diff --git a/.changeset/login-copy-and-doc-fixes.md b/.changeset/login-copy-and-doc-fixes.md deleted file mode 100644 index 517761b..0000000 --- a/.changeset/login-copy-and-doc-fixes.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -'@seamless-auth/react': patch ---- - -Fix a passwordless copy slip in the built-in Login view, which previously -suggested resetting a password on an unexpected error (there are no passwords in -this system). - -Docs: correct the OAuth callback example to read the provider from -sessionStorage (matching the bundled flow) instead of hardcoding a provider, -list the `/oauth/callback` built-in route, and complete the backend endpoint -expectations (login OTP variants and organization routes). diff --git a/.changeset/totp-support.md b/.changeset/totp-support.md deleted file mode 100644 index b44f88d..0000000 --- a/.changeset/totp-support.md +++ /dev/null @@ -1,18 +0,0 @@ ---- -'@seamless-auth/react': minor ---- - -Add TOTP (authenticator app) support. The headless client gains -`getTotpStatus()`, `startTotpEnrollment()`, `verifyTotpEnrollment(code)`, and -`disableTotp(code)` for enrollment and management, plus -`verifyStepUpWithTotp(code)` for TOTP-based step-up verification. -`AuthProvider`/`useAuth()` expose `verifyStepUpWithTotp(code)`, which refreshes -`stepUpStatus` on success alongside the existing passkey step-up helpers. The -`StepUpMethod` type now includes `'totp'`, and `TotpStatus` and -`TotpEnrollmentStartResult` are exported. - -TOTP applies to step-up verification, not to the login flow: the auth API issues -a full session on the first factor and does not gate login on TOTP. - -Requires an auth backend that exposes the `/totp/*` routes (available in -`@seamless-auth/express` 0.6+). diff --git a/CHANGELOG.md b/CHANGELOG.md index d1febaa..36bdf4f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,35 @@ # @seamless-auth/react +## 0.4.0 + +### Minor Changes + +- f26c5c0: Add TOTP (authenticator app) support. The headless client gains + `getTotpStatus()`, `startTotpEnrollment()`, `verifyTotpEnrollment(code)`, and + `disableTotp(code)` for enrollment and management, plus + `verifyStepUpWithTotp(code)` for TOTP-based step-up verification. + `AuthProvider`/`useAuth()` expose `verifyStepUpWithTotp(code)`, which refreshes + `stepUpStatus` on success alongside the existing passkey step-up helpers. The + `StepUpMethod` type now includes `'totp'`, and `TotpStatus` and + `TotpEnrollmentStartResult` are exported. + + TOTP applies to step-up verification, not to the login flow: the auth API issues + a full session on the first factor and does not gate login on TOTP. + + Requires an auth backend that exposes the `/totp/*` routes (available in + `@seamless-auth/express` 0.6+). + +### Patch Changes + +- 55d5855: Fix a passwordless copy slip in the built-in Login view, which previously + suggested resetting a password on an unexpected error (there are no passwords in + this system). + + Docs: correct the OAuth callback example to read the provider from + sessionStorage (matching the bundled flow) instead of hardcoding a provider, + list the `/oauth/callback` built-in route, and complete the backend endpoint + expectations (login OTP variants and organization routes). + ## 0.3.0 ### Minor Changes diff --git a/package.json b/package.json index b999f6d..c3a8cda 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@seamless-auth/react", - "version": "0.3.0", + "version": "0.4.0", "description": "A drop-in authentication solution for modern React applications.", "type": "module", "exports": {