logto/packages/schemas/CHANGELOG.md

Change Log

1.0.0-rc.1

Major Changes

• c12717412: Decouple users and admins

  💥 BREAKING CHANGES 💥

  Logto was using a single port to serve both normal users and admins, as well as the web console. While we continuously maintain a high level of security, it’ll still be great to decouple these components into two separate parts to keep data isolated and provide a flexible infrastructure.

  From this version, Logto now listens to two ports by default, one for normal users (3001), and one for admins (3002).

  • Nothing changed for normal users. No adaption is needed.
  • For admin users:
    • The default Admin Console URL has been changed to http://localhost:3002/console.
    • To change the admin port, set the environment variable ADMIN_PORT. For instance, ADMIN_PORT=3456.
    • You can specify a custom endpoint for admins by setting the environment variable ADMIN_ENDPOINT. For example, ADMIN_ENDPOINT=https://admin.your-domain.com.
    • You can now completely disable admin endpoints by setting ADMIN_DISABLE_LOCALHOST=1 and leaving ADMIN_ENDPOINT unset.
    • Admin Console and admin user data are not accessible via normal user endpoints, including localhost and ENDPOINT from the environment.
    • Admin Console no longer displays audit logs of admin users. However, these logs still exist in the database, and Logto still inserts admin user logs. There is just no convenient interface to inspect them.
    • Due to the data isolation, the numbers on the dashboard may slightly decrease (admins are excluded).

  If you are upgrading from a previous version, simply run the database alteration command as usual, and we'll take care of the rest.

  Note

  DID YOU KNOW

  Under the hood, we use the powerful Postgres feature Row-Level Security to isolate admin and user data.

Patch Changes

• Updated dependencies [c12717412]
• Updated dependencies [c12717412]
• Updated dependencies [c12717412]
  • @logto/phrases@1.0.0-rc.1
  • @logto/phrases-ui@1.0.0-rc.1

1.0.0-rc.0

Major Changes

• f41fd3f0: drop settings table and add systems table

  BREAKING CHANGES

  • core: removed GET /settings and PATCH /settings API
  • core: added GET /configs/admin-console and PATCH /configs/admin-console API
    • /configs/* APIs are config/key-specific now. they may have different logic per key
  • cli: change valid logto db config keys by removing alterationState and adding adminConsole since:
    • OIDC configs and admin console configs are tenant-level configs (the concept of "tenant" can be ignored until we officially announce it)
    • alteration state is still a system-wide config

Minor Changes

• f41fd3f0: Replace passcode naming convention in the interaction APIs and main flow ui with verificationCode.
• f41fd3f0: Replace the sms naming convention using phone cross logto codebase. Including Sign-in Experience types, API paths, API payload and internal variable names.

1.0.0-beta.18

Patch Changes

• df9e98dc: Fix version lifecycle script

1.0.0-beta.17

Major Changes

• 1c916011: Packages are now ESM.

Minor Changes

• 1c916011: ### Features

  • Enhanced user search params #2639
  • Web hooks

  Improvements

  • Refactored Interaction APIs and Audit logs

Patch Changes

• Updated dependencies [1c916011]
• Updated dependencies [1c916011]
  • @logto/phrases@1.0.0-beta.17
  • @logto/phrases-ui@1.0.0-beta.17

1.0.0-beta.16

Patch Changes

• 38970fb8: Fix a Sign-in experience bug that may block some users to sign in.
• Updated dependencies [38970fb8]
  • @logto/phrases@1.0.0-beta.16

1.0.0-beta.15

Patch Changes

• Bump connector kit version to fix "Continue" issues on sending email/sms.

1.0.0-beta.14

Patch Changes

• 2d45cc3e: Update alteration script names after versioning

1.0.0-beta.13

Patch Changes

• Updated dependencies [68f2d56a]
  • @logto/phrases@1.0.0-beta.13
  • @logto/phrases-ui@1.0.0-beta.13

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

1.0.0-beta.12 (2022-10-19)

Bug Fixes

• add tables to schemas files (582f3d6)
• handle versioning when no next-*.ts found (#2202) (61336df)
• make packages public (e24fd04)

1.0.0-beta.11 (2022-10-19)

Features

• cli: db alteration deploy command (a5280a2)
• cli: db seed oidc command (911117a)
• cli: get/set db config key (0eff1e3)

Bug Fixes

• add redirectURI validation on frontend & backend (#1874) (4b0970b)
• alteration script in dev (9ebb3dd)

1.0.0-beta.10 (2022-09-28)

Features

• core,schemas: add phrases schema and GET /custom-phrases/:languageKey route (#1905) (7242aa8)
• core,schemas: migration deploy cli (#1966) (7cc2f4d)
• core,schemas: use timestamp to version migrations (bb4bfd3)
• core: add POST /session/forgot-password/{email,sms}/send-passcode (#1963) (af2600d)
• core: add POST /session/forgot-password/{email,sms}/verify-passcode (#1968) (1ea39f3)
• core: add POST /session/forgot-password/reset (#1972) (acdc86c)
• core: machine to machine apps (cd9c697)
• schemas: add logto configs table (#1940) (577ca48)

Bug Fixes

• bump react sdk and essentials toolkit to support CJK characters in idToken (2f92b43)
• core,schemas: move alteration types into schemas src (#2005) (10c1be6)

1.0.0-beta.9 (2022-09-07)

Note: Version bump only for package @logto/schemas

1.0.0-beta.8 (2022-09-01)

Note: Version bump only for package @logto/schemas

1.0.0-beta.6 (2022-08-30)

Note: Version bump only for package @logto/schemas

1.0.0-beta.5 (2022-08-19)

Note: Version bump only for package @logto/schemas

1.0.0-beta.4 (2022-08-11)

Features

• core,schemas: add application secret (#1715) (543ee04)
• schemas: guard string max length (#1737) (cdf210d)

1.0.0-beta.3 (2022-08-01)

Note: Version bump only for package @logto/schemas

1.0.0-beta.2 (2022-07-25)

Note: Version bump only for package @logto/schemas

1.0.0-beta.1 (2022-07-19)

Features

• core: add response guard (#1542) (6c39790)

1.0.0-beta.0 (2022-07-14)

Note: Version bump only for package @logto/schemas

1.0.0-alpha.4 (2022-07-08)

Features

• expose zod error (#1474) (81b63f0)

1.0.0-alpha.3 (2022-07-07)

Note: Version bump only for package @logto/schemas

1.0.0-alpha.2 (2022-07-07)

Bug Fixes

• ui: dark mode seed (#1426) (be73dbf)

1.0.0-alpha.1 (2022-07-05)

Note: Version bump only for package @logto/schemas

1.0.0-alpha.0 (2022-07-04)

Note: Version bump only for package @logto/schemas

0.1.2-alpha.5 (2022-07-03)

Note: Version bump only for package @logto/schemas

0.1.2-alpha.4 (2022-07-03)

Note: Version bump only for package @logto/schemas

0.1.2-alpha.3 (2022-07-03)

Note: Version bump only for package @logto/schemas

0.1.2-alpha.2 (2022-07-02)

Note: Version bump only for package @logto/schemas

0.1.2-alpha.1 (2022-07-02)

Note: Version bump only for package @logto/schemas

0.1.2-alpha.0 (2022-07-02)

Note: Version bump only for package @logto/schemas

0.1.1-alpha.0 (2022-07-01)

Features

• console,ui: generate dark mode color in console (#1231) (f72b21d)
• console: add application column in user management (#728) (a035587)
• console: add column lastSignIn in user management (#679) (a0b4b98)
• console: audit log table (#1000) (fdd12de)
• console: configure cors-allowed-origins (#695) (4a0577a)
• console: dark logo (#860) (664a218)
• console: hide get-started page on clicking 'Hide this' button (7fd42fd)
• console: integrate dark mode settings (a04f818)
• console: log details page (#1064) (0421195)
• console: sie form reorg (#1218) (2c41334)
• console: sign in exp guide (#755) (bafd094)
• console: support persisting get-started progress in settings config (43b2309)
• core,console: social connector targets (#851) (127664a)
• core,schemas: koaLogSession middleware (#767) (4e60446)
• core,schemas: log IP and user agent (#682) (0ecb7e4)
• core,schemas: log token exchange success (#809) (3b048a8)
• core,schemas: save application id that the user first consented (#688) (4521c3c)
• core: add experience configs (#745) (08904b8)
• core: add role table seed (#1145) (837ad52)
• core: add sign-in-mode (#1132) (f640dad)
• core: grantRevokedListener for logging revocation of access and refresh token (#900) (e5196fc)
• core: log error body (#1065) (2ba1121)
• core: log sending passcode with connector id (#824) (82c7138)
• core: update connector db schema (#732) (8e1533a)
• demo-app: implementation (#982) (7f4f4f8)
• demo-app: implementation (3/3) (#1021) (91e2f05)
• demo-app: show notification in main flow (#1038) (90ca76e)
• remove target, platform from connector schema and add id to metadata (#930) (054b0f7)
• schemas: create log indices on application id and user id (#933) (bf6e08c)
• schemas: make users.avatar URL length 2048 (#1141) (3ac01d7)
• update field check rules (#854) (85a407c)
• use user level custom data to save preferences (#1045) (f2b44b4)

Bug Fixes

• lint:report script (#730) (3b17324)
• console: align usage of customizeSignInExperience (#837) (808a676)
• console: update terms of use (#1122) (9262a6f)
• delete custom domain (#737) (8a48fb6)
• schemas: remove user foreign key on application id (#964) (9d8ef76)