfo` read and write access to DB - -Logto connectors are designed to be stateless to the extent possible and practical, but it still has some exceptions at times. - -With the recent addition of database read and write access, connectors can now store persistent information. For example, connectors can now store access tokens and refresh tokens to minimize number of requests to social vendor's APIs. diff --git a/.changeset/fifty-balloons-taste.md b/.changeset/fifty-balloons-taste.md deleted file mode 100644 index 8534ffa275c..00000000000 --- a/.changeset/fifty-balloons-taste.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@logto/phrases": minor -"@logto/phrases-ui": minor ---- - -Add German language diff --git a/.changeset/good-dodos-visit.md b/.changeset/good-dodos-visit.md deleted file mode 100644 index ae0565ec6c3..00000000000 --- a/.changeset/good-dodos-visit.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -"@logto/console": major -"@logto/core": major -"@logto/schemas": major ---- - -**Decouple users and admins** - -## 💥 BREAKING CHANGES 💥 - -Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure. - -From this version, Logto now listens to two ports by default, one for normal users (`3001`), and one for admins (`3002`). - -- Nothing changed for normal users. No adaption is needed. -- For admin users: - - The default Admin Console URL has been changed to `http://localhost:3002/console`. - - To change the admin port, set the environment variable `ADMIN_PORT`. For instance, `ADMIN_PORT=3456`. - - You can specify a custom endpoint for admins by setting the environment variable `ADMIN_ENDPOINT`. For example, `ADMIN_ENDPOINT=https://admin.your-domain.com`. - - You can now completely disable admin endpoints by setting `ADMIN_DISABLE_LOCALHOST=1` and leaving `ADMIN_ENDPOINT` unset. - - Admin Console and admin user data are not accessible via normal user endpoints, including `localhost` and `ENDPOINT` from the environment. - - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them. - - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded). - -If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest. - -> **Note** DID YOU KNOW -> -> Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data. diff --git a/.changeset/green-geese-train.md b/.changeset/green-geese-train.md deleted file mode 100644 index a1bf34b6733..00000000000 --- a/.changeset/green-geese-train.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -"@logto/cli": patch -"@logto/console": patch -"@logto/core": patch -"@logto/create": patch -"@logto/integration-tests": patch -"@logto/phrases": patch -"@logto/schemas": patch -"@logto/shared": patch -"@logto/ui": patch ---- - -Fix a Sign-in experience bug that may block some users to sign in. diff --git a/.changeset/grumpy-clocks-refuse.md b/.changeset/grumpy-clocks-refuse.md deleted file mode 100644 index 91b68c39c5e..00000000000 --- a/.changeset/grumpy-clocks-refuse.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@logto/core": minor ---- - -Add user suspend API endpoint - -Use `PATCH /api/users/:userId/is-suspended` to update a user's suspended state, once a user is suspended, all refresh tokens belong to this user will be revoked. - -Suspended users will get an error toast when trying to sign in. diff --git a/.changeset/large-windows-scream.md b/.changeset/large-windows-scream.md deleted file mode 100644 index 6b66d95f68b..00000000000 --- a/.changeset/large-windows-scream.md +++ /dev/null @@ -1,6 +0,0 @@ ---- -"@logto/core": minor -"@logto/integration-tests": minor ---- - -Officially cleanup all deprecated `/session` APIs in core and all the related integration tests. diff --git a/.changeset/lemon-cars-wonder.md b/.changeset/lemon-cars-wonder.md deleted file mode 100644 index 6d01aad6be7..00000000000 --- a/.changeset/lemon-cars-wonder.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/phrases-ui": minor ---- - -Added Russian translation. diff --git a/.changeset/many-avocados-know.md b/.changeset/many-avocados-know.md deleted file mode 100644 index 319f2da804d..00000000000 --- a/.changeset/many-avocados-know.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -"@logto/phrases-ui": minor -"@logto/ui": minor ---- - -## Smart Identifier Input designed to streamline your sign-in experience - -- Smart Contact Input -- Smart Identifier Input -- Intelligent Identifier Input Field - -Content: -We have integrated the traditional input fields for username, phone number, and email into a single intelligent input box. This advanced input box automatically identifies the type of characters you’re entering, such as an @ sign or consecutive numbers, and provides relevant error feedback. By streamlining the sign-in process, users no longer need to waste time figuring out which button to click to switch their desired login method. This reduces the risk of errors and ensures a smoother sign-in experience. diff --git a/.changeset/modern-days-float.md b/.changeset/modern-days-float.md deleted file mode 100644 index 972f812ac76..00000000000 --- a/.changeset/modern-days-float.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/core": patch ---- - -Allow localhost CORS when only one endpoint available diff --git a/.changeset/neat-snakes-smash.md b/.changeset/neat-snakes-smash.md deleted file mode 100644 index 5a36dab7cda..00000000000 --- a/.changeset/neat-snakes-smash.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/ui": patch ---- - -Fix a bug to show forgot password when only SMS connector is configured diff --git a/.changeset/pink-maps-yell.md b/.changeset/pink-maps-yell.md deleted file mode 100644 index 87d398c8abf..00000000000 --- a/.changeset/pink-maps-yell.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -"@logto/core": minor -"@logto/ui": minor ---- - -**Customize CSS for Sign-in Experience** - -We have put a lot of effort into improving the user sign-in experience and have provided a brand color option for the UI. However, we know that fine-tuning UI requirements can be unpredictable. While Logto is still exploring the best options for customization, we want to provide a programmatic method to unblock your development. - -You can now use the Management API `PATCH /api/sign-in-exp` with body `{ "customCss": "arbitrary string" }` to set customized CSS for the sign-in experience. You should see the value of `customCss` attached after `` of the page. If the style has a higher priority, it should be able to override. - -> **Note** -> -> Since Logto uses CSS Modules, you may see a hash value in the `class` property of DOM elements (e.g. a `<div>` with `vUugRG_container`). To override these, you can use the `$=` CSS selector to match elements that end with a specified value. In this case, it should be `div[class$=container]`. diff --git a/.changeset/plenty-ties-divide.md b/.changeset/plenty-ties-divide.md deleted file mode 100644 index d3052c0a6c7..00000000000 --- a/.changeset/plenty-ties-divide.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -"@logto/cli": major -"@logto/core": major -"@logto/create": major -"@logto/demo-app": major -"@logto/integration-tests": major -"@logto/phrases": major -"@logto/phrases-ui": major -"@logto/schemas": major -"@logto/shared": major ---- - -Packages are now ESM. diff --git a/.changeset/quick-turtles-joke.md b/.changeset/quick-turtles-joke.md deleted file mode 100644 index 0cf63428910..00000000000 --- a/.changeset/quick-turtles-joke.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -"@logto/console": minor -"@logto/core": minor -"@logto/ui": minor ---- - -**Sign-in Experience v2** - -We are thrilled to announce the release of the newest version of the Sign-in Experience, which includes more ways to sign-in and sign-up, as well as a framework that is easier to understand and more flexible to configure in the Admin Console. - -When compared to Sign-in Experience v1, this version’s capability was expanded so that it could support a greater variety of flexible use cases. For example, now users can sign up with email verification code and sign in with email and password. - -We hope that this will be able to assist developers in delivering a successful sign-in flow, which will also be appreciated by the end users. diff --git a/.changeset/quiet-shrimps-flow.md b/.changeset/quiet-shrimps-flow.md deleted file mode 100644 index 0412497e60c..00000000000 --- a/.changeset/quiet-shrimps-flow.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -"@logto/core": minor -"@logto/phrases": minor -"@logto/phrases-ui": minor -"@logto/schemas": minor -"@logto/ui": major -"@logto/console": major ---- - -### Features - -- Enhanced user search params #2639 -- Web hooks - -### Improvements - -- Refactored Interaction APIs and Audit logs diff --git a/.changeset/six-falcons-sin.md b/.changeset/six-falcons-sin.md deleted file mode 100644 index 73834df40d9..00000000000 --- a/.changeset/six-falcons-sin.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@logto/cli": minor -"@logto/core": minor ---- - -- cli: use `ec` with `secp384r1` as the default key generation type -- core: use `ES384` as the signing algorithm for EC keys diff --git a/.changeset/six-mayflies-tan.md b/.changeset/six-mayflies-tan.md deleted file mode 100644 index 352d971b7a3..00000000000 --- a/.changeset/six-mayflies-tan.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/console": patch ---- - -Various UI improvements diff --git a/.changeset/slow-meals-enjoy.md b/.changeset/slow-meals-enjoy.md deleted file mode 100644 index 40a2f8a22a6..00000000000 --- a/.changeset/slow-meals-enjoy.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@logto/cli": patch -"@logto/create": patch -"@logto/schemas": patch ---- - -Fix version lifecycle script diff --git a/.changeset/small-knives-swim.md b/.changeset/small-knives-swim.md deleted file mode 100644 index 17bb7f473ed..00000000000 --- a/.changeset/small-knives-swim.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"@logto/cli": patch -"@logto/create": patch ---- - -- Remove official connectors inquiry -- Fix default download url with current package version diff --git a/.changeset/sweet-dolphins-own.md b/.changeset/sweet-dolphins-own.md deleted file mode 100644 index 3999f39aab5..00000000000 --- a/.changeset/sweet-dolphins-own.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -"@logto/core": minor -"@logto/ui": minor ---- - -**Streamlining the social sign-up flow** - -- detect trusted email (or phone number) from the social account - - email (or phone number) has been registered: automatically connecting the social identity to the existing user account with a single click - - email (or phone number) not registered: automatically sync up the user profile with the social provided email (or phone) if and only if marked as a required user profile. diff --git a/.changeset/tender-maps-burn.md b/.changeset/tender-maps-burn.md deleted file mode 100644 index bc911d6e9c5..00000000000 --- a/.changeset/tender-maps-burn.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@logto/console": minor -"@logto/core": minor -"@logto/integration-tests": minor -"@logto/schemas": minor -"@logto/ui": minor ---- - -Replace the `sms` naming convention using `phone` cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names. diff --git a/.changeset/thin-oranges-act.md b/.changeset/thin-oranges-act.md deleted file mode 100644 index 03c314fa3cb..00000000000 --- a/.changeset/thin-oranges-act.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -"@logto/core": minor -"@logto/integration-tests": minor ---- - -**💥 Breaking change 💥** - -Use case-insensitive strategy for searching emails diff --git a/.changeset/three-ducks-yell.md b/.changeset/three-ducks-yell.md deleted file mode 100644 index 8833cd095f1..00000000000 --- a/.changeset/three-ducks-yell.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -"@logto/cli": major -"@logto/console": major -"@logto/core": major -"@logto/schemas": major ---- - -drop settings table and add systems table - -**BREAKING CHANGES** - -- core: removed `GET /settings` and `PATCH /settings` API -- core: added `GET /configs/admin-console` and `PATCH /configs/admin-console` API - - `/configs/*` APIs are config/key-specific now. they may have different logic per key -- cli: change valid `logto db config` keys by removing `alterationState` and adding `adminConsole` since: - - OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it) - - alteration state is still a system-wide config diff --git a/.changeset/tricky-mirrors-act.md b/.changeset/tricky-mirrors-act.md deleted file mode 100644 index ffcb7e95e12..00000000000 --- a/.changeset/tricky-mirrors-act.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/schemas": patch ---- - -Update alteration script names after versioning diff --git a/.changeset/unlucky-lizards-agree.md b/.changeset/unlucky-lizards-agree.md deleted file mode 100644 index 26e8517c5d3..00000000000 --- a/.changeset/unlucky-lizards-agree.md +++ /dev/null @@ -1,23 +0,0 @@ ---- -"@logto/cli": minor ---- - -**CLI** - -**Rotate your private or secret key** - -We add a new command `db config rotate <key>` to support key rotation via CLI. - -When rotating, the CLI will generate a new key and prepend to the corresponding key array. Thus the old key is still valid and the service will use the new key for signing. - -Run `logto db config rotate help` for detailed usage. - -**Trim the private or secret key you don't need** - -If you want to trim one or more out-dated private or secret key(s) from the config, use the command `db config trim <key>`. It will remove the last item (private or secret key) in the array. - -You may remove the old key after a certain period (such as half a year) to allow most of your users have time to touch the new key. - -If you want to remove multiple keys at once, just append a number to the command. E.g. `logto db config trim oidc.cookieKeys 3`. - -Run `logto db config trim help` for detailed usage. diff --git a/.changeset/unlucky-months-clap.md b/.changeset/unlucky-months-clap.md deleted file mode 100644 index 377e8cd5284..00000000000 --- a/.changeset/unlucky-months-clap.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/core": minor ---- - -Add support to send and verify verification code in management APIs diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8248c5d0d45..5d6102a8fd4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,7 +25,7 @@ jobs: dockerize-core: environment: ${{ startsWith(github.ref, 'refs/tags/') && 'release' || '' }} # Use normal machine for OSS release since we'll build on Depot - runs-on: ${{ startsWith(github.ref, 'refs/tags/') && 'ubuntu-latest' || 'ubuntu-latest-4-cores' }} + runs-on: ${{ (inputs.target || 'dev') == 'dev' && 'ubuntu-latest' || 'ubuntu-latest-4-cores' }} permissions: contents: read id-token: write @@ -96,7 +96,7 @@ jobs: dockerize-cloud: # Use normal machine for OSS release since we'll build on Depot - runs-on: ${{ startsWith(github.ref, 'refs/tags/') && 'ubuntu-latest' || 'ubuntu-latest-4-cores' }} + runs-on: (inputs.target || 'dev') == 'dev' && 'ubuntu-latest' || 'ubuntu-latest-4-cores' }} steps: - uses: actions/checkout@v3 diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md index 9aadae1eb08..5776d00db31 100644 --- a/packages/cli/CHANGELOG.md +++ b/packages/cli/CHANGELOG.md @@ -1,5 +1,84 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 343b1090f: **Seed data for cloud** + + - cli!: remove `oidc` option for `database seed` command as it's unused + - cli: add hidden `--cloud` option for `database seed` command to init cloud data + - cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update + - move `UrlSet` and `GlobalValues` to `@logto/shared` + +- 1c9160112: Packages are now ESM. +- f41fd3f05: drop settings table and add systems table + + **BREAKING CHANGES** + + - core: removed `GET /settings` and `PATCH /settings` API + - core: added `GET /configs/admin-console` and `PATCH /configs/admin-console` API + - `/configs/*` APIs are config/key-specific now. they may have different logic per key + - cli: change valid `logto db config` keys by removing `alterationState` and adding `adminConsole` since: + - OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it) + - alteration state is still a system-wide config + +### Minor Changes + +- f41fd3f05: Add `logto database alteration rollback` command for running `down()` alteration scripts +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- 343b1090f: Add CLI command to get/set db's system table value +- f41fd3f05: - cli: use `ec` with `secp384r1` as the default key generation type + - core: use `ES384` as the signing algorithm for EC keys +- 3ff2e90cd: **CLI** + + **Rotate your private or secret key** + + We add a new command `db config rotate <key>` to support key rotation via CLI. + + When rotating, the CLI will generate a new key and prepend to the corresponding key array. Thus the old key is still valid and the service will use the new key for signing. + + Run `logto db config rotate help` for detailed usage. + + **Trim the private or secret key you don't need** + + If you want to trim one or more out-dated private or secret key(s) from the config, use the command `db config trim <key>`. It will remove the last item (private or secret key) in the array. + + You may remove the old key after a certain period (such as half a year) to allow most of your users have time to touch the new key. + + If you want to remove multiple keys at once, just append a number to the command. E.g. `logto db config trim oidc.cookieKeys 3`. + + Run `logto db config trim help` for detailed usage. + +### Patch Changes + +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. +- 7fb689b73: Fix version lifecycle script +- 1c9160112: - Remove official connectors inquiry + - Fix default download url with current package version +- Updated dependencies [343b1090f] +- Updated dependencies [e63f5f8b0] +- Updated dependencies [f41fd3f05] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [38970fb88] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] +- Updated dependencies [1c9160112] +- Updated dependencies [7fb689b73] +- Updated dependencies [343b1090f] +- Updated dependencies [f41fd3f05] +- Updated dependencies [f41fd3f05] +- Updated dependencies [2d45cc3e6] + - @logto/schemas@1.0.0 + - @logto/shared@1.0.0 + - @logto/connector-kit@1.1.0 + - @logto/core-kit@1.1.0 + ## 1.0.0-rc.3 ## 1.0.0-rc.2 diff --git a/packages/cli/package.json b/packages/cli/package.json index e07c74b860c..a720850a046 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@logto/cli", - "version": "1.0.0-rc.3", + "version": "1.0.0", "description": "Logto CLI.", "author": "Silverhand Inc. <contact@silverhand.io>", "homepage": "https://github.com/logto-io/logto#readme", diff --git a/packages/cloud/CHANGELOG.md b/packages/cloud/CHANGELOG.md index 16ab934c85b..be6ed3b112e 100644 --- a/packages/cloud/CHANGELOG.md +++ b/packages/cloud/CHANGELOG.md @@ -1,5 +1,52 @@ # @logto/cloud +## 0.2.0 + +### Minor Changes + +- 343b1090f: Add demo social connectors for new tenant +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- 343b1090f: Add send sms service +- 343b1090f: Add Cloud API: send email + +### Patch Changes + +- 343b1090f: **Seed data for cloud** + + - cli!: remove `oidc` option for `database seed` command as it's unused + - cli: add hidden `--cloud` option for `database seed` command to init cloud data + - cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update + - move `UrlSet` and `GlobalValues` to `@logto/shared` + +- Updated dependencies [343b1090f] +- Updated dependencies [f41fd3f05] +- Updated dependencies [e63f5f8b0] +- Updated dependencies [f41fd3f05] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [38970fb88] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] +- Updated dependencies [1c9160112] +- Updated dependencies [f41fd3f05] +- Updated dependencies [7fb689b73] +- Updated dependencies [1c9160112] +- Updated dependencies [343b1090f] +- Updated dependencies [f41fd3f05] +- Updated dependencies [f41fd3f05] +- Updated dependencies [2d45cc3e6] +- Updated dependencies [3ff2e90cd] + - @logto/schemas@1.0.0 + - @logto/shared@1.0.0 + - @logto/cli@1.0.0 + - @logto/connector-kit@1.1.0 + - @logto/core-kit@1.1.0 + ## 0.1.1-rc.0 ### Patch Changes diff --git a/packages/cloud/package.json b/packages/cloud/package.json index 72da1439f5d..752f8174429 100644 --- a/packages/cloud/package.json +++ b/packages/cloud/package.json @@ -1,6 +1,6 @@ { "name": "@logto/cloud", - "version": "0.1.1-rc.0", + "version": "0.2.0", "description": "Logto Cloud service.", "main": "build/index.js", "author": "Silverhand Inc. <contact@silverhand.io>", diff --git a/packages/console/CHANGELOG.md b/packages/console/CHANGELOG.md index 0a4a4006bc0..3089f3b2e5a 100644 --- a/packages/console/CHANGELOG.md +++ b/packages/console/CHANGELOG.md @@ -1,5 +1,117 @@ # Change Log +## 1.0.0 + +### Major Changes + +- c12717412: **Decouple users and admins** + + ## 💥 BREAKING CHANGES 💥 + + Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure. + + From this version, Logto now listens to two ports by default, one for normal users (`3001`), and one for admins (`3002`). + + - Nothing changed for normal users. No adaption is needed. + - For admin users: + - The default Admin Console URL has been changed to `http://localhost:3002/console`. + - To change the admin port, set the environment variable `ADMIN_PORT`. For instance, `ADMIN_PORT=3456`. + - You can specify a custom endpoint for admins by setting the environment variable `ADMIN_ENDPOINT`. For example, `ADMIN_ENDPOINT=https://admin.your-domain.com`. + - You can now completely disable admin endpoints by setting `ADMIN_DISABLE_LOCALHOST=1` and leaving `ADMIN_ENDPOINT` unset. + - Admin Console and admin user data are not accessible via normal user endpoints, including `localhost` and `ENDPOINT` from the environment. + - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them. + - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded). + + If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest. + + > **Note** DID YOU KNOW + > + > Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data. + +- 1c9160112: ### Features + + - Enhanced user search params #2639 + - Web hooks + + ### Improvements + + - Refactored Interaction APIs and Audit logs + +- f41fd3f05: drop settings table and add systems table + + **BREAKING CHANGES** + + - core: removed `GET /settings` and `PATCH /settings` API + - core: added `GET /configs/admin-console` and `PATCH /configs/admin-console` API + - `/configs/*` APIs are config/key-specific now. they may have different logic per key + - cli: change valid `logto db config` keys by removing `alterationState` and adding `adminConsole` since: + - OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it) + - alteration state is still a system-wide config + +### Minor Changes + +- 343b1090f: ### Add dynamic favicon and html title + + - Add the favicon field in the sign-in-experience branding settings. Users would be able to upload their own favicon. Use local logto icon as a fallback + + - Set different html title for different pages. + - sign-in + - register + - forgot-password + - logto + +- c12717412: ## Creating your social connector with ease + + We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs. + + To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format. + +- 343b1090f: - Automatically create a new tenant for new cloud users + - Support path-based multi-tenancy +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- 343b1090f: ### Add privacy policy url + + In addition to the terms of service url, we also provide a privacy policy url field in the sign-in-experience settings. To better support the end-users' privacy declaration needs. + +- 343b1090f: New feature: User account settings page + + - We have removed the previous settings page and moved it to the account settings page. You can access to the new settings menu by clicking the user avatar in the top right corner. + - You can directly change the language or theme from the popover menu, and explore more account settings by clicking the "Profile" menu item. + - You can update your avatar, name and username in the profile page, and also changing your password. + - [Cloud] Cloud users can also link their email address and social accounts (Google and GitHub at first launch). + +- 343b1090f: remove the branding style config and make the logo URL config optional +- 343b1090f: Add custom CSS code editor so that users can apply advanced UI customization. + - Users can check the real time preview of the CSS via SIE preview on the right side. +- 2168936b9: **Sign-in Experience v2** + + We are thrilled to announce the release of the newest version of the Sign-in Experience, which includes more ways to sign-in and sign-up, as well as a framework that is easier to understand and more flexible to configure in the Admin Console. + + When compared to Sign-in Experience v1, this version’s capability was expanded so that it could support a greater variety of flexible use cases. For example, now users can sign up with email verification code and sign in with email and password. + + We hope that this will be able to assist developers in delivering a successful sign-in flow, which will also be appreciated by the end users. + +- f41fd3f05: Replace the `sms` naming convention using `phone` cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names. + +### Patch Changes + +- 343b1090f: ## Refactor the Admin Console 403 flow + + - Add 403 error handler for all AC API requests + - Show confirm modal to notify the user who is not authorized + - Click `confirm` button to sign out and redirect user to the sign-in page + +- 343b1090f: add deletion confirm for in-used passwordless connectors +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. +- 343b1090f: **Seed data for cloud** + + - cli!: remove `oidc` option for `database seed` command as it's unused + - cli: add hidden `--cloud` option for `database seed` command to init cloud data + - cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update + - move `UrlSet` and `GlobalValues` to `@logto/shared` + +- 1c9160112: Various UI improvements + ## 1.0.0-rc.3 ## 1.0.0-rc.2 diff --git a/packages/console/package.json b/packages/console/package.json index 0de8c85de3f..f197bf663e6 100644 --- a/packages/console/package.json +++ b/packages/console/package.json @@ -1,6 +1,6 @@ { "name": "@logto/console", - "version": "1.0.0-rc.3", + "version": "1.0.0", "description": "> TODO: description", "author": "Silverhand Inc. <contact@silverhand.io>", "homepage": "https://github.com/logto-io/logto#readme", diff --git a/packages/core/CHANGELOG.md b/packages/core/CHANGELOG.md index a78a4f575fd..75009a9da5d 100644 --- a/packages/core/CHANGELOG.md +++ b/packages/core/CHANGELOG.md @@ -1,5 +1,205 @@ # Change Log +## 1.0.0 + +### Major Changes + +- c12717412: **Decouple users and admins** + + ## 💥 BREAKING CHANGES 💥 + + Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure. + + From this version, Logto now listens to two ports by default, one for normal users (`3001`), and one for admins (`3002`). + + - Nothing changed for normal users. No adaption is needed. + - For admin users: + - The default Admin Console URL has been changed to `http://localhost:3002/console`. + - To change the admin port, set the environment variable `ADMIN_PORT`. For instance, `ADMIN_PORT=3456`. + - You can specify a custom endpoint for admins by setting the environment variable `ADMIN_ENDPOINT`. For example, `ADMIN_ENDPOINT=https://admin.your-domain.com`. + - You can now completely disable admin endpoints by setting `ADMIN_DISABLE_LOCALHOST=1` and leaving `ADMIN_ENDPOINT` unset. + - Admin Console and admin user data are not accessible via normal user endpoints, including `localhost` and `ENDPOINT` from the environment. + - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them. + - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded). + + If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest. + + > **Note** DID YOU KNOW + > + > Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data. + +- 1c9160112: Packages are now ESM. +- 343b1090f: **💥 BREAKING CHANGE 💥** Move `/api/phrase` API to `/api/.well-known/phrases` +- f41fd3f05: drop settings table and add systems table + + **BREAKING CHANGES** + + - core: removed `GET /settings` and `PATCH /settings` API + - core: added `GET /configs/admin-console` and `PATCH /configs/admin-console` API + - `/configs/*` APIs are config/key-specific now. they may have different logic per key + - cli: change valid `logto db config` keys by removing `alterationState` and adding `adminConsole` since: + - OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it) + - alteration state is still a system-wide config + +### Minor Changes + +- c12717412: - mask sensitive password value in audit logs +- f41fd3f05: Replace `passcode` naming convention in the interaction APIs and main flow ui with `verificationCode`. +- c12717412: ## Creating your social connector with ease + + We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs. + + To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format. + +- c12717412: ## Enable connector method `getUserInfo` read and write access to DB + + Logto connectors are designed to be stateless to the extent possible and practical, but it still has some exceptions at times. + + With the recent addition of database read and write access, connectors can now store persistent information. For example, connectors can now store access tokens and refresh tokens to minimize number of requests to social vendor's APIs. + +- 343b1090f: - Automatically create a new tenant for new cloud users + - Support path-based multi-tenancy +- 343b1090f: Add storage provider: S3Storage +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- 343b1090f: ### Add privacy policy url + + In addition to the terms of service url, we also provide a privacy policy url field in the sign-in-experience settings. To better support the end-users' privacy declaration needs. + +- 18e3b82e6: Add user suspend API endpoint + + Use `PATCH /api/users/:userId/is-suspended` to update a user's suspended state, once a user is suspended, all refresh tokens belong to this user will be revoked. + + Suspended users will get an error toast when trying to sign in. + +- 343b1090f: Add API for uploading user images to storage providers: Azure Storage. +- f41fd3f05: Officially cleanup all deprecated `/session` APIs in core and all the related integration tests. +- 343b1090f: **Add `sessionNotFoundRedirectUrl` tenant config** + + - User can use this optional config to designate the URL to redirect if session not found in Sign-in Experience. + - Session guard now works for root path as well. + +- 343b1090f: New feature: User account settings page + + - We have removed the previous settings page and moved it to the account settings page. You can access to the new settings menu by clicking the user avatar in the top right corner. + - You can directly change the language or theme from the popover menu, and explore more account settings by clicking the "Profile" menu item. + - You can update your avatar, name and username in the profile page, and also changing your password. + - [Cloud] Cloud users can also link their email address and social accounts (Google and GitHub at first launch). + +- 343b1090f: remove the branding style config and make the logo URL config optional +- c12717412: **Customize CSS for Sign-in Experience** + + We have put a lot of effort into improving the user sign-in experience and have provided a brand color option for the UI. However, we know that fine-tuning UI requirements can be unpredictable. While Logto is still exploring the best options for customization, we want to provide a programmatic method to unblock your development. + + You can now use the Management API `PATCH /api/sign-in-exp` with body `{ "customCss": "arbitrary string" }` to set customized CSS for the sign-in experience. You should see the value of `customCss` attached after `<title>` of the page. If the style has a higher priority, it should be able to override. + + > **Note** + > + > Since Logto uses CSS Modules, you may see a hash value in the `class` property of DOM elements (e.g. a `<div>` with `vUugRG_container`). To override these, you can use the `$=` CSS selector to match elements that end with a specified value. In this case, it should be `div[class$=container]`. + +- 2168936b9: **Sign-in Experience v2** + + We are thrilled to announce the release of the newest version of the Sign-in Experience, which includes more ways to sign-in and sign-up, as well as a framework that is easier to understand and more flexible to configure in the Admin Console. + + When compared to Sign-in Experience v1, this version’s capability was expanded so that it could support a greater variety of flexible use cases. For example, now users can sign up with email verification code and sign in with email and password. + + We hope that this will be able to assist developers in delivering a successful sign-in flow, which will also be appreciated by the end users. + +- 1c9160112: ### Features + + - Enhanced user search params #2639 + - Web hooks + + ### Improvements + + - Refactored Interaction APIs and Audit logs + +- f41fd3f05: - cli: use `ec` with `secp384r1` as the default key generation type + - core: use `ES384` as the signing algorithm for EC keys +- 343b1090f: ### Add custom content sign-in-experience settings to allow insert custom static html content to the logto sign-in pages + + - feat: combine with the custom css, give the user the ability to further customize the sign-in pages + +- fdb2bb48e: **Streamlining the social sign-up flow** + + - detect trusted email (or phone number) from the social account + - email (or phone number) has been registered: automatically connecting the social identity to the existing user account with a single click + - email (or phone number) not registered: automatically sync up the user profile with the social provided email (or phone) if and only if marked as a required user profile. + +- f41fd3f05: Replace the `sms` naming convention using `phone` cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names. +- 402866994: **💥 Breaking change 💥** + + Use case-insensitive strategy for searching emails + +- f41fd3f05: Add support to send and verify verification code in management APIs + +### Patch Changes + +- e63f5f8b0: Bump connector kit version to fix "Continue" issues on sending email/sms. +- 51f527b0c: bug fixes + + - core: fix 500 error when enabling app admin access in console + - ui: handle required profile errors on social binding flow + +- 343b1090f: ## Refactor the Admin Console 403 flow + + - Add 403 error handler for all AC API requests + - Show confirm modal to notify the user who is not authorized + - Click `confirm` button to sign out and redirect user to the sign-in page + +- 343b1090f: Add interactionMode extra OIDC params to specify the desired use interaction experience + + - signUp: Deliver a sign-up first interaction experience + - signIn & undefined: Deliver a default sign-in first interaction experience + +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. +- 343b1090f: **Seed data for cloud** + + - cli!: remove `oidc` option for `database seed` command as it's unused + - cli: add hidden `--cloud` option for `database seed` command to init cloud data + - cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update + - move `UrlSet` and `GlobalValues` to `@logto/shared` + +- 5e1466f40: Allow localhost CORS when only one endpoint available +- Updated dependencies [343b1090f] +- Updated dependencies [f41fd3f05] +- Updated dependencies [e63f5f8b0] +- Updated dependencies [f41fd3f05] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [68f2d56a2] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [38970fb88] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] +- Updated dependencies [f41fd3f05] +- Updated dependencies [7fb689b73] +- Updated dependencies [1c9160112] +- Updated dependencies [343b1090f] +- Updated dependencies [f41fd3f05] +- Updated dependencies [f41fd3f05] +- Updated dependencies [2d45cc3e6] +- Updated dependencies [3ff2e90cd] + - @logto/schemas@1.0.0 + - @logto/shared@1.0.0 + - @logto/cli@1.0.0 + - @logto/phrases-ui@1.0.0 + - @logto/phrases@1.0.0 + - @logto/connector-kit@1.1.0 + - @logto/core-kit@1.1.0 + ## 1.0.0-rc.3 ### Patch Changes diff --git a/packages/core/package.json b/packages/core/package.json index 92507ecf98c..51b3b59c288 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -1,6 +1,6 @@ { "name": "@logto/core", - "version": "1.0.0-rc.3", + "version": "1.0.0", "description": "The open source identity solution.", "main": "build/index.js", "author": "Silverhand Inc. <contact@silverhand.io>", diff --git a/packages/create/CHANGELOG.md b/packages/create/CHANGELOG.md index b38295b14af..306108eaf54 100644 --- a/packages/create/CHANGELOG.md +++ b/packages/create/CHANGELOG.md @@ -1,5 +1,30 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 1c9160112: Packages are now ESM. + +### Patch Changes + +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. +- 7fb689b73: Fix version lifecycle script +- 1c9160112: - Remove official connectors inquiry + - Fix default download url with current package version +- Updated dependencies [f41fd3f05] +- Updated dependencies [343b1090f] +- Updated dependencies [38970fb88] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] +- Updated dependencies [f41fd3f05] +- Updated dependencies [7fb689b73] +- Updated dependencies [1c9160112] +- Updated dependencies [f41fd3f05] +- Updated dependencies [3ff2e90cd] + - @logto/cli@1.0.0 + ## 1.0.0-rc.3 ### Patch Changes diff --git a/packages/create/package.json b/packages/create/package.json index 50fd2facfaf..9dff72ac28d 100644 --- a/packages/create/package.json +++ b/packages/create/package.json @@ -1,6 +1,6 @@ { "name": "@logto/create", - "version": "1.0.0-rc.3", + "version": "1.0.0", "author": "Silverhand Inc. <contact@silverhand.io>", "license": "MPL-2.0", "type": "module", diff --git a/packages/demo-app/CHANGELOG.md b/packages/demo-app/CHANGELOG.md index a3fa0ab1419..7a90d1de0d9 100644 --- a/packages/demo-app/CHANGELOG.md +++ b/packages/demo-app/CHANGELOG.md @@ -1,5 +1,11 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 1c9160112: Packages are now ESM. + ## 1.0.0-beta.13 ### Major Changes diff --git a/packages/demo-app/package.json b/packages/demo-app/package.json index bc92360c3e8..30a11faf6e2 100644 --- a/packages/demo-app/package.json +++ b/packages/demo-app/package.json @@ -1,6 +1,6 @@ { "name": "@logto/demo-app", - "version": "1.0.0-rc.0", + "version": "1.0.0", "description": "Logto demo app.", "author": "Silverhand Inc. <contact@silverhand.io>", "license": "MPL-2.0", diff --git a/packages/integration-tests/CHANGELOG.md b/packages/integration-tests/CHANGELOG.md index 2ad2f8e3a64..a709ab62be8 100644 --- a/packages/integration-tests/CHANGELOG.md +++ b/packages/integration-tests/CHANGELOG.md @@ -1,5 +1,25 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 1c9160112: Packages are now ESM. + +### Minor Changes + +- f41fd3f05: Replace `passcode` naming convention in the interaction APIs and main flow ui with `verificationCode`. +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- f41fd3f05: Officially cleanup all deprecated `/session` APIs in core and all the related integration tests. +- f41fd3f05: Replace the `sms` naming convention using `phone` cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names. +- 402866994: **💥 Breaking change 💥** + + Use case-insensitive strategy for searching emails + +### Patch Changes + +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. + ## 1.0.0-rc.3 ## 1.0.0-rc.2 diff --git a/packages/integration-tests/package.json b/packages/integration-tests/package.json index b03e215c7ab..fbf1d095cca 100644 --- a/packages/integration-tests/package.json +++ b/packages/integration-tests/package.json @@ -1,6 +1,6 @@ { "name": "@logto/integration-tests", - "version": "1.0.0-rc.3", + "version": "1.0.0", "description": "Integration tests for Logto.", "author": "Silverhand Inc. <contact@silverhand.io>", "license": "MPL-2.0", diff --git a/packages/phrases-ui/CHANGELOG.md b/packages/phrases-ui/CHANGELOG.md index b3841524ca0..6e43ee490cb 100644 --- a/packages/phrases-ui/CHANGELOG.md +++ b/packages/phrases-ui/CHANGELOG.md @@ -1,5 +1,67 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 1c9160112: Packages are now ESM. + +### Minor Changes + +- 343b1090f: ### Update the password policy + + Password policy description: Password requires a minimum of 8 characters and contains a mix of letters, numbers, and symbols. + + - min-length updates: Password requires a minimum of 8 characters + - allowed characters updates: Password contains a mix of letters, numbers, and symbols + - digits: 0-9 + - letters: a-z, A-Z + - symbols: !"#$%&'()\*+,./:;<=>?@[\]^\_`{|}~- + - At least two types of characters are required: + - letters and digits + - letters and symbols + - digits and symbols + + > notice: The new password policy is applied to new users or new passwords only. Existing users are not affected by this change, users may still use their old password to sign-in. + +- 343b1090f: ### Add dynamic favicon and html title + + - Add the favicon field in the sign-in-experience branding settings. Users would be able to upload their own favicon. Use local logto icon as a fallback + + - Set different html title for different pages. + - sign-in + - register + - forgot-password + - logto + +- c12717412: ## Creating your social connector with ease + + We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs. + + To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format. + +- 68f2d56a2: Add German language +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- c12717412: Added Russian translation. +- c12717412: ## Smart Identifier Input designed to streamline your sign-in experience + + - Smart Contact Input + - Smart Identifier Input + - Intelligent Identifier Input Field + + Content: + We have integrated the traditional input fields for username, phone number, and email into a single intelligent input box. This advanced input box automatically identifies the type of characters you’re entering, such as an @ sign or consecutive numbers, and provides relevant error feedback. By streamlining the sign-in process, users no longer need to waste time figuring out which button to click to switch their desired login method. This reduces the risk of errors and ensures a smoother sign-in experience. + +- 343b1090f: Implement a country code selector dropdown component with search box. Users may able to quick search for a country code by typing in the search box. +- 1c9160112: ### Features + + - Enhanced user search params #2639 + - Web hooks + + ### Improvements + + - Refactored Interaction APIs and Audit logs + ## 1.0.0-rc.1 ### Minor Changes diff --git a/packages/phrases-ui/package.json b/packages/phrases-ui/package.json index 3a2bbcae1ea..fb517838cfe 100644 --- a/packages/phrases-ui/package.json +++ b/packages/phrases-ui/package.json @@ -1,6 +1,6 @@ { "name": "@logto/phrases-ui", - "version": "1.0.0-rc.1", + "version": "1.0.0", "description": "Logto shared phrases (i18n) for main flow.", "author": "Silverhand Inc. <contact@silverhand.io>", "homepage": "https://github.com/logto-io/logto#readme", diff --git a/packages/phrases/CHANGELOG.md b/packages/phrases/CHANGELOG.md index 1441b5534c3..26834e0dcee 100644 --- a/packages/phrases/CHANGELOG.md +++ b/packages/phrases/CHANGELOG.md @@ -1,5 +1,59 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 1c9160112: Packages are now ESM. + +### Minor Changes + +- 343b1090f: ### Add dynamic favicon and html title + + - Add the favicon field in the sign-in-experience branding settings. Users would be able to upload their own favicon. Use local logto icon as a fallback + + - Set different html title for different pages. + - sign-in + - register + - forgot-password + - logto + +- c12717412: ## Creating your social connector with ease + + We’re excited to announce that Logto now supports standard protocols (SAML, OIDC, and OAuth2.0) for creating social connectors to integrate external identity providers. Each protocol can create multiple social connectors, giving you more control over your access needs. + + To simplify the process of configuring social connectors, we’re replacing code-edit with simple forms. SAML already supports form configuration, with other connectors coming soon. This means you don’t need to compare documents or worry about code format. + +- 68f2d56a2: Add German language +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- 343b1090f: ### Add privacy policy url + + In addition to the terms of service url, we also provide a privacy policy url field in the sign-in-experience settings. To better support the end-users' privacy declaration needs. + +- 343b1090f: New feature: User account settings page + + - We have removed the previous settings page and moved it to the account settings page. You can access to the new settings menu by clicking the user avatar in the top right corner. + - You can directly change the language or theme from the popover menu, and explore more account settings by clicking the "Profile" menu item. + - You can update your avatar, name and username in the profile page, and also changing your password. + - [Cloud] Cloud users can also link their email address and social accounts (Google and GitHub at first launch). + +- 343b1090f: remove the branding style config and make the logo URL config optional +- 343b1090f: Add custom CSS code editor so that users can apply advanced UI customization. + - Users can check the real time preview of the CSS via SIE preview on the right side. +- 1c9160112: ### Features + + - Enhanced user search params #2639 + - Web hooks + + ### Improvements + + - Refactored Interaction APIs and Audit logs + +### Patch Changes + +- 343b1090f: add deletion confirm for in-used passwordless connectors +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. + ## 1.0.0-rc.1 ### Minor Changes diff --git a/packages/phrases/package.json b/packages/phrases/package.json index 47a0c26c581..5a823183eea 100644 --- a/packages/phrases/package.json +++ b/packages/phrases/package.json @@ -1,6 +1,6 @@ { "name": "@logto/phrases", - "version": "1.0.0-rc.1", + "version": "1.0.0", "description": "Logto shared phrases (i18n).", "author": "Silverhand Inc. <contact@silverhand.io>", "homepage": "https://github.com/logto-io/logto#readme", diff --git a/packages/schemas/CHANGELOG.md b/packages/schemas/CHANGELOG.md index 436b467a7dc..130b4d3f191 100644 --- a/packages/schemas/CHANGELOG.md +++ b/packages/schemas/CHANGELOG.md @@ -1,5 +1,119 @@ # Change Log +## 1.0.0 + +### Major Changes + +- c12717412: **Decouple users and admins** + + ## 💥 BREAKING CHANGES 💥 + + Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure. + + From this version, Logto now listens to two ports by default, one for normal users (`3001`), and one for admins (`3002`). + + - Nothing changed for normal users. No adaption is needed. + - For admin users: + - The default Admin Console URL has been changed to `http://localhost:3002/console`. + - To change the admin port, set the environment variable `ADMIN_PORT`. For instance, `ADMIN_PORT=3456`. + - You can specify a custom endpoint for admins by setting the environment variable `ADMIN_ENDPOINT`. For example, `ADMIN_ENDPOINT=https://admin.your-domain.com`. + - You can now completely disable admin endpoints by setting `ADMIN_DISABLE_LOCALHOST=1` and leaving `ADMIN_ENDPOINT` unset. + - Admin Console and admin user data are not accessible via normal user endpoints, including `localhost` and `ENDPOINT` from the environment. + - Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them. + - Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded). + + If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest. + + > **Note** DID YOU KNOW + > + > Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data. + +- 1c9160112: Packages are now ESM. +- f41fd3f05: drop settings table and add systems table + + **BREAKING CHANGES** + + - core: removed `GET /settings` and `PATCH /settings` API + - core: added `GET /configs/admin-console` and `PATCH /configs/admin-console` API + - `/configs/*` APIs are config/key-specific now. they may have different logic per key + - cli: change valid `logto db config` keys by removing `alterationState` and adding `adminConsole` since: + - OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it) + - alteration state is still a system-wide config + +### Minor Changes + +- 343b1090f: Add demo social connectors for new tenant +- f41fd3f05: Replace `passcode` naming convention in the interaction APIs and main flow ui with `verificationCode`. +- 343b1090f: ### Add dynamic favicon and html title + + - Add the favicon field in the sign-in-experience branding settings. Users would be able to upload their own favicon. Use local logto icon as a fallback + + - Set different html title for different pages. + - sign-in + - register + - forgot-password + - logto + +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- 343b1090f: ### Add privacy policy url + + In addition to the terms of service url, we also provide a privacy policy url field in the sign-in-experience settings. To better support the end-users' privacy declaration needs. + +- 343b1090f: **Add `sessionNotFoundRedirectUrl` tenant config** + + - User can use this optional config to designate the URL to redirect if session not found in Sign-in Experience. + - Session guard now works for root path as well. + +- 343b1090f: remove the branding style config and make the logo URL config optional +- 1c9160112: ### Features + + - Enhanced user search params #2639 + - Web hooks + + ### Improvements + + - Refactored Interaction APIs and Audit logs + +- 343b1090f: ### Add custom content sign-in-experience settings to allow insert custom static html content to the logto sign-in pages + + - feat: combine with the custom css, give the user the ability to further customize the sign-in pages + +- f41fd3f05: Replace the `sms` naming convention using `phone` cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names. + +### Patch Changes + +- e63f5f8b0: Bump connector kit version to fix "Continue" issues on sending email/sms. +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. +- 343b1090f: **Seed data for cloud** + + - cli!: remove `oidc` option for `database seed` command as it's unused + - cli: add hidden `--cloud` option for `database seed` command to init cloud data + - cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update + - move `UrlSet` and `GlobalValues` to `@logto/shared` + +- 7fb689b73: Fix version lifecycle script +- 2d45cc3e6: Update alteration script names after versioning +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [68f2d56a2] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [38970fb88] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] + - @logto/phrases-ui@1.0.0 + - @logto/phrases@1.0.0 + - @logto/connector-kit@1.1.0 + - @logto/core-kit@1.1.0 + ## 1.0.0-rc.1 ### Major Changes diff --git a/packages/schemas/alterations/next-1677208902-update-admin-console-config.ts b/packages/schemas/alterations/1.0.0-1677208902-update-admin-console-config.ts similarity index 100% rename from packages/schemas/alterations/next-1677208902-update-admin-console-config.ts rename to packages/schemas/alterations/1.0.0-1677208902-update-admin-console-config.ts diff --git a/packages/schemas/alterations/next-1677765137-seed-for-admin-tenant.ts b/packages/schemas/alterations/1.0.0-1677765137-seed-for-admin-tenant.ts similarity index 100% rename from packages/schemas/alterations/next-1677765137-seed-for-admin-tenant.ts rename to packages/schemas/alterations/1.0.0-1677765137-seed-for-admin-tenant.ts diff --git a/packages/schemas/alterations/next-1677907982-allow-admin-create-multiple-tenants.ts b/packages/schemas/alterations/1.0.0-1677907982-allow-admin-create-multiple-tenants.ts similarity index 100% rename from packages/schemas/alterations/next-1677907982-allow-admin-create-multiple-tenants.ts rename to packages/schemas/alterations/1.0.0-1677907982-allow-admin-create-multiple-tenants.ts diff --git a/packages/schemas/alterations/next-1678157950-privacy-policy-url.ts b/packages/schemas/alterations/1.0.0-1678157950-privacy-policy-url.ts similarity index 100% rename from packages/schemas/alterations/next-1678157950-privacy-policy-url.ts rename to packages/schemas/alterations/1.0.0-1678157950-privacy-policy-url.ts diff --git a/packages/schemas/alterations/next-1678199795-add-verification-status-table.ts b/packages/schemas/alterations/1.0.0-1678199795-add-verification-status-table.ts similarity index 100% rename from packages/schemas/alterations/next-1678199795-add-verification-status-table.ts rename to packages/schemas/alterations/1.0.0-1678199795-add-verification-status-table.ts diff --git a/packages/schemas/alterations/next-1678259693-remove-branding-style-config.ts b/packages/schemas/alterations/1.0.0-1678259693-remove-branding-style-config.ts similarity index 100% rename from packages/schemas/alterations/next-1678259693-remove-branding-style-config.ts rename to packages/schemas/alterations/1.0.0-1678259693-remove-branding-style-config.ts diff --git a/packages/schemas/alterations/next-1678269972-use-restrictive-policies.ts b/packages/schemas/alterations/1.0.0-1678269972-use-restrictive-policies.ts similarity index 100% rename from packages/schemas/alterations/next-1678269972-use-restrictive-policies.ts rename to packages/schemas/alterations/1.0.0-1678269972-use-restrictive-policies.ts diff --git a/packages/schemas/alterations/next-1678284778-restrict-internal-roles.ts b/packages/schemas/alterations/1.0.0-1678284778-restrict-internal-roles.ts similarity index 100% rename from packages/schemas/alterations/next-1678284778-restrict-internal-roles.ts rename to packages/schemas/alterations/1.0.0-1678284778-restrict-internal-roles.ts diff --git a/packages/schemas/alterations/next-1678425761-m2m-app-for-tenants.ts b/packages/schemas/alterations/1.0.0-1678425761-m2m-app-for-tenants.ts similarity index 100% rename from packages/schemas/alterations/next-1678425761-m2m-app-for-tenants.ts rename to packages/schemas/alterations/1.0.0-1678425761-m2m-app-for-tenants.ts diff --git a/packages/schemas/alterations/next-1678450233-support-custom-content.ts b/packages/schemas/alterations/1.0.0-1678450233-support-custom-content.ts similarity index 100% rename from packages/schemas/alterations/next-1678450233-support-custom-content.ts rename to packages/schemas/alterations/1.0.0-1678450233-support-custom-content.ts diff --git a/packages/schemas/alterations/next-1678716747-service-logs.ts b/packages/schemas/alterations/1.0.0-1678716747-service-logs.ts similarity index 100% rename from packages/schemas/alterations/next-1678716747-service-logs.ts rename to packages/schemas/alterations/1.0.0-1678716747-service-logs.ts diff --git a/packages/schemas/alterations/next-1678928481-remove-deprecated-logto-config-item.ts b/packages/schemas/alterations/1.0.0-1678928481-remove-deprecated-logto-config-item.ts similarity index 100% rename from packages/schemas/alterations/next-1678928481-remove-deprecated-logto-config-item.ts rename to packages/schemas/alterations/1.0.0-1678928481-remove-deprecated-logto-config-item.ts diff --git a/packages/schemas/alterations/next-1678953179-update-get-started-task-config.ts b/packages/schemas/alterations/1.0.0-1678953179-update-get-started-task-config.ts similarity index 100% rename from packages/schemas/alterations/next-1678953179-update-get-started-task-config.ts rename to packages/schemas/alterations/1.0.0-1678953179-update-get-started-task-config.ts diff --git a/packages/schemas/alterations/next-1679209413-drop-connector-database-storage.ts b/packages/schemas/alterations/1.0.0-1679209413-drop-connector-database-storage.ts similarity index 100% rename from packages/schemas/alterations/next-1679209413-drop-connector-database-storage.ts rename to packages/schemas/alterations/1.0.0-1679209413-drop-connector-database-storage.ts diff --git a/packages/schemas/package.json b/packages/schemas/package.json index dd3c5172bdc..acbf6931664 100644 --- a/packages/schemas/package.json +++ b/packages/schemas/package.json @@ -1,6 +1,6 @@ { "name": "@logto/schemas", - "version": "1.0.0-rc.1", + "version": "1.0.0", "author": "Silverhand Inc. <contact@silverhand.io>", "license": "MPL-2.0", "type": "module", diff --git a/packages/shared/CHANGELOG.md b/packages/shared/CHANGELOG.md index 8e7a3f22026..14b37bc864f 100644 --- a/packages/shared/CHANGELOG.md +++ b/packages/shared/CHANGELOG.md @@ -1,5 +1,47 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 1c9160112: Packages are now ESM. + +### Minor Changes + +- 343b1090f: Add demo social connectors for new tenant +- 343b1090f: Allow admin tenant admin to create tenants without limitation + +### Patch Changes + +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. +- 343b1090f: **Seed data for cloud** + + - cli!: remove `oidc` option for `database seed` command as it's unused + - cli: add hidden `--cloud` option for `database seed` command to init cloud data + - cli, cloud: appending Redirect URIs to Admin Console will deduplicate values before update + - move `UrlSet` and `GlobalValues` to `@logto/shared` + +- Updated dependencies [343b1090f] +- Updated dependencies [e63f5f8b0] +- Updated dependencies [f41fd3f05] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [c12717412] +- Updated dependencies [343b1090f] +- Updated dependencies [38970fb88] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [343b1090f] +- Updated dependencies [1c9160112] +- Updated dependencies [1c9160112] +- Updated dependencies [7fb689b73] +- Updated dependencies [343b1090f] +- Updated dependencies [f41fd3f05] +- Updated dependencies [f41fd3f05] +- Updated dependencies [2d45cc3e6] + - @logto/schemas@1.0.0 + - @logto/core-kit@1.1.0 + ## 1.0.0-rc.1 ### Patch Changes diff --git a/packages/shared/package.json b/packages/shared/package.json index 5b02de53426..990082458a3 100644 --- a/packages/shared/package.json +++ b/packages/shared/package.json @@ -1,6 +1,6 @@ { "name": "@logto/shared", - "version": "1.0.0-rc.1", + "version": "1.0.0", "main": "lib/index.js", "author": "Silverhand Inc. <contact@silverhand.io>", "license": "MPL-2.0", diff --git a/packages/toolkit/connector-kit/CHANGELOG.md b/packages/toolkit/connector-kit/CHANGELOG.md index 21eaf183a51..d7da92fb0f8 100644 --- a/packages/toolkit/connector-kit/CHANGELOG.md +++ b/packages/toolkit/connector-kit/CHANGELOG.md @@ -1,5 +1,11 @@ # Change Log +## 1.1.0 + +### Minor Changes + +- 343b1090f: Allow admin tenant admin to create tenants without limitation + ## 1.0.0 ### Minor Changes diff --git a/packages/toolkit/connector-kit/package.json b/packages/toolkit/connector-kit/package.json index 7d9668bd552..efb06f7197a 100644 --- a/packages/toolkit/connector-kit/package.json +++ b/packages/toolkit/connector-kit/package.json @@ -1,6 +1,6 @@ { "name": "@logto/connector-kit", - "version": "1.0.0", + "version": "1.1.0", "author": "Silverhand Inc. <contact@silverhand.io>", "homepage": "https://github.com/logto-io/toolkit#readme", "repository": { diff --git a/packages/toolkit/core-kit/CHANGELOG.md b/packages/toolkit/core-kit/CHANGELOG.md index 898aa8c13e6..80ee60b254a 100644 --- a/packages/toolkit/core-kit/CHANGELOG.md +++ b/packages/toolkit/core-kit/CHANGELOG.md @@ -1,5 +1,11 @@ # Change Log +## 1.1.0 + +### Minor Changes + +- 343b1090f: Allow admin tenant admin to create tenants without limitation + ## 1.0.0 ### Minor Changes diff --git a/packages/toolkit/core-kit/package.json b/packages/toolkit/core-kit/package.json index aab78e80029..cf412cda649 100644 --- a/packages/toolkit/core-kit/package.json +++ b/packages/toolkit/core-kit/package.json @@ -1,6 +1,6 @@ { "name": "@logto/core-kit", - "version": "1.0.0", + "version": "1.1.0", "author": "Silverhand Inc. <contact@silverhand.io>", "homepage": "https://github.com/logto-io/toolkit#readme", "repository": { diff --git a/packages/ui/CHANGELOG.md b/packages/ui/CHANGELOG.md index cf29f902a2a..1aa1dfa856c 100644 --- a/packages/ui/CHANGELOG.md +++ b/packages/ui/CHANGELOG.md @@ -1,5 +1,131 @@ # Change Log +## 1.0.0 + +### Major Changes + +- 1c9160112: ### Features + + - Enhanced user search params #2639 + - Web hooks + + ### Improvements + + - Refactored Interaction APIs and Audit logs + +- 343b1090f: **💥 BREAKING CHANGE 💥** Move `/api/phrase` API to `/api/.well-known/phrases` + +### Minor Changes + +- 343b1090f: ### Simplify the terms of use and privacy policy manual agreement steps for the sign-in flow + + The Terms of Use and Privacy Policy manuel agreement are now removed from the sign-in flow. + + - The changes may take effect on all the existing sign-in flows, including password sign-in, social sign-in, and verification-code sign-in. + - The agreement checkbox in sign-in pages is now replaced with links to the Terms of Use and Privacy Policy pages. Users can still read the agreements before signing in. + - The manual agreement steps are still mandatory for the sign-up flow. Users must agree to the Terms of Use and Privacy Policy before signing up a new account. Including sign-up with new social identities. The agreement checkbox in sign-up pages remain still. + +- f41fd3f05: Replace `passcode` naming convention in the interaction APIs and main flow ui with `verificationCode`. +- 343b1090f: ### Update the password policy + + Password policy description: Password requires a minimum of 8 characters and contains a mix of letters, numbers, and symbols. + + - min-length updates: Password requires a minimum of 8 characters + - allowed characters updates: Password contains a mix of letters, numbers, and symbols + - digits: 0-9 + - letters: a-z, A-Z + - symbols: !"#$%&'()\*+,./:;<=>?@[\]^\_`{|}~- + - At least two types of characters are required: + - letters and digits + - letters and symbols + - digits and symbols + + > notice: The new password policy is applied to new users or new passwords only. Existing users are not affected by this change, users may still use their old password to sign-in. + +- 343b1090f: ### Add dynamic favicon and html title + + - Add the favicon field in the sign-in-experience branding settings. Users would be able to upload their own favicon. Use local logto icon as a fallback + + - Set different html title for different pages. + - sign-in + - register + - forgot-password + - logto + +- 343b1090f: Allow admin tenant admin to create tenants without limitation +- 343b1090f: ## Add iframe modal for mobile platform + + Implement a full screen iframe modal on the mobile platform. As for most of the webview containers, opening a new tab is not allowed. So we need to implement a full screen iframe modal to show the external link page on the mobile platform. + +- 343b1090f: New feature: User account settings page + + - We have removed the previous settings page and moved it to the account settings page. You can access to the new settings menu by clicking the user avatar in the top right corner. + - You can directly change the language or theme from the popover menu, and explore more account settings by clicking the "Profile" menu item. + - You can update your avatar, name and username in the profile page, and also changing your password. + - [Cloud] Cloud users can also link their email address and social accounts (Google and GitHub at first launch). + +- c12717412: ## Smart Identifier Input designed to streamline your sign-in experience + + - Smart Contact Input + - Smart Identifier Input + - Intelligent Identifier Input Field + + Content: + We have integrated the traditional input fields for username, phone number, and email into a single intelligent input box. This advanced input box automatically identifies the type of characters you’re entering, such as an @ sign or consecutive numbers, and provides relevant error feedback. By streamlining the sign-in process, users no longer need to waste time figuring out which button to click to switch their desired login method. This reduces the risk of errors and ensures a smoother sign-in experience. + +- 343b1090f: Implement a country code selector dropdown component with search box. Users may able to quick search for a country code by typing in the search box. +- 343b1090f: remove the branding style config and make the logo URL config optional +- c12717412: **Customize CSS for Sign-in Experience** + + We have put a lot of effort into improving the user sign-in experience and have provided a brand color option for the UI. However, we know that fine-tuning UI requirements can be unpredictable. While Logto is still exploring the best options for customization, we want to provide a programmatic method to unblock your development. + + You can now use the Management API `PATCH /api/sign-in-exp` with body `{ "customCss": "arbitrary string" }` to set customized CSS for the sign-in experience. You should see the value of `customCss` attached after `<title>` of the page. If the style has a higher priority, it should be able to override. + + > **Note** + > + > Since Logto uses CSS Modules, you may see a hash value in the `class` property of DOM elements (e.g. a `<div>` with `vUugRG_container`). To override these, you can use the `$=` CSS selector to match elements that end with a specified value. In this case, it should be `div[class$=container]`. + +- 343b1090f: Add custom CSS code editor so that users can apply advanced UI customization. + - Users can check the real time preview of the CSS via SIE preview on the right side. +- 2168936b9: **Sign-in Experience v2** + + We are thrilled to announce the release of the newest version of the Sign-in Experience, which includes more ways to sign-in and sign-up, as well as a framework that is easier to understand and more flexible to configure in the Admin Console. + + When compared to Sign-in Experience v1, this version’s capability was expanded so that it could support a greater variety of flexible use cases. For example, now users can sign up with email verification code and sign in with email and password. + + We hope that this will be able to assist developers in delivering a successful sign-in flow, which will also be appreciated by the end users. + +- 343b1090f: ### Add custom content sign-in-experience settings to allow insert custom static html content to the logto sign-in pages + + - feat: combine with the custom css, give the user the ability to further customize the sign-in pages + +- fdb2bb48e: **Streamlining the social sign-up flow** + + - detect trusted email (or phone number) from the social account + - email (or phone number) has been registered: automatically connecting the social identity to the existing user account with a single click + - email (or phone number) not registered: automatically sync up the user profile with the social provided email (or phone) if and only if marked as a required user profile. + +- f41fd3f05: Replace the `sms` naming convention using `phone` cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names. + +### Patch Changes + +- 51f527b0c: bug fixes + + - core: fix 500 error when enabling app admin access in console + - ui: handle required profile errors on social binding flow + +- 343b1090f: ## Implement a lite version of set password form. + + To simplify the effort when user set new password, we implement a lite version of set password form. + + The lite version of set password form only contains only one field password. It will be used if and only if the forgot-password feature is enabled (password can be reset either by email and phone). + + If you do not have any email or sms service enabled, we still use the old version of set password form which contains two fields: password and confirm password. + +- 38970fb88: Fix a Sign-in experience bug that may block some users to sign in. +- 02cc9abd8: Fix a bug to show forgot password when only SMS connector is configured +- 343b1090f: - Add Power By Logto Signature to the main-flow pages + ## 1.0.0-rc.3 ## 1.0.0-rc.2 diff --git a/packages/ui/package.json b/packages/ui/package.json index 83753f95262..8b3871842ca 100644 --- a/packages/ui/package.json +++ b/packages/ui/package.json @@ -1,6 +1,6 @@ { "name": "@logto/ui", - "version": "1.0.0-rc.3", + "version": "1.0.0", "license": "MPL-2.0", "type": "module", "private": true,