- Fix#79
- Rename event EventGet to EventGetUser
- Remove double DB fetch
- Add new event callpoint: After(EventGetUser) for things that need to
check that the user is ABLE to be gotten after it's fetched from the
DB. That is before returning to the web app, ensure that the user is
valid from a confirmation/lock etc point of view.
- Add test to make sure all the events are firing in CurrentUser()
- When authboss routes are accessed it goes through a check to see if
they're logged in and if they need to actually visit this route. If
the user was not found (despite having a session cookie) it would 500,
and now it simply removes the bad cookie.
- Fix#75
- Re-add the age-old "Values" from the Context. This was originally
there for exactly the documented purpose. However the Context holding
the request form values negated it's use. It's back because of this
new separation.
- Make the auth success path set the authboss.CookieRemember value in
the context before calling it's callback.
- This allows for the user struct to contain just about anything. But it
will still produce errors when there is a type mismatch (which I believe
was the entire point of the type-specific code).
- Leave sql.Scanner/driver.Valuer as special cases to allow control over
serialization at some level.
- Fix#69
- Stop logged in users from accessing pages like auth/recover etc.
- Ensure that half-authed users are allowed access to auth-like pages.
- Make sure that if users have a remember token, it's processed before
we decide if a user is logged in or not, preventing or granting access
to these pages.
- Fix#58
- Having the default logger set to nil was troublesome because some errors
are hard to detect without a logger. This falls under "sane default"
changes and so should be made.
