Here's an overview what has been changed between versions and if you have to do any work when upgrading.
The internal implementation of the Google Authentication and email authentication method has been re-factored. If you depend on internal classes, please check if your code is affected.
- Added backup code feature Read more
Nothing to upgrade
- Added path exclusion option
Nothing to upgrade
- Re-factored Doctrine dependency into persister service
First officially "stable" release.
Changed case of parameter from $GoogleAuthenticatorSecret to $googleAuthenticatorSecret in Scheb\TwoFactorBundle\Model\Google\TwoFactorInterface
- Made security token class configurable.
- Made POST/GET parameter names configurable.
- Added unit tests.
- Refactored trusted feature into separate class.
- Renamed and reorganized some classes.
Nothing to upgrade
If you want to use the trusted computer feature, you have to implement TrustedComputerInterface in your user entity. Read more
- Trusted computers can be flagged with a cookie. Once the authentication process has been completed it will skip two-factor authentication.
Nothing to upgrade
- Major code refactoring
- Implemented an interface for custom two-factor authentcation providers
The default authentication form template requires a route _security_logout to be defined, that directs to your logout URL. Alternatively you can configure a custom template.
- Bugfixes
- Link added to cancel two-factor authentication