ChangeLog

0.15.1 (2026-03-15)

Fixed

Fixed metadata dictionary saving.

0.15.0 (2026-03-15)

Backward incompatible changes

Metadata serialization was fixed for cases when some strings are having umlauts. Also, Yason library now is used instead of Jonathon for handling JSON. As the result, metadata now is returned as a hash-table with string keys.

Another backward incompatiblity is that now all metadata keys are lowercased on saving. To update old records in the database, use such SQL query:

UPDATE social_profile
SET metadata = 
    (metadata - 'EMAIL') || 
    jsonb_build_object(
        'email', 
        CASE 
            WHEN metadata->'EMAIL' = '[]'::jsonb THEN NULL
            ELSE metadata->'EMAIL'
        END
    )
WHERE metadata ? 'EMAIL';

0.14.0 (2026-03-14)

Added

• Telegram authentication provider via the Telegram Login Widget.

• New variables: reblocks-auth/providers/telegram:*bot-username* and reblocks-auth/providers/telegram:*bot-token*.

• Server-side HMAC-SHA256 signature verification using the bot token (via ironclad).

• auth_date freshness check — logins older than 24 hours are rejected.

• reblocks-auth/providers/telegram:render-button helper for rendering the widget script tag.

0.13.0 (2026-03-08)

Added

• Yandex SmartCaptcha support as alternative to Google reCAPTCHA.

• New variables: reblocks-auth/providers/email/processing:*smartcaptcha-client-key* and reblocks-auth/providers/email/processing:*smartcaptcha-server-key*.

• Yandex SmartCaptcha takes precedence when both are configured.

0.12.0 (2025-06-13)

Fixed

• Code was fixed to work with latest changes of with-html macro from the Reblocks.

0.11.1 (2025-02-15)

Fixed

• Email provider form rendering was fixed to work with Reblocks changes introduced in PR57.

0.11.0 (2023-12-18)

Added

• reblocks-auth/core:render-login-page generic-function was added allowing to make a custom. Widget class reblocks-auth/providers/email/processing:request-code-form, reblocks-auth/providers/email/processing:render-submit-button generic-function, reblocks-auth/providers/email/processing:render-email-input generic-function, reblocks-auth/providers/email/processing:form-css-classes generic-function and reblocks-auth/providers/email/processing:render-sent-message generic-function were added to allow login page customizations.

• Added reblocks-auth/core:*allow-new-accounts-creation* variable to control if new accounts can be registered.

• Added reblocks-auth/models:*user-class* variable. This allows to make a custom user model with additional fields.

Changed

• Now when user authenticates using email, we fill email column.

• Function reblocks-auth/providers/email/models:send-code now accepts SEND-CALLBACK argument. This argument can be used when you need to send login code with a custom email markup. For example, this way a special welcome email can be sent when a new user was added by a site admin.

• Function reblocks-auth/providers/email/resend:make-code-sender now accepts additional argument BASE-URI.

0.10.0 (2023-10-22)

Experimental reCaptcha support was added into email provider.

Set reblocks-auth/providers/email/processing:*recaptcha-site-key* and reblocks-auth/providers/email/processing:*recaptcha-secret-key* variables to try it.

Note: this version requires a new Reblocks, where was added get-remote-ip function.

0.9.0 (2023-10-01)

Email authentication provider now is able to use Resend API. Load reblocks-auth/providers/email/resend ASDF system to enable this feature.

0.8.0 (2023-08-04)

New authentication provider was added. It will send an authentication URL to user's email.

To make it work, you'll need to add this table to the database:

CREATE TABLE registration_code (
    id BIGSERIAL NOT NULL PRIMARY KEY,
    email VARCHAR(255) NOT NULL,
    code VARCHAR(255) NOT NULL,
    valid_until TIMESTAMP NOT NULL,
    created_at TIMESTAMPTZ,
    updated_at TIMESTAMPTZ
);

After that, do this to enable the auth provider:

(pushnew :email reblocks-auth:*enabled-services*)

Also, you'll need to provide credentials for working with Mailgun service. At the moment sending email works only via this service, but other methods can be implemented.

If you decide to go with default sending method, define email template like this:

(define-code-sender send-code ("Ultralisp.org <noreply@ultralisp.org>" url)
  (:p ("To log into [Ultralisp.org](~A), follow [this link](~A)."
       url
       url))
  (:p "Hurry up! This link will expire in one hour."))

Here is how to provide credentials to make sending work:

(setf mailgun:*domain* "mg.ultralisp.org")

(setf mailgun:*api-key*
      (secret-values:conceal-value
       "********************************-*********-*********"))

To supply an alternative sending method, define a function of two arguments: email and url. Set reblocks-auth/providers/email/models:*send-code-callback* variable to the value of this function.

0.7.0 (2022-06-07)

• Added documentation and an example application.

0.6.0 (2021-01-24)

• Added support for secret-values in reblocks-auth/github:*secret*.

0.5.1 (2019-06-24)

• Supported recent change of mito caused an error when searching a social user.

0.5.0 (2019-06-22)

• Added a reblocks-auth/models:change-email function.

0.4.0 (2019-06-20)

• Added a new variable reblocks-auth/core:*login-hooks*.

• A variable reblocks-auth/core:*enabled-services* was exported.

• A function reblocks-auth/core:render-buttons was exported.

0.3.0 (2019-04-18)

• Now classes reblocks-auth/models:user and reblocks-auth/models:social-profile are exported from reblocks-auth/models system.

• New function were added: reblocks-auth/models:get-user-by-email and reblocks-auth/models:get-user-by-nickname.

0.2.0 (2019-04-17)

• Now only user:email scope is required for authentication via github.

• And reblocks-auth/github:render-button, reblocks-auth/github:get-scopes functions was added to request more scopes if required.

0.1.0 (2019-03-31)

• First version with GitHub authentication.