feat(auth): add abuse protection for login and OIDC flows with consent-based authorization handling
This commit is contained in:
@@ -1,5 +1,14 @@
|
||||
# Changelog
|
||||
|
||||
## 2026-04-20 - 1.20.0 - feat(auth)
|
||||
add abuse protection for login and OIDC flows with consent-based authorization handling
|
||||
|
||||
- introduces AbuseProtectionManager and AbuseWindow storage to rate limit password login, magic link, password reset, and OIDC token exchange attempts
|
||||
- adds housekeeping cleanup for expired abuse protection windows
|
||||
- adds typed OIDC prepare/complete authorization requests plus consent evaluation and redirect URL generation
|
||||
- updates the login prompt to support OIDC authorization continuation after user login or consent
|
||||
- includes tests for abuse protection behavior and OIDC authorization preparation/completion flows
|
||||
|
||||
## 2026-04-20 - 1.19.1 - fix(ts_interfaces)
|
||||
rename generated TypeScript interface files to remove the loint-reception prefix
|
||||
|
||||
|
||||
Reference in New Issue
Block a user