# Changelog

## 4.0.0

- Blacklist entries can now be synchronized through redis

BREAKING: Blacklist functions are now asynchronous

## 3.3.0

- Verification Keys can now be synchronized through redis

## 3.2.0

- Logout function

## 3.1.0

- Option to enable body parsing

## 3.0.0

- Allows Cookies Parameters to be set

BREAKING:

- All cookie_name and refresh_cookie_name properties have been renamed to cookie and refresh_cookie and are now a settings object instead of a string

## 2.2.0

- Allow refresh tokens to be sent on a separate cookie
- Automatic token refresh if the access token is expired and the cookie header contains a valid refresh token

## 2.1.0

- Allow access to Gateway functions like authenticate, get_cookie_auth, get_header_auth, redirect, deny
- Allow Gateway to deny a request in case no redirect url is specified

## 2.0.0

Complete redesign

## 1.1.0

add user_id to res.connection, so request handlers can access the current user

## 1.0.0

initial release