npm @medusajs/medusa 1.17.0
v1.17.0

latest releases: 2.0.2-preview-20241113120235, 2.0.5-preview-20241113120150, 2.0.5-preview-20241113090149...
13 months ago

Highlights

New and improved authentication methods

Version 1.17.0 of @medusajs/medusa ships new and improved authentication methods. A contribution by @dPreininger.

Medusa supports three authentication methods:

Sessions
Our session cookie authentication remains unchanged. However, the strategy name has been updated in both the store and admin API, making existing cookie sessions invalid.

⚠️ We will not convert existing sessions to work with this update. Make sure to plan your upgrade accordingly.

API tokens (⚠️ breaking changes)

The header for API token authentication has changed from a Bearer authorization scheme to a custom header scheme specific to Medusa, x-medusa-access-token.

Previously, you would use API tokens like so:

curl -L GET '<BACKEND_URL>/admin/products' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer {api_token}'

This has changed to:

curl -L GET '<BACKEND_URL>/admin/products' \
  -H 'Content-Type: application/json' \
  -H 'x-medusa-access-token: {api_token}'

Bearer tokens
Bearer token authentication is a "new" method that utilizes JWT tokens and the Bearer scheme. Request a token from a client and attach it to subsequent requests to keep the authenticated session alive. The approach is identical to that of the old API authentication but uses a different token type.

First, request a token:

curl -L POST 'http://localhost:9000/admin/auth/token' \
  -H 'Content-Type: application/json' \
  --data-raw '{
    "email": "admin@medusa-test.com",
    "password": "supersecret"
  }'

Then, hit an authenticated route:

curl -L GET 'http://localhost:9000/admin/products?limit=1' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer some_access_token'

Arabic translations

Thanks to @PeterAbdalla, you can now operate Medusa Admin in Arabic.

Medusa UI 2.0

Version 2.0 of @medusajs/ui is out. To upgrade, run the following command in your project:

yarn add @medusajs/ui@2.0

The release includes:

  • New components, including CurrencyInput, Tabs, and CommandBar
  • New icons
  • Updated API of Button, Badge, and CodeBlock (⚠️ breaking changes)

And much more.

Check out all changes and the upgrade guide in our documentation: https://docs.medusajs.com/upgrade-guides

Features

  • feat(utils): Provide an utils that allows to convert an array of fields to a complete remote query object by @adrien2p in #5161
  • feat(medusa): Migrate remote query usage in store product domain to use an object by @adrien2p in #5131
  • feat(medusa): Admin get product with isolated module by @adrien2p in #5054
  • feat(medusa): Admin list product with product isolated module by @adrien2p in #5046
  • feat(medusa): Remove create product unnecessary input config workflow by @adrien2p in #5196
  • feat(medusa): Authentication overhaul by @dPreininger in #4064
  • feat(pricing): add price rule entity by @pKorsholm in #5050
  • feat(medusa): Add product isolation FF to update cart by @adrien2p in #5168
  • feat(admin-ui): Add Arabic translations by @PeterAbdalla in #5140
  • feat(pricing, types, utils): Exact match based on context + fallback on rule priority if not by @riqwan in #5214

Bugs

Chores

Documentation

New Contributors

Full Changelog: v1.16.1...v1.17.0

Don't miss a new medusa release

NewReleases is sending notifications on new releases.