Features
- Added automatic ECDSA key generation functionality; system creates key files when not found at startup
- Added UUID generator to replace third-party package dependency
- Added Cookie configuration structure supporting customized Domain, Path, SameSite, Secure, HttpOnly attributes
- Added device fingerprint Cookie persistence mechanism to improve device identification accuracy
- Added more granular error tagging system (ErrorTag) for better error classification and handling
- Added Header response with new Access Token functionality, allowing frontend to synchronize local tokens
Fixes
- Fixed logging system error handling approach, standardizing error objects and message format
- Fixed device fingerprint generation logic, using random UUID instead of fixed strings for unidentifiable OS/browsers
- Fixed concurrency control in Refresh Token flow, reducing lock time from 5 seconds to 3 seconds
- Fixed Redis pipeline operation error handling during token revocation
Adjustments
- Refactored configuration structure, categorizing parameters into File, Log, Option, and Cookie substructures
- Adjusted error return format, standardizing on JWTAuthResult structure with ErrorTag information
Deprecated
- Removed github.com/google/uuid external dependency
- Removed flat parameter design from old configuration structure
- Removed fixed device fingerprint strings, replaced with dynamic generation mechanism
Top comments (0)