1.0.0 Project initialization REST API with simple authentication and authorization mechanism by two routes: /authenticate and /authorize. A client/consumer can do only two things: - Authentication: An user name and a password are required in the request body. The request type is POST. The output is an object with the following structure: { token: { raw: "***", validFrom: "", validUntil: "" }, status: "SUCCESS" } - Authorization: The request type is also POST and and its scope is to authorize a token. The input is just the token in string format: { token: "***" } For .NET consumers there are two nuget packages developed to facilitate the integration with this Tuitio server: - Tuitio.PublishedLanguage: It contains constants and classes for data transfer objects. - Tuitio.Wrapper: It compose and executes all the REST requests to the Tuitio server and offers to a consumer a simple interface with all methods. This interface can be injected with dependency injection at consumer startup with UseTuitioServices method. The only input is the server base address. - The source of this nugets is public, but on my personal server: https://lab.code-rove.com/public-nuget-server/nuget 1.0.1 ◾ Big changes in token structure. Now the token format is base64 and contains a json with all user data like username, first name, last name, profile picture url, email address and a list of claims that can be configured from the database for each user independently. ◾ The generation and validation mechanism for the token has been rewritten to meet the new token structure. ◾ The complexity of user information has grown a lot. All users have now besides the data from token other information such as statuses, failed login attempts, last login date, password change date and security stamp. ◾ All tokens are persisted in the database and the active ones are reload at a server failure or in case of a restart. 1.1.0 ◾ Upgrade all projects to .NET 5 ◾ Upgrade packages MicrosoftExtensions, AutoMapper, EntityFramework, Netmash 1.1.1 ◾ Added Netmash.Infrastructure.DatabaseMigration ◾ Organized sql scripts to meet database migrator requirements 1.1.2 ◾ Store and compare passwords as hash to improve system security 1.1.3 ◾ Upgrade the migration service to version 1.1.0. Migration metadata is now stored in the sql server database. 2.0.0 ◾ Tuitio rebranding ◾ .NET 6 upgrade ◾ Nuget packages upgrade ◾ Added Seq logging ◾ Refactoring and code cleanup ◾ Added README.md file 2.1.0 ◾ Tuitio refactoring ◾ Added account logout method ◾ Tuitio performance optimizations 2.2.0 ◾ Added unit testing with xunit ◾ Added some tests 2.3.0 2023-03-27 19:20 Added "user-info" method in API ◾ The "user-info" method returns the data of the authenticated user. ◾ Added http context accessor and authentication handler ◾ Added user contact options ◾ Published new versions of Tuitio's nuget packages 2.4.0 2023-04-03 01:14 Added user groups and roles ◾ From this version, any user can be assigned to groups and can have roles. ◾ Each user group can have roles that will be applied to all users who are part of the group. 2.4.1 2023-04-07 19:12 Authentication handler changes ◾ The authentication handler has been updated to skip the token validation if the method from controller is marked with [AllowAnonymous] attribute.