π Whatβs Changed
This release updates and cleans up the API code. The API itself hasn't changed although some clients may need minor updates if they were relying on non-standard behavior.
Authorization: "Bearer <token>" is now the preferred method of authentication. X-User-* headers are still supported indefinitely for v1 of the API. The eventual APIv2 will likely support Bearer token only.
If something breaks, it's likely due to one of the following:
- All API requests must be made to
.jsonendpoints. (e.g./p.jsonand NOT/p) - Unauthorized requests will now return a
401 Unauthorizedstatus code without a response body. - Anonymous calls are still supported and unchanged.
- Bad credentials will now return a
401 Unauthorized. Previously, the API would act anonymously and end up confusing countless victims. - The API now enforces JSON format for all requests and request body.
Read more in #3068.
See Also:
π Features
- API: Add Authorization Bearer Token Support; Breakout & Update API (#3068) @pglombardo
β¬οΈ Dependencies updates
- β¬οΈ Bump rack from 3.1.9 to 3.1.10 (#3085) @dependabot[bot]
π₯ List of contributors
@dependabot[bot], @pglombardo and dependabot[bot]
π₯οΈ Docker Images
Available on Docker Hub:
https://hub.docker.com/r/pglombardo/pwpush
πββοΈ Run This Version
docker run -d -p 5100:5100 pglombardo/pwpush:1.50.19..and go to http://localhost:5100