v1.1: Sessions
This release introduces server-side sessions as an alternative to the previous approach of just issuing JWTs, and a bunch of smaller improvements and bug fixes.
- New config options
session:
server_side:
enabled: true
limit: 5
- Sessions are stored in the DB, the JWT contains the session ID
- New
/sessions
endpoint to verify the JWT (instead of retrieving the JWKS and verifying the JWT yourself) - Remote session revocation
- Sessions list in
<hanko-profile>
What's Changed
- fix: chinese email template corrected by @bjoern-m in #1627
- fix(admin-api): return webauthn transports in users endpoints by @lfleischmann in #1652
- feat(admin-api): get users by multiple ids by @lfleischmann in #1653
- chore(webhooks): update webhook.go by @eltociear in #1666
- fix: password update, password service transaction handling by @lfleischmann in #1669
- ci: fix schema and markdown generation workflows by @lfleischmann in #1603
- Server side sessions by @FreddyDevelop in #1673
- chore: update versions to 1.1.0 by @FreddyDevelop in #1748
- chore: autogenerate config JSON schema by @FreddyDevelop in #1754
Full Changelog: backend/v1.0.3...backend/v1.1.0