- Document more things
- Remove module code
- Remove callbacks code
- Remove data makers, flash messages, and context providers in exchange
for middlewares that use context (unwritten)
- Move more implementations (responses, redirector, router) to defaults
package
- Rename key interfaces (again), Storer -> User, StoreLoader ->
ServerStorer (opposite of ClientStateStorer) if this is the last time
I rename these I'll be shocked
- Change response to be more central to Authboss. Make sure it has
useful methods and works with the new rendering idioms.
- Change the load user methods to all work with context keys, and even
be able to set context keys on the current request to avoid setting
contexts everywhere in the code base.
- When authboss routes are accessed it goes through a check to see if
they're logged in and if they need to actually visit this route. If
the user was not found (despite having a session cookie) it would 500,
and now it simply removes the bad cookie.
- Fix#75
- Stop logged in users from accessing pages like auth/recover etc.
- Ensure that half-authed users are allowed access to auth-like pages.
- Make sure that if users have a remember token, it's processed before
we decide if a user is logged in or not, preventing or granting access
to these pages.
- Fix#58
- Having the default logger set to nil was troublesome because some errors
are hard to detect without a logger. This falls under "sane default"
changes and so should be made.
- Add error handling at the routing level so that all errors can bubble
up and be handled and logged there in one place.
- Add Err variants for ClientStorer and Attributes to facilitate
generating errors for missing type-failing arguments.
- Add better control flow and error handling for callbacks.
