diff --git a/CHANGELOG.md b/CHANGELOG.md index 4a6f233c2..32eec5d61 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -161,6 +161,16 @@ import { getAppDirRequestHandler } from "supertokens-node/nextjs"; const handleCall = getAppDirRequestHandler(); ``` +## [20.1.5] - 2024-10-09 + +- Fixes an issue where users were not able to reset their password if a user with the same email address was created before account linking was enabled. +- Fixes and re-works some security checks connected to password reset. + +## [20.1.4] - 2024-10-07 + +- Fixes an issue where revoking sessions for a specific tenant didn't work well +- Fixes an issue where the automatic session revocation after linking didn't work across all tenants + ## [20.1.3] - 2024-09-30 - Replaces `psl` with `tldts` to avoid `punycode` deprecation warning. diff --git a/docs/classes/framework.BaseRequest.html b/docs/classes/framework.BaseRequest.html index 579d81088..4e62260d6 100644 --- a/docs/classes/framework.BaseRequest.html +++ b/docs/classes/framework.BaseRequest.html @@ -1 +1 @@ -
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
This is a function which is a combination of createPrimaryUser and linkAccounts where the input recipeUserId is either linked to a user that it can be linked to, or is made into a primary user.
The output will be the user ID of the user that it was linked to, or it will be the same as the input recipeUserId if it was made into a primary user, or if there was no linking that happened.
-This function returns the primary user that the input recipe ID can be linked to. It can be used to determine which primary account the linking will happen to if the input recipe user ID was to be linked.
If the function returns undefined, it means that there is no primary user that the input recipe ID can be linked to, and therefore it can be made into a primary user itself.
-Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
We do not make email optional here cause we want to allow passing in primaryUserId. If we make email optional, and if the user provides a primaryUserId, then it may result in two problems:
@@ -9,4 +9,4 @@ or has wrong email compared to what the user wanted to generate a reset token for.And we want to allow primaryUserId being passed in.
-Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
This function will only verify the code (not consume it), and: NOT create a new user if it doesn't exist NOT verify the user email if it exists NOT do any linking NOT delete the code unless it returned RESTART_FLOW_ERROR
-Generated using TypeDoc
Generated using TypeDoc
Tries to validate an access token and build a Session object from it.
Notes about anti-csrf checking:
The access token extracted from the authorization header or cookies
The anti-csrf token extracted from the authorization header or cookies. Can be undefined if antiCsrfCheck is false
-Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Generated using TypeDoc
Short-hand for:
req.protocol == 'https'
-The net.Socket
object associated with the connection.
With HTTPS support, use request.socket.getPeerCertificate()
to obtain the
client's authentication details.
Calls readable.destroy()
with an AbortError
and returns a promise that fulfills when the stream is finished.
Calls readable.destroy()
with an AbortError
and returns a promise that fulfills when the stream is finished.
Check if the given type(s)
is acceptable, returning
the best match when true, otherwise undefined
, in which
case you should respond with 406 "Not Acceptable".
An "old style" readable stream
-Generated using TypeDoc