Security Updates

Bumped Rails and Rack for security purposes. Did a bundle update for other gems as well.

Security Updates/Dependency Updates

• Requires Ruby 2.7.3
• Rails updated to ~> 6.1.7.1
• Devise updated to ~> 4.8.1

Rails 6.1 Support

Refactored some code and removed deprecation warnings. OmniAuth support is not guaranteed to work with this version. A future version will fix this issue.

Password Resetting Refactor

Removed some legacy code left over from porting over from DTA. When visiting a password reset url from an email, it will now clear the refresh token cookie and there for sign the user out preventing the user from doing anything except resetting their password.

Quick config fix and some Rubocop refactoring

• Fixed the default expiration for access tokens from 1 day to 15 minutes.
• Referenced an example Rails/React proof-of-concept application to show how to use this gem.
• Applied Rubocop and fixed a lot of simple offenses.

v0.1.5

Added the functionality of removing the refresh token cookie from the client upon logout. Fixed some install generators and added support for ip address columns if the database supports them.

v0.1.4

Still working through the process of a clean install of DJA onto a Rails application. Still had some SetUserByJwtToken references. Tests were passing so not sure how these got through but they were causing an issue with a fresh install of DJA.

v0.1.3

Fixed the initializer template and updated the documentation.

v0.1.2

Some artifacts left over from the DTA port. Needed to rename some files correctly so that the test environment could be built.

Initial Commit

Before I created this repository, v0.1.0 was already released to rubygems.org. This release has modified tests to assert that access and refresh tokens are being sent in responses and some controllers needed this code so their tests could pass.