diff --git a/.changeset/bright-pans-deny.md b/.changeset/bright-pans-deny.md deleted file mode 100644 index eef0be97a2f..00000000000 --- a/.changeset/bright-pans-deny.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/connector-azuread": patch ---- - -add `scopes` configuration field for Microsoft Azure AD connector diff --git a/.changeset/dull-dolphins-return.md b/.changeset/dull-dolphins-return.md deleted file mode 100644 index fef769a2d20..00000000000 --- a/.changeset/dull-dolphins-return.md +++ /dev/null @@ -1,13 +0,0 @@ ---- -"@logto/core": patch ---- - -remove `client_id` from OIDC SSO connector's token request body for better compatibility - -This updates addresses an issue with client authentication methods in the token request process. Previously, the `client_id` was included in the request body while also using the authentication header for client credentials authentication. - -This dual method of client authentication can lead to errors with certain OIDC providers, such as Okta, which only support one authentication method at a time. - -### Key changes - -Removal of `client_id` from request body: The `client_id` parameter has been removed from the token request body. According to the [OAuth 2.0 specification](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3), `client_id` in the body is required only for public clients. diff --git a/.changeset/hot-dodos-refuse.md b/.changeset/hot-dodos-refuse.md deleted file mode 100644 index 246e392e783..00000000000 --- a/.changeset/hot-dodos-refuse.md +++ /dev/null @@ -1,100 +0,0 @@ ---- -"@logto/schemas": minor -"@logto/core": minor -"@logto/console": minor -"@logto/experience": minor ---- - -feat: support multiple sign-up identifiers in sign-in experience - -## New update - -Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`. - -### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers` - -The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number. - -To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field. - -Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided. - -In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers. - -### Examples - -1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process. - -```json -{ - "identifiers": ["username"], - "secondaryIdentifiers": [ - { - "type": "email", - "verify": true - }, - { - "type": "phone", - "verify": true - } - ], - "verify": true, - "password": true -} -``` - -2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process. - -```json -{ - "identifiers": ["username"], - "secondaryIdentifiers": [ - { - "type": "emailOrPhone", - "verify": true - } - ], - "verify": true, - "password": true -} -``` - -3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process. - -```json -{ - "identifiers": ["email", "phone"], - "secondaryIdentifiers": [ - { - "type": "username", - "verify": true - } - ], - "verify": true, - "password": false -} -``` - -### Sign-in experience settings - -- `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings. -- `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field. - -### End-user experience - -The sign-up flow is now split into two stages: - -- Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen. -- Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted. - -## Other refactors - -We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process. - -The following restrictions on sign-in and sign-up settings have been removed: - -1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication. - -2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods. - -3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up. diff --git a/.changeset/hungry-olives-sell.md b/.changeset/hungry-olives-sell.md deleted file mode 100644 index 50414c47775..00000000000 --- a/.changeset/hungry-olives-sell.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -"@logto/core": minor ---- - -refactor: switch to `@logto/experience` package with latest [Experience API](https://openapi.logto.io/group/endpoint-experience) - -In this release, we have transitioned the user sign-in experience from the legacy `@logto/experience-legacy` package to the latest `@logto/experience` package. This change fully adopts our new [Experience API](https://openapi.logto.io/group/endpoint-experience), enhancing the underlying architecture while maintaining the same user experience. - -- Package update: The user sign-in experience now utilizes the `@logto/experience` package by default. - API Transition: The new package leverages our latest [Experience API](https://openapi.logto.io/group/endpoint-experience). -- No feature changes: Users will notice no changes in functionality or experience compared to the previous implementation. diff --git a/.changeset/hungry-terms-smash.md b/.changeset/hungry-terms-smash.md deleted file mode 100644 index 4ac10487f39..00000000000 --- a/.changeset/hungry-terms-smash.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/translate": patch ---- - -improve openai prompt to better support i18n plural form suffixes diff --git a/.changeset/old-lions-return.md b/.changeset/old-lions-return.md deleted file mode 100644 index 64c87767e3d..00000000000 --- a/.changeset/old-lions-return.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@logto/console": minor ---- - -feat(console): add Logto WordPress plugin guide diff --git a/.changeset/purple-waves-sit.md b/.changeset/purple-waves-sit.md deleted file mode 100644 index 16ceb54a111..00000000000 --- a/.changeset/purple-waves-sit.md +++ /dev/null @@ -1,15 +0,0 @@ ---- -"@logto/core": patch ---- - -remove multiple sign-in experience settings restrictions - -For better customization flexibility, we have removed following restrictions in the sign-in experience "sign-in and sign-up" settings: - -1. The `password` field in sign-up settings is no longer required when username is set as the sign-up identifier. Developers may request a username without requiring a password during the sign-up process. - -Note: If username is the only sign-up identifier, users without a password will not be able to sign in. Developers or administrators should carefully configure the sign-up and sign-in settings to ensure a smooth user experience. - -Users can still set password via [account API](https://docs.logto.io/end-user-flows/account-settings/by-account-api) after sign-up. - -2. The requirement that all sign-up identifiers must also be enabled as sign-in identifiers has been removed. diff --git a/.changeset/tame-snails-fold.md b/.changeset/tame-snails-fold.md deleted file mode 100644 index 7c634f2d38b..00000000000 --- a/.changeset/tame-snails-fold.md +++ /dev/null @@ -1,10 +0,0 @@ ---- -"@logto/language-kit": patch -"@logto/translate": patch ---- - -make method `isLanguageTag` case-insensitive - -The language tags should be case insensitive. In `phrases` and `phrases-experience` packages, the language tags are all in lowercase. However, in the language kit, the language tags are in mixed cases, such as `pt-BR` and `zh-CN`. - -Therefore, some of the i18n phrases were not translated by the translate CLI tool. The fix is to update the language kit to ignore cases in `isLanguageTag` function, so that the previously mismatched language tags can be detected and translated. diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md index 602dcde6412..b27cc5eec69 100644 --- a/packages/cli/CHANGELOG.md +++ b/packages/cli/CHANGELOG.md @@ -1,5 +1,12 @@ # Change Log +## 1.26.0 + +### Patch Changes + +- Updated dependencies [13d04d776] + - @logto/schemas@1.26.0 + ## 1.25.0 ### Patch Changes diff --git a/packages/cli/package.json b/packages/cli/package.json index e9389c889fc..a351831277b 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@logto/cli", - "version": "1.25.0", + "version": "1.26.0", "description": "Logto CLI.", "author": "Silverhand Inc. ", "homepage": "https://github.com/logto-io/logto#readme", @@ -44,7 +44,7 @@ "dependencies": { "@logto/connector-kit": "workspace:^4.2.0", "@logto/core-kit": "workspace:^2.5.4", - "@logto/schemas": "workspace:1.25.0", + "@logto/schemas": "workspace:1.26.0", "@logto/shared": "workspace:^3.1.4", "@silverhand/essentials": "^2.9.1", "@silverhand/slonik": "31.0.0-beta.2", diff --git a/packages/connectors/connector-azuread/CHANGELOG.md b/packages/connectors/connector-azuread/CHANGELOG.md index 715a0780d76..cde4abf7eb9 100644 --- a/packages/connectors/connector-azuread/CHANGELOG.md +++ b/packages/connectors/connector-azuread/CHANGELOG.md @@ -1,5 +1,11 @@ # @logto/connector-azuread +## 1.4.2 + +### Patch Changes + +- 9b6dbf28e: add `scopes` configuration field for Microsoft Azure AD connector + ## 1.4.1 ### Patch Changes diff --git a/packages/connectors/connector-azuread/package.json b/packages/connectors/connector-azuread/package.json index 88513405407..81d3dcaa0d3 100644 --- a/packages/connectors/connector-azuread/package.json +++ b/packages/connectors/connector-azuread/package.json @@ -1,6 +1,6 @@ { "name": "@logto/connector-azuread", - "version": "1.4.1", + "version": "1.4.2", "description": "Microsoft Azure AD connector implementation.", "author": "Mobilist Inc. ", "dependencies": { diff --git a/packages/console/CHANGELOG.md b/packages/console/CHANGELOG.md index a1e14b6de28..55bd14bf76f 100644 --- a/packages/console/CHANGELOG.md +++ b/packages/console/CHANGELOG.md @@ -1,5 +1,103 @@ # Change Log +## 1.23.0 + +### Minor Changes + +- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience + + ## New update + + Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`. + + ### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers` + + The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number. + + To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field. + + Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided. + + In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers. + + ### Examples + + 1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "email", + "verify": true + }, + { + "type": "phone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "emailOrPhone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process. + + ```json + { + "identifiers": ["email", "phone"], + "secondaryIdentifiers": [ + { + "type": "username", + "verify": true + } + ], + "verify": true, + "password": false + } + ``` + + ### Sign-in experience settings + + - `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings. + - `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field. + + ### End-user experience + + The sign-up flow is now split into two stages: + + - Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen. + - Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted. + + ## Other refactors + + We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process. + + The following restrictions on sign-in and sign-up settings have been removed: + + 1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication. + 2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods. + 3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up. + +- dc13cc73d: feat(console): add Logto WordPress plugin guide + ## 1.22.1 ### Patch Changes diff --git a/packages/console/package.json b/packages/console/package.json index 10b1f3c8465..c468c588e3a 100644 --- a/packages/console/package.json +++ b/packages/console/package.json @@ -1,6 +1,6 @@ { "name": "@logto/console", - "version": "1.22.1", + "version": "1.23.0", "description": "> TODO: description", "author": "Silverhand Inc. ", "homepage": "https://github.com/logto-io/logto#readme", @@ -30,11 +30,11 @@ "@logto/cloud": "0.2.5-c98a257", "@logto/connector-kit": "workspace:^4.2.0", "@logto/core-kit": "workspace:^2.5.4", - "@logto/language-kit": "workspace:^1.1.1", + "@logto/language-kit": "workspace:^1.1.3", "@logto/phrases": "workspace:^1.18.0", "@logto/phrases-experience": "workspace:^1.9.1", "@logto/react": "^4.0.4", - "@logto/schemas": "workspace:^1.25.0", + "@logto/schemas": "workspace:^1.26.0", "@logto/shared": "workspace:^3.1.4", "@mdx-js/react": "^3.0.1", "@mdx-js/rollup": "^3.0.1", diff --git a/packages/core/CHANGELOG.md b/packages/core/CHANGELOG.md index 31c77f1a932..da0ac1c59d3 100644 --- a/packages/core/CHANGELOG.md +++ b/packages/core/CHANGELOG.md @@ -1,5 +1,142 @@ # Change Log +## 1.26.0 + +### Minor Changes + +- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience + + ## New update + + Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`. + + ### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers` + + The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number. + + To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field. + + Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided. + + In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers. + + ### Examples + + 1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "email", + "verify": true + }, + { + "type": "phone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "emailOrPhone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process. + + ```json + { + "identifiers": ["email", "phone"], + "secondaryIdentifiers": [ + { + "type": "username", + "verify": true + } + ], + "verify": true, + "password": false + } + ``` + + ### Sign-in experience settings + + - `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings. + - `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field. + + ### End-user experience + + The sign-up flow is now split into two stages: + + - Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen. + - Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted. + + ## Other refactors + + We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process. + + The following restrictions on sign-in and sign-up settings have been removed: + + 1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication. + 2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods. + 3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up. + +- 3594e1316: refactor: switch to `@logto/experience` package with latest [Experience API](https://openapi.logto.io/group/endpoint-experience) + + In this release, we have transitioned the user sign-in experience from the legacy `@logto/experience-legacy` package to the latest `@logto/experience` package. This change fully adopts our new [Experience API](https://openapi.logto.io/group/endpoint-experience), enhancing the underlying architecture while maintaining the same user experience. + + - Package update: The user sign-in experience now utilizes the `@logto/experience` package by default. + API Transition: The new package leverages our latest [Experience API](https://openapi.logto.io/group/endpoint-experience). + - No feature changes: Users will notice no changes in functionality or experience compared to the previous implementation. + +### Patch Changes + +- 7b342f7ef: remove `client_id` from OIDC SSO connector's token request body for better compatibility + + This updates addresses an issue with client authentication methods in the token request process. Previously, the `client_id` was included in the request body while also using the authentication header for client credentials authentication. + + This dual method of client authentication can lead to errors with certain OIDC providers, such as Okta, which only support one authentication method at a time. + + ### Key changes + + Removal of `client_id` from request body: The `client_id` parameter has been removed from the token request body. According to the [OAuth 2.0 specification](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3), `client_id` in the body is required only for public clients. + +- eb802f4c4: remove multiple sign-in experience settings restrictions + + For better customization flexibility, we have removed following restrictions in the sign-in experience "sign-in and sign-up" settings: + + 1. The `password` field in sign-up settings is no longer required when username is set as the sign-up identifier. Developers may request a username without requiring a password during the sign-up process. + + Note: If username is the only sign-up identifier, users without a password will not be able to sign in. Developers or administrators should carefully configure the sign-up and sign-in settings to ensure a smooth user experience. + + Users can still set password via [account API](https://docs.logto.io/end-user-flows/account-settings/by-account-api) after sign-up. + + 2. The requirement that all sign-up identifiers must also be enabled as sign-in identifiers has been removed. + +- Updated dependencies [13d04d776] +- Updated dependencies [dc13cc73d] +- Updated dependencies [5da01bc47] + - @logto/schemas@1.26.0 + - @logto/console@1.23.0 + - @logto/experience@1.12.0 + - @logto/language-kit@1.1.3 + - @logto/cli@1.26.0 + ## 1.25.0 ### Minor Changes diff --git a/packages/core/package.json b/packages/core/package.json index 1e7d7357e0b..9bca62ad4db 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -1,6 +1,6 @@ { "name": "@logto/core", - "version": "1.25.0", + "version": "1.26.0", "description": "The open source identity solution.", "main": "build/index.js", "author": "Silverhand Inc. ", @@ -33,7 +33,7 @@ "@koa/cors": "^5.0.0", "@logto/affiliate": "^0.1.0", "@logto/app-insights": "workspace:^2.0.1", - "@logto/cli": "workspace:^1.25.0", + "@logto/cli": "workspace:^1.26.0", "@logto/connector-kit": "workspace:^4.2.0", "@logto/console": "workspace:*", "@logto/core-kit": "workspace:^2.5.4", @@ -41,10 +41,10 @@ "@logto/experience": "workspace:*", "@logto/experience-legacy": "workspace:*", "@logto/js": "^5.0.3", - "@logto/language-kit": "workspace:^1.1.1", + "@logto/language-kit": "workspace:^1.1.3", "@logto/phrases": "workspace:^1.18.0", "@logto/phrases-experience": "workspace:^1.9.1", - "@logto/schemas": "workspace:^1.25.0", + "@logto/schemas": "workspace:^1.26.0", "@logto/shared": "workspace:^3.1.4", "@silverhand/essentials": "^2.9.1", "@silverhand/slonik": "31.0.0-beta.2", diff --git a/packages/create/CHANGELOG.md b/packages/create/CHANGELOG.md index fe72485209e..b0ab6d009e3 100644 --- a/packages/create/CHANGELOG.md +++ b/packages/create/CHANGELOG.md @@ -1,5 +1,11 @@ # Change Log +## 1.26.0 + +### Patch Changes + +- @logto/cli@1.26.0 + ## 1.25.0 ### Patch Changes diff --git a/packages/create/package.json b/packages/create/package.json index 82088a30ace..b95095ddfc1 100644 --- a/packages/create/package.json +++ b/packages/create/package.json @@ -1,6 +1,6 @@ { "name": "@logto/create", - "version": "1.25.0", + "version": "1.26.0", "author": "Silverhand Inc. ", "license": "MPL-2.0", "type": "module", @@ -15,6 +15,6 @@ "node": "^20.9.0" }, "dependencies": { - "@logto/cli": "workspace:^1.25.0" + "@logto/cli": "workspace:^1.26.0" } } diff --git a/packages/experience/CHANGELOG.md b/packages/experience/CHANGELOG.md index 2575535489c..37ac3e9fd18 100644 --- a/packages/experience/CHANGELOG.md +++ b/packages/experience/CHANGELOG.md @@ -1,5 +1,101 @@ # Change Log +## 1.12.0 + +### Minor Changes + +- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience + + ## New update + + Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`. + + ### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers` + + The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number. + + To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field. + + Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided. + + In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers. + + ### Examples + + 1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "email", + "verify": true + }, + { + "type": "phone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "emailOrPhone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process. + + ```json + { + "identifiers": ["email", "phone"], + "secondaryIdentifiers": [ + { + "type": "username", + "verify": true + } + ], + "verify": true, + "password": false + } + ``` + + ### Sign-in experience settings + + - `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings. + - `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field. + + ### End-user experience + + The sign-up flow is now split into two stages: + + - Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen. + - Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted. + + ## Other refactors + + We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process. + + The following restrictions on sign-in and sign-up settings have been removed: + + 1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication. + 2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods. + 3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up. + ## 1.11.2 ### Patch Changes diff --git a/packages/experience/package.json b/packages/experience/package.json index 9476f79b51f..4c60e2ef72f 100644 --- a/packages/experience/package.json +++ b/packages/experience/package.json @@ -1,6 +1,6 @@ { "name": "@logto/experience", - "version": "1.11.2", + "version": "1.12.0", "license": "MPL-2.0", "type": "module", "private": true, @@ -23,10 +23,10 @@ "@jest/types": "^29.5.0", "@logto/connector-kit": "workspace:^4.1.1", "@logto/core-kit": "workspace:^2.5.4", - "@logto/language-kit": "workspace:^1.1.1", + "@logto/language-kit": "workspace:^1.1.3", "@logto/phrases": "workspace:^1.18.0", "@logto/phrases-experience": "workspace:^1.9.1", - "@logto/schemas": "workspace:^1.24.1", + "@logto/schemas": "workspace:^1.26.0", "@react-spring/shared": "^9.6.1", "@react-spring/web": "^9.6.1", "@silverhand/eslint-config": "6.0.1", diff --git a/packages/schemas/CHANGELOG.md b/packages/schemas/CHANGELOG.md index f510ec091d5..ab92e4ce617 100644 --- a/packages/schemas/CHANGELOG.md +++ b/packages/schemas/CHANGELOG.md @@ -1,5 +1,106 @@ # Change Log +## 1.26.0 + +### Minor Changes + +- 13d04d776: feat: support multiple sign-up identifiers in sign-in experience + + ## New update + + Introduces a new optional field, `secondaryIdentifiers`, to the sign-in experience sign-up settings. This enhancement allows developers to specify multiple required user identifiers during the user sign-up process. Available options include `email`, `phone`, `username` and `emailOrPhone`. + + ### Explanation of the difference between `signUp.identifiers` and new `signUp.secondaryIdentifiers` + + The existing `signUp.identifiers` field represents the sign-up identifiers enabled for user sign-up and is an array type. In this legacy setup, if multiple identifiers are provided, users can complete the sign-up process using any one of them. The only multi-value case allowed is `[email, phone]`, which signifies that users can provide either an email or a phone number. + + To enhance flexibility and support multiple required sign-up identifiers, the existing `signUp.identifiers` field does not suffice. To maintain backward compatibility with existing data, we have introduced this new `secondaryIdentifiers` field. + + Unlike the `signUp.identifiers` field, the `signUp.secondaryIdentifiers` array follows an `AND` logic, meaning that all elements listed in this field are required during the sign-up process, in addition to the primary identifiers. This new field also accommodates the `emailOrPhone` case by defining an exclusive `emailOrPhone` value type, which indicates that either a phone number or an email address must be provided. + + In summary, while `identifiers` allows for optional selection among email and phone, `secondaryIdentifiers` enforces mandatory inclusion of all specified identifiers. + + ### Examples + + 1. `username` as the primary identifier. In addition, user will be required to provide a verified `email` and `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "email", + "verify": true + }, + { + "type": "phone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 2. `username` as the primary identifier. In addition, user will be required to provide either a verified `email` or `phone number` during the sign-up process. + + ```json + { + "identifiers": ["username"], + "secondaryIdentifiers": [ + { + "type": "emailOrPhone", + "verify": true + } + ], + "verify": true, + "password": true + } + ``` + + 3. `email` or `phone number` as the primary identifier. In addition, user will be required to provide a `username` during the sign-up process. + + ```json + { + "identifiers": ["email", "phone"], + "secondaryIdentifiers": [ + { + "type": "username", + "verify": true + } + ], + "verify": true, + "password": false + } + ``` + + ### Sign-in experience settings + + - `@logto/core`: Update the `/api/sign-in-experience` endpoint to support the new `secondaryIdentifiers` field in the sign-up settings. + - `@logto/console`: Replace the sign-up identifier single selector with a multi-selector to support multiple sign-up identifiers. The order of the identifiers can be rearranged by dragging and dropping the items in the list. The first item in the list will be considered the primary identifier and stored in the `signUp.identifiers` field, while the rest will be stored in the `signUp.secondaryIdentifiers` field. + + ### End-user experience + + The sign-up flow is now split into two stages: + + - Primary identifiers (`signUp.identifiers`) are collected in the first-screen registration screen. + - Secondary identifiers (`signUp.secondaryIdentifiers`) are requested in subsequent steps after the primary registration has been submitted. + + ## Other refactors + + We have fully decoupled the sign-up identifier settings from the sign-in methods. Developers can now require as many user identifiers as needed during the sign-up process without impacting the sign-in process. + + The following restrictions on sign-in and sign-up settings have been removed: + + 1. Password requirement is now optional when `username` is configured as a sign-up identifier. However, users without passwords cannot sign in using username authentication. + 2. Removed the constraint requiring sign-up identifiers to be enabled as sign-in methods. + 3. Removed the requirement for password verification across all sign-in methods when password is enabled for sign-up. + +### Patch Changes + +- Updated dependencies [5da01bc47] + - @logto/language-kit@1.1.3 + ## 1.25.0 ### Minor Changes diff --git a/packages/schemas/alterations/next-1740982044-add-one-time-tokens-table.ts b/packages/schemas/alterations/1.26.0-1740982044-add-one-time-tokens-table.ts similarity index 100% rename from packages/schemas/alterations/next-1740982044-add-one-time-tokens-table.ts rename to packages/schemas/alterations/1.26.0-1740982044-add-one-time-tokens-table.ts diff --git a/packages/schemas/alterations/next-1741240284-add-captcha-policy.ts b/packages/schemas/alterations/1.26.0-1741240284-add-captcha-policy.ts similarity index 100% rename from packages/schemas/alterations/next-1741240284-add-captcha-policy.ts rename to packages/schemas/alterations/1.26.0-1741240284-add-captcha-policy.ts diff --git a/packages/schemas/alterations/next-1741318144-add-one-time-token-unique-index.ts b/packages/schemas/alterations/1.26.0-1741318144-add-one-time-token-unique-index.ts similarity index 100% rename from packages/schemas/alterations/next-1741318144-add-one-time-token-unique-index.ts rename to packages/schemas/alterations/1.26.0-1741318144-add-one-time-token-unique-index.ts diff --git a/packages/schemas/alterations/next-1741572426-add-captcha-providers.ts b/packages/schemas/alterations/1.26.0-1741572426-add-captcha-providers.ts similarity index 100% rename from packages/schemas/alterations/next-1741572426-add-captcha-providers.ts rename to packages/schemas/alterations/1.26.0-1741572426-add-captcha-providers.ts diff --git a/packages/schemas/package.json b/packages/schemas/package.json index fc958198e8f..9914970356d 100644 --- a/packages/schemas/package.json +++ b/packages/schemas/package.json @@ -1,6 +1,6 @@ { "name": "@logto/schemas", - "version": "1.25.0", + "version": "1.26.0", "author": "Silverhand Inc. ", "license": "MPL-2.0", "type": "module", @@ -80,7 +80,7 @@ "dependencies": { "@logto/connector-kit": "workspace:^4.2.0", "@logto/core-kit": "workspace:^2.5.4", - "@logto/language-kit": "workspace:^1.1.1", + "@logto/language-kit": "workspace:^1.1.3", "@logto/phrases": "workspace:^1.18.0", "@logto/phrases-experience": "workspace:^1.9.1", "@logto/shared": "workspace:^3.1.4", diff --git a/packages/toolkit/language-kit/CHANGELOG.md b/packages/toolkit/language-kit/CHANGELOG.md index 14b19c36f3a..a9532be4cfa 100644 --- a/packages/toolkit/language-kit/CHANGELOG.md +++ b/packages/toolkit/language-kit/CHANGELOG.md @@ -1,5 +1,15 @@ # Change Log +## 1.1.3 + +### Patch Changes + +- 5da01bc47: make method `isLanguageTag` case-insensitive + + The language tags should be case insensitive. In `phrases` and `phrases-experience` packages, the language tags are all in lowercase. However, in the language kit, the language tags are in mixed cases, such as `pt-BR` and `zh-CN`. + + Therefore, some of the i18n phrases were not translated by the translate CLI tool. The fix is to update the language kit to ignore cases in `isLanguageTag` function, so that the previously mismatched language tags can be detected and translated. + ## 1.1.2 ### Patch Changes diff --git a/packages/toolkit/language-kit/package.json b/packages/toolkit/language-kit/package.json index 19265fb71e0..7f7e79452e6 100644 --- a/packages/toolkit/language-kit/package.json +++ b/packages/toolkit/language-kit/package.json @@ -1,6 +1,6 @@ { "name": "@logto/language-kit", - "version": "1.1.2", + "version": "1.1.3", "author": "Silverhand Inc. ", "homepage": "https://github.com/logto-io/toolkit#readme", "repository": { diff --git a/packages/translate/CHANGELOG.md b/packages/translate/CHANGELOG.md index 282a0fa5a69..b4c3ee77ec1 100644 --- a/packages/translate/CHANGELOG.md +++ b/packages/translate/CHANGELOG.md @@ -1,5 +1,19 @@ # @logto/translate +## 0.1.3 + +### Patch Changes + +- 552a36848: improve openai prompt to better support i18n plural form suffixes +- 5da01bc47: make method `isLanguageTag` case-insensitive + + The language tags should be case insensitive. In `phrases` and `phrases-experience` packages, the language tags are all in lowercase. However, in the language kit, the language tags are in mixed cases, such as `pt-BR` and `zh-CN`. + + Therefore, some of the i18n phrases were not translated by the translate CLI tool. The fix is to update the language kit to ignore cases in `isLanguageTag` function, so that the previously mismatched language tags can be detected and translated. + +- Updated dependencies [5da01bc47] + - @logto/language-kit@1.1.3 + ## 0.1.2 ### Patch Changes diff --git a/packages/translate/package.json b/packages/translate/package.json index eb24d741679..26914958e5a 100644 --- a/packages/translate/package.json +++ b/packages/translate/package.json @@ -1,6 +1,6 @@ { "name": "@logto/translate", - "version": "0.1.2", + "version": "0.1.3", "description": "A CLI tool that helps translate phrases and experience-phrases to i18n resources.", "author": "Silverhand Inc. ", "homepage": "https://github.com/logto-io/logto#readme", @@ -40,7 +40,7 @@ }, "dependencies": { "@logto/core-kit": "workspace:^2.5.4", - "@logto/language-kit": "workspace:^1.1.2", + "@logto/language-kit": "workspace:^1.1.3", "@logto/phrases": "workspace:^1.18.0", "@logto/phrases-experience": "workspace:^1.9.1", "@logto/shared": "workspace:^3.1.4", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e78ccac668c..109d2d97500 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -115,7 +115,7 @@ importers: specifier: workspace:^2.5.4 version: link:../toolkit/core-kit '@logto/schemas': - specifier: workspace:1.25.0 + specifier: workspace:1.26.0 version: link:../schemas '@logto/shared': specifier: workspace:^3.1.4 @@ -3177,7 +3177,7 @@ importers: specifier: workspace:^2.5.4 version: link:../toolkit/core-kit '@logto/language-kit': - specifier: workspace:^1.1.1 + specifier: workspace:^1.1.3 version: link:../toolkit/language-kit '@logto/phrases': specifier: workspace:^1.18.0 @@ -3189,7 +3189,7 @@ importers: specifier: ^4.0.4 version: 4.0.4(react@18.3.1) '@logto/schemas': - specifier: workspace:^1.25.0 + specifier: workspace:^1.26.0 version: link:../schemas '@logto/shared': specifier: workspace:^3.1.4 @@ -3471,7 +3471,7 @@ importers: specifier: workspace:^2.0.1 version: link:../app-insights '@logto/cli': - specifier: workspace:^1.25.0 + specifier: workspace:^1.26.0 version: link:../cli '@logto/connector-kit': specifier: workspace:^4.2.0 @@ -3495,7 +3495,7 @@ importers: specifier: ^5.0.3 version: 5.0.3 '@logto/language-kit': - specifier: workspace:^1.1.1 + specifier: workspace:^1.1.3 version: link:../toolkit/language-kit '@logto/phrases': specifier: workspace:^1.18.0 @@ -3504,7 +3504,7 @@ importers: specifier: workspace:^1.9.1 version: link:../phrases-experience '@logto/schemas': - specifier: workspace:^1.25.0 + specifier: workspace:^1.26.0 version: link:../schemas '@logto/shared': specifier: workspace:^3.1.4 @@ -3784,7 +3784,7 @@ importers: packages/create: dependencies: '@logto/cli': - specifier: workspace:^1.25.0 + specifier: workspace:^1.26.0 version: link:../cli packages/demo-app: @@ -3959,7 +3959,7 @@ importers: specifier: workspace:^2.5.4 version: link:../toolkit/core-kit '@logto/language-kit': - specifier: workspace:^1.1.1 + specifier: workspace:^1.1.3 version: link:../toolkit/language-kit '@logto/phrases': specifier: workspace:^1.18.0 @@ -3968,7 +3968,7 @@ importers: specifier: workspace:^1.9.1 version: link:../phrases-experience '@logto/schemas': - specifier: workspace:^1.24.1 + specifier: workspace:^1.26.0 version: link:../schemas '@react-spring/shared': specifier: ^9.6.1 @@ -4529,7 +4529,7 @@ importers: specifier: workspace:^2.5.4 version: link:../toolkit/core-kit '@logto/language-kit': - specifier: workspace:^1.1.1 + specifier: workspace:^1.1.3 version: link:../toolkit/language-kit '@logto/phrases': specifier: workspace:^1.18.0 @@ -4803,7 +4803,7 @@ importers: specifier: workspace:^2.5.4 version: link:../toolkit/core-kit '@logto/language-kit': - specifier: workspace:^1.1.2 + specifier: workspace:^1.1.3 version: link:../toolkit/language-kit '@logto/phrases': specifier: workspace:^1.18.0