4.5.1

Fixes

Removed deprecation usage.

4.5.0

Improvements

• Added caching capability to PrimaryKeySession authenticator.

When using this caching layer to avoid expensive DB lookups, make sure to manually invalidate that cache every time a user's (session related) data changes using SessionCache wrapper object.

• Improved ForbiddenCakeRedirectHandler to not redirect for extension routed URLs - those non-HTTP (e.g. JSON/XML/CSV) requests should never redirect and directly respond in the same format.

• Refactored AuthPanel. It now includes the identity for quick lookup, as well the authenticator responsible for the log in.

4.4.1

Fixes

Relaxed return type for identity() to also support non-Entity types, e.g. array Identity content.
ArrayAccess is only supported, though, if together with Traversable or Countable.

4.4.0

Improvements

• Added PrimaryKeySessionAuthenticator until a native adaption becomes available.
• Added ForbiddenCakeRedirect with an unauthorizedMessage to be set as error flash message.
• Provide AuthUser::identity() convenience method to access the entity directly, as AuthUser::user() returns array for BC reasons

4.3.1

Improvements

• More improvements for Authorization plugin support.
• ForbiddenRedirect handler for more convenient redirect incl flash message

4.3.0

Improvements

Better Auth plugins support:
If you are using Authentication plugin, this now seamlessly works together with it.
You can use the central INI files to control allowed controller actions.
The Auth panel works just as well, also the AuthUser component and helper.

4.2.1

Fixes

• Removed more deprecations

4.2.0

Improvements

• Compatibility with CakePHP 5.1+
  Make sure to check your _cake_model_ cache as this one is supposed to be used moving forward.

Fixes

• Fixed up deprecation notices
• Don't reload component for DebugKit panel, if already loaded

4.1.0

Improvements

Add any role to any command and action:

bin/cake tiny_auth_add {Controller} {Action} {roles, comma separated}

It will skip if the roles are already present for this controller and action.

Use with -d -v to just output the changes it would do to your ACL INI file.

4.0.1

Fixed

Fixed role reading/detection for role as backed enum.

The following would now work for a string field:

namespace App\Model\Enum;

use Cake\Database\Type\EnumLabelInterface;
use Cake\Utility\Inflector;

enum UserRole: string implements EnumLabelInterface {

    case MAINTAINER = 'maintainer';
    case ADMIN = 'admin';

    /**
     * @return string
     */
    public function label(): string {
        return Inflector::humanize(mb_strtolower($this->name));
    }

}