Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-04-07 23:01:25 -05:00
Code Issues Activity

release: version packages (#7100)

Browse source
This commit is contained in:
silverhand-bot 2025-03-31 16:00:12 +08:00 committed by GitHub
parent 13d04d7766
commit ac7f0bbcd5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
31 changed files with 506 additions and 195 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.changeset/bright-pans-deny.md
View file

@ -1,5 +0,0 @@
---
"@logto/connector-azuread": patch
---
add `scopes` configuration field for Microsoft Azure AD connector

13
.changeset/dull-dolphins-return.md
View file

@ -1,13 +0,0 @@
---
"@logto/core": patch
---
remove `client_id` from OIDC SSO connector's token request body for better compatibility
This updates addresses an issue with client authentication methods in the token request process. Previously, the `client_id` was included in the request body while also using the authentication header for client credentials authentication.
This dual method of client authentication can lead to errors with certain OIDC providers, such as Okta, which only support one authentication method at a time.
### Key changes
Removal of `client_id` from request body: The `client_id` parameter has been removed from the token request body. According to the [OAuth 2.0 specification](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3), `client_id` in the body is required only for public clients.

100
.changeset/hot-dodos-refuse.md
View file

@ -1,100 +0,0 @@
---
"@logto/schemas": minor
"@logto/core": minor
"@logto/console": minor
"@logto/experience": minor
---
feat: support multiple sign-up identifiers in sign-in experience
## New update
Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`.
### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers`
The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number.
To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field.
Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided.
In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers.
### Examples
1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "email",
"verify": true
},
{
"type": "phone",
"verify": true
}
],
"verify": true,
"password": true
}
```
2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "emailOrPhone",
"verify": true
}
],
"verify": true,
"password": true
}
```
3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process.
```json
{
"identifiers": ["email", "phone"],
"secondaryIdentifiers": [
{
"type": "username",
"verify": true
}
],
"verify": true,
"password": false
}
```
### Sign-in experience settings
- `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings.
- `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field.
### End-user experience
The sign-up flow is now split into two stages:
- Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen.
- Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted.
## Other refactors
We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process.
The following restrictions on sign-in and sign-up settings have been removed:
1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication.
2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods.
3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up.

11
.changeset/hungry-olives-sell.md
View file

@ -1,11 +0,0 @@
---
"@logto/core": minor
---
refactor: switch to `@logto/experience` package with latest [Experience API](https://openapi.logto.io/group/endpoint-experience)
In this release, we have transitioned the user sign-in experience from the legacy `@logto/experience-legacy` package to the latest `@logto/experience` package. This change fully adopts our new [Experience API](https://openapi.logto.io/group/endpoint-experience), enhancing the underlying architecture while maintaining the same user experience.
- Package update: The user sign-in experience now utilizes the `@logto/experience` package by default.
API Transition: The new package leverages our latest [Experience API](https://openapi.logto.io/group/endpoint-experience).
- No feature changes: Users will notice no changes in functionality or experience compared to the previous implementation.

5
.changeset/hungry-terms-smash.md
View file

@ -1,5 +0,0 @@
---
"@logto/translate": patch
---
improve openai prompt to better support i18n plural form suffixes

5
.changeset/old-lions-return.md
View file

@ -1,5 +0,0 @@
---
"@logto/console": minor
---
feat(console): add Logto WordPress plugin guide

15
.changeset/purple-waves-sit.md
View file

@ -1,15 +0,0 @@
---
"@logto/core": patch
---
remove multiple sign-in experience settings restrictions
For better customization flexibility, we have removed following restrictions in the sign-in experience "sign-in and sign-up" settings:
1. The `password` field in sign-up settings is no longer required when username is set as the sign-up identifier. Developers may request a username without requiring a password during the sign-up process.
Note: If username is the only sign-up identifier, users without a password will not be able to sign in. Developers or administrators should carefully configure the sign-up and sign-in settings to ensure a smooth user experience.
Users can still set password via [account API](https://docs.logto.io/end-user-flows/account-settings/by-account-api) after sign-up.
2. The requirement that all sign-up identifiers must also be enabled as sign-in identifiers has been removed.

10
.changeset/tame-snails-fold.md
View file

@ -1,10 +0,0 @@
---
"@logto/language-kit": patch
"@logto/translate": patch
---
make method `isLanguageTag` case-insensitive
The language tags should be case insensitive. In `phrases` and `phrases-experience` packages, the language tags are all in lowercase. However, in the language kit, the language tags are in mixed cases, such as `pt-BR` and `zh-CN`.
Therefore, some of the i18n phrases were not translated by the translate CLI tool. The fix is to update the language kit to ignore cases in `isLanguageTag` function, so that the previously mismatched language tags can be detected and translated.

7
packages/cli/CHANGELOG.md
View file

@ -1,5 +1,12 @@
# Change Log
## 1.26.0
### Patch Changes
- Updated dependencies [13d04d776]
- @logto/schemas@1.26.0
## 1.25.0
### Patch Changes

4
packages/cli/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/cli",
"version": "1.25.0",
"version": "1.26.0",
"description": "Logto CLI.",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/logto#readme",
@ -44,7 +44,7 @@
"dependencies": {
"@logto/connector-kit": "workspace:^4.2.0",
"@logto/core-kit": "workspace:^2.5.4",
"@logto/schemas": "workspace:1.25.0",
"@logto/schemas": "workspace:1.26.0",
"@logto/shared": "workspace:^3.1.4",
"@silverhand/essentials": "^2.9.1",
"@silverhand/slonik": "31.0.0-beta.2",

6
packages/connectors/connector-azuread/CHANGELOG.md
View file

@ -1,5 +1,11 @@
# @logto/connector-azuread
## 1.4.2
### Patch Changes
- 9b6dbf28e: add `scopes` configuration field for Microsoft Azure AD connector
## 1.4.1
### Patch Changes

2
packages/connectors/connector-azuread/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/connector-azuread",
"version": "1.4.1",
"version": "1.4.2",
"description": "Microsoft Azure AD connector implementation.",
"author": "Mobilist Inc. <info@mobilist.com.tr>",
"dependencies": {

98
packages/console/CHANGELOG.md
View file

@ -1,5 +1,103 @@
# Change Log
## 1.23.0
### Minor Changes
- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience
## New update
Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`.
### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers`
The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number.
To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field.
Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided.
In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers.
### Examples
1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "email",
"verify": true
},
{
"type": "phone",
"verify": true
}
],
"verify": true,
"password": true
}
```
2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "emailOrPhone",
"verify": true
}
],
"verify": true,
"password": true
}
```
3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process.
```json
{
"identifiers": ["email", "phone"],
"secondaryIdentifiers": [
{
"type": "username",
"verify": true
}
],
"verify": true,
"password": false
}
```
### Sign-in experience settings
- `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings.
- `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field.
### End-user experience
The sign-up flow is now split into two stages:
- Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen.
- Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted.
## Other refactors
We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process.
The following restrictions on sign-in and sign-up settings have been removed:
1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication.
2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods.
3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up.
- dc13cc73d: feat(console): add Logto WordPress plugin guide
## 1.22.1
### Patch Changes

6
packages/console/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/console",
"version": "1.22.1",
"version": "1.23.0",
"description": "> TODO: description",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/logto#readme",
@ -30,11 +30,11 @@
"@logto/cloud": "0.2.5-c98a257",
"@logto/connector-kit": "workspace:^4.2.0",
"@logto/core-kit": "workspace:^2.5.4",
"@logto/language-kit": "workspace:^1.1.1",
"@logto/language-kit": "workspace:^1.1.3",
"@logto/phrases": "workspace:^1.18.0",
"@logto/phrases-experience": "workspace:^1.9.1",
"@logto/react": "^4.0.4",
"@logto/schemas": "workspace:^1.25.0",
"@logto/schemas": "workspace:^1.26.0",
"@logto/shared": "workspace:^3.1.4",
"@mdx-js/react": "^3.0.1",
"@mdx-js/rollup": "^3.0.1",

137
packages/core/CHANGELOG.md
View file

@ -1,5 +1,142 @@
# Change Log
## 1.26.0
### Minor Changes
- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience
## New update
Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`.
### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers`
The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number.
To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field.
Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided.
In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers.
### Examples
1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "email",
"verify": true
},
{
"type": "phone",
"verify": true
}
],
"verify": true,
"password": true
}
```
2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "emailOrPhone",
"verify": true
}
],
"verify": true,
"password": true
}
```
3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process.
```json
{
"identifiers": ["email", "phone"],
"secondaryIdentifiers": [
{
"type": "username",
"verify": true
}
],
"verify": true,
"password": false
}
```
### Sign-in experience settings
- `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings.
- `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field.
### End-user experience
The sign-up flow is now split into two stages:
- Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen.
- Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted.
## Other refactors
We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process.
The following restrictions on sign-in and sign-up settings have been removed:
1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication.
2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods.
3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up.
- 3594e1316: refactor: switch to `@logto/experience` package with latest [Experience API](https://openapi.logto.io/group/endpoint-experience)
In this release, we have transitioned the user sign-in experience from the legacy `@logto/experience-legacy` package to the latest `@logto/experience` package. This change fully adopts our new [Experience API](https://openapi.logto.io/group/endpoint-experience), enhancing the underlying architecture while maintaining the same user experience.
- Package update: The user sign-in experience now utilizes the `@logto/experience` package by default.
API Transition: The new package leverages our latest [Experience API](https://openapi.logto.io/group/endpoint-experience).
- No feature changes: Users will notice no changes in functionality or experience compared to the previous implementation.
### Patch Changes
- 7b342f7ef: remove `client_id` from OIDC SSO connector's token request body for better compatibility
This updates addresses an issue with client authentication methods in the token request process. Previously, the `client_id` was included in the request body while also using the authentication header for client credentials authentication.
This dual method of client authentication can lead to errors with certain OIDC providers, such as Okta, which only support one authentication method at a time.
### Key changes
Removal of `client_id` from request body: The `client_id` parameter has been removed from the token request body. According to the [OAuth 2.0 specification](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3), `client_id` in the body is required only for public clients.
- eb802f4c4: remove multiple sign-in experience settings restrictions
For better customization flexibility, we have removed following restrictions in the sign-in experience "sign-in and sign-up" settings:
1. The `password` field in sign-up settings is no longer required when username is set as the sign-up identifier. Developers may request a username without requiring a password during the sign-up process.
Note: If username is the only sign-up identifier, users without a password will not be able to sign in. Developers or administrators should carefully configure the sign-up and sign-in settings to ensure a smooth user experience.
Users can still set password via [account API](https://docs.logto.io/end-user-flows/account-settings/by-account-api) after sign-up.
2. The requirement that all sign-up identifiers must also be enabled as sign-in identifiers has been removed.
- Updated dependencies [13d04d776]
- Updated dependencies [dc13cc73d]
- Updated dependencies [5da01bc47]
- @logto/schemas@1.26.0
- @logto/console@1.23.0
- @logto/experience@1.12.0
- @logto/language-kit@1.1.3
- @logto/cli@1.26.0
## 1.25.0
### Minor Changes

8
packages/core/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/core",
"version": "1.25.0",
"version": "1.26.0",
"description": "The open source identity solution.",
"main": "build/index.js",
"author": "Silverhand Inc. <contact@silverhand.io>",
@ -33,7 +33,7 @@
"@koa/cors": "^5.0.0",
"@logto/affiliate": "^0.1.0",
"@logto/app-insights": "workspace:^2.0.1",
"@logto/cli": "workspace:^1.25.0",
"@logto/cli": "workspace:^1.26.0",
"@logto/connector-kit": "workspace:^4.2.0",
"@logto/console": "workspace:*",
"@logto/core-kit": "workspace:^2.5.4",
@ -41,10 +41,10 @@
"@logto/experience": "workspace:*",
"@logto/experience-legacy": "workspace:*",
"@logto/js": "^5.0.3",
"@logto/language-kit": "workspace:^1.1.1",
"@logto/language-kit": "workspace:^1.1.3",
"@logto/phrases": "workspace:^1.18.0",
"@logto/phrases-experience": "workspace:^1.9.1",
"@logto/schemas": "workspace:^1.25.0",
"@logto/schemas": "workspace:^1.26.0",
"@logto/shared": "workspace:^3.1.4",
"@silverhand/essentials": "^2.9.1",
"@silverhand/slonik": "31.0.0-beta.2",

6
packages/create/CHANGELOG.md
View file

@ -1,5 +1,11 @@
# Change Log
## 1.26.0
### Patch Changes
- @logto/cli@1.26.0
## 1.25.0
### Patch Changes

4
packages/create/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/create",
"version": "1.25.0",
"version": "1.26.0",
"author": "Silverhand Inc. <contact@silverhand.io>",
"license": "MPL-2.0",
"type": "module",
@ -15,6 +15,6 @@
"node": "^20.9.0"
},
"dependencies": {
"@logto/cli": "workspace:^1.25.0"
"@logto/cli": "workspace:^1.26.0"
}
}

96
packages/experience/CHANGELOG.md
View file

@ -1,5 +1,101 @@
# Change Log
## 1.12.0
### Minor Changes
- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience
## New update
Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`.
### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers`
The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number.
To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field.
Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided.
In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers.
### Examples
1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "email",
"verify": true
},
{
"type": "phone",
"verify": true
}
],
"verify": true,
"password": true
}
```
2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "emailOrPhone",
"verify": true
}
],
"verify": true,
"password": true
}
```
3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process.
```json
{
"identifiers": ["email", "phone"],
"secondaryIdentifiers": [
{
"type": "username",
"verify": true
}
],
"verify": true,
"password": false
}
```
### Sign-in experience settings
- `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings.
- `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field.
### End-user experience
The sign-up flow is now split into two stages:
- Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen.
- Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted.
## Other refactors
We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process.
The following restrictions on sign-in and sign-up settings have been removed:
1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication.
2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods.
3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up.
## 1.11.2
### Patch Changes

6
packages/experience/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/experience",
"version": "1.11.2",
"version": "1.12.0",
"license": "MPL-2.0",
"type": "module",
"private": true,
@ -23,10 +23,10 @@
"@jest/types": "^29.5.0",
"@logto/connector-kit": "workspace:^4.1.1",
"@logto/core-kit": "workspace:^2.5.4",
"@logto/language-kit": "workspace:^1.1.1",
"@logto/language-kit": "workspace:^1.1.3",
"@logto/phrases": "workspace:^1.18.0",
"@logto/phrases-experience": "workspace:^1.9.1",
"@logto/schemas": "workspace:^1.24.1",
"@logto/schemas": "workspace:^1.26.0",
"@react-spring/shared": "^9.6.1",
"@react-spring/web": "^9.6.1",
"@silverhand/eslint-config": "6.0.1",

101
packages/schemas/CHANGELOG.md
View file

@ -1,5 +1,106 @@
# Change Log
## 1.26.0
### Minor Changes
- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience
## New update
Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`.
### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers`
The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number.
To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field.
Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided.
In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers.
### Examples
1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "email",
"verify": true
},
{
"type": "phone",
"verify": true
}
],
"verify": true,
"password": true
}
```
2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process.
```json
{
"identifiers": ["username"],
"secondaryIdentifiers": [
{
"type": "emailOrPhone",
"verify": true
}
],
"verify": true,
"password": true
}
```
3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process.
```json
{
"identifiers": ["email", "phone"],
"secondaryIdentifiers": [
{
"type": "username",
"verify": true
}
],
"verify": true,
"password": false
}
```
### Sign-in experience settings
- `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings.
- `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field.
### End-user experience
The sign-up flow is now split into two stages:
- Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen.
- Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted.
## Other refactors
We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process.
The following restrictions on sign-in and sign-up settings have been removed:
1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication.
2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods.
3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up.
### Patch Changes
- Updated dependencies [5da01bc47]
- @logto/language-kit@1.1.3
## 1.25.0
### Minor Changes

0
packages/schemas/alterations/next-1740982044-add-one-time-tokens-table.ts → packages/schemas/alterations/1.26.0-1740982044-add-one-time-tokens-table.ts
View file

0
packages/schemas/alterations/next-1741240284-add-captcha-policy.ts → packages/schemas/alterations/1.26.0-1741240284-add-captcha-policy.ts
View file

0
packages/schemas/alterations/next-1741318144-add-one-time-token-unique-index.ts → packages/schemas/alterations/1.26.0-1741318144-add-one-time-token-unique-index.ts
View file

0
packages/schemas/alterations/next-1741572426-add-captcha-providers.ts → packages/schemas/alterations/1.26.0-1741572426-add-captcha-providers.ts
View file

4
packages/schemas/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/schemas",
"version": "1.25.0",
"version": "1.26.0",
"author": "Silverhand Inc. <contact@silverhand.io>",
"license": "MPL-2.0",
"type": "module",
@ -80,7 +80,7 @@
"dependencies": {
"@logto/connector-kit": "workspace:^4.2.0",
"@logto/core-kit": "workspace:^2.5.4",
"@logto/language-kit": "workspace:^1.1.1",
"@logto/language-kit": "workspace:^1.1.3",
"@logto/phrases": "workspace:^1.18.0",
"@logto/phrases-experience": "workspace:^1.9.1",
"@logto/shared": "workspace:^3.1.4",

10
packages/toolkit/language-kit/CHANGELOG.md
View file

@ -1,5 +1,15 @@
# Change Log
## 1.1.3
### Patch Changes
- 5da01bc47: make method `isLanguageTag` case-insensitive
The language tags should be case insensitive. In `phrases` and `phrases-experience` packages, the language tags are all in lowercase. However, in the language kit, the language tags are in mixed cases, such as `pt-BR` and `zh-CN`.
Therefore, some of the i18n phrases were not translated by the translate CLI tool. The fix is to update the language kit to ignore cases in `isLanguageTag` function, so that the previously mismatched language tags can be detected and translated.
## 1.1.2
### Patch Changes

2
packages/toolkit/language-kit/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/language-kit",
"version": "1.1.2",
"version": "1.1.3",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/toolkit#readme",
"repository": {

14
packages/translate/CHANGELOG.md
View file

@ -1,5 +1,19 @@
# @logto/translate
## 0.1.3
### Patch Changes
- 552a36848: improve openai prompt to better support i18n plural form suffixes
- 5da01bc47: make method `isLanguageTag` case-insensitive
The language tags should be case insensitive. In `phrases` and `phrases-experience` packages, the language tags are all in lowercase. However, in the language kit, the language tags are in mixed cases, such as `pt-BR` and `zh-CN`.
Therefore, some of the i18n phrases were not translated by the translate CLI tool. The fix is to update the language kit to ignore cases in `isLanguageTag` function, so that the previously mismatched language tags can be detected and translated.
- Updated dependencies [5da01bc47]
- @logto/language-kit@1.1.3
## 0.1.2
### Patch Changes

4
packages/translate/package.json
View file

@ -1,6 +1,6 @@
{
"name": "@logto/translate",
"version": "0.1.2",
"version": "0.1.3",
"description": "A CLI tool that helps translate phrases and experience-phrases to i18n resources.",
"author": "Silverhand Inc. <contact@silverhand.io>",
"homepage": "https://github.com/logto-io/logto#readme",
@ -40,7 +40,7 @@
},
"dependencies": {
"@logto/core-kit": "workspace:^2.5.4",
"@logto/language-kit": "workspace:^1.1.2",
"@logto/language-kit": "workspace:^1.1.3",
"@logto/phrases": "workspace:^1.18.0",
"@logto/phrases-experience": "workspace:^1.9.1",
"@logto/shared": "workspace:^3.1.4",

22
pnpm-lock.yaml generated
View file

@ -115,7 +115,7 @@ importers:
specifier: workspace:^2.5.4
version: link:../toolkit/core-kit
'@logto/schemas':
specifier: workspace:1.25.0
specifier: workspace:1.26.0
version: link:../schemas
'@logto/shared':
specifier: workspace:^3.1.4
@ -3177,7 +3177,7 @@ importers:
specifier: workspace:^2.5.4
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.1.1
specifier: workspace:^1.1.3
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.18.0
@ -3189,7 +3189,7 @@ importers:
specifier: ^4.0.4
version: 4.0.4(react@18.3.1)
'@logto/schemas':
specifier: workspace:^1.25.0
specifier: workspace:^1.26.0
version: link:../schemas
'@logto/shared':
specifier: workspace:^3.1.4
@ -3471,7 +3471,7 @@ importers:
specifier: workspace:^2.0.1
version: link:../app-insights
'@logto/cli':
specifier: workspace:^1.25.0
specifier: workspace:^1.26.0
version: link:../cli
'@logto/connector-kit':
specifier: workspace:^4.2.0
@ -3495,7 +3495,7 @@ importers:
specifier: ^5.0.3
version: 5.0.3
'@logto/language-kit':
specifier: workspace:^1.1.1
specifier: workspace:^1.1.3
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.18.0
@ -3504,7 +3504,7 @@ importers:
specifier: workspace:^1.9.1
version: link:../phrases-experience
'@logto/schemas':
specifier: workspace:^1.25.0
specifier: workspace:^1.26.0
version: link:../schemas
'@logto/shared':
specifier: workspace:^3.1.4
@ -3784,7 +3784,7 @@ importers:
packages/create:
dependencies:
'@logto/cli':
specifier: workspace:^1.25.0
specifier: workspace:^1.26.0
version: link:../cli
packages/demo-app:
@ -3959,7 +3959,7 @@ importers:
specifier: workspace:^2.5.4
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.1.1
specifier: workspace:^1.1.3
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.18.0
@ -3968,7 +3968,7 @@ importers:
specifier: workspace:^1.9.1
version: link:../phrases-experience
'@logto/schemas':
specifier: workspace:^1.24.1
specifier: workspace:^1.26.0
version: link:../schemas
'@react-spring/shared':
specifier: ^9.6.1
@ -4529,7 +4529,7 @@ importers:
specifier: workspace:^2.5.4
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.1.1
specifier: workspace:^1.1.3
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.18.0
@ -4803,7 +4803,7 @@ importers:
specifier: workspace:^2.5.4
version: link:../toolkit/core-kit
'@logto/language-kit':
specifier: workspace:^1.1.2
specifier: workspace:^1.1.3
version: link:../toolkit/language-kit
'@logto/phrases':
specifier: workspace:^1.18.0