Skip to content

Releases: pocketbase/js-sdk

v0.23.0 Release

15 Dec 15:41
Compare
Choose a tag to compare
  • Added optional pb.realtime.onDisconnect hook function.
    Note that the realtime client autoreconnect on its own and this hook is useful only for the cases where you want to apply a special behavior on server error or after closing the realtime connection.

v0.22.1 Release

29 Nov 12:27
Compare
Choose a tag to compare
  • Fixed old pb.authStore.isAdmin/pb.authStore.isAuthRecord getters and marked them as deprecated in favour of pb.authStore.isSuperuser (#323).
    Note that with PocketBase v0.23.0 superusers are converted to a system auth collection so you can always simply check the value of pb.authStore.record?.collectionName.

v0.22.0 Release

24 Nov 14:45
Compare
Choose a tag to compare

⚠️ This release introduces some breaking changes and works only with PocketBase v0.23.0+.

  • Added support for sending batch/transactional create/updated/delete/upsert requests with the new batch Web APIs.

    const batch = pb.createBatch();
    
    batch.collection("example1").create({ ... });
    batch.collection("example2").update("RECORD_ID", { ... });
    batch.collection("example3").delete("RECORD_ID");
    batch.collection("example4").upsert({ ... });
    
    const result = await batch.send();
  • Added support for authenticating with OTP (email code):

    const result = await pb.collection("users").requestOTP("[email protected]");
    
    // ... show a modal for users to check their email and to enter the received code ...
    
    await pb.collection("users").authWithOTP(result.otpId, "EMAIL_CODE");

    Note that PocketBase v0.23.0 comes also with Multi-factor authentication (MFA) support.
    When enabled from the dashboard, the first auth attempt will result in 401 response and a mfaId response,
    that will have to be submitted with the second auth request. For example:

    try {
      await pb.collection("users").authWithPassword("[email protected]", "1234567890");
    } catch (err) {
      const mfaId = err.response?.mfaId;
      if (!mfaId) {
        throw err; // not mfa -> rethrow
      }
    
      // the user needs to authenticate again with another auth method, for example OTP
      const result = await pb.collection("users").requestOTP("[email protected]");
      // ... show a modal for users to check their email and to enter the received code ...
      await pb.collection("users").authWithOTP(result.otpId, "EMAIL_CODE", { "mfaId": mfaId });
    }
  • Added new pb.collection("users").impersonate("RECORD_ID") method for superusers.
    It authenticates with the specified record id and returns a new client with the impersonated auth state loaded in a memory store.

    // authenticate as superusers (with v0.23.0 admins is converted to a special system auth collection "_superusers"):
    await pb.collection("_superusers").authWithPassword("[email protected]", "1234567890");
    
    // impersonate
    const impersonateClient = pb.collection("users").impersonate("USER_RECORD_ID", 3600 /* optional token duration in seconds */)
    
    // log the impersonate token and user data
    console.log(impersonateClient.authStore.token);
    console.log(impersonateClient.authStore.record);
    
    // send requests as the impersonated user
    impersonateClient.collection("example").getFullList();
  • Added new pb.collections.getScaffolds() method to retrieve a type indexed map with the collection models (base, auth, view) loaded with their defaults.

  • Added new pb.collections.truncate(idOrName) to delete all records associated with the specified collection.

  • Added the submitted fetch options as 3rd last argument in the pb.afterSend hook.

  • Instead of replacing the entire pb.authStore.record, on auth record update we now only replace the available returned response record data (pocketbase#5638).

  • ⚠️ Admins are converted to _superusers auth collection and there is no longer AdminService and AdminModel types.
    pb.admins is soft-deprecated and aliased to pb.collection("_superusers").

    // before   ->  after
    pb.admins.* ->  pb.collection("_superusers").*
  • ⚠️ pb.authStore.model is soft-deprecated and superseded by pb.authStore.record.

  • ⚠️ Soft-deprecated the OAuth2 success auth meta.avatarUrl response field in favour of meta.avatarURL for consistency with the Go conventions.

  • ⚠️ Changed AuthMethodsList inerface fields to accomodate the new auth methods and listAuthMethods() response.

    {
      "mfa": {
        "duration": 100,
        "enabled": true
      },
      "otp": {
        "duration": 0,
        "enabled": false
      },
      "password": {
        "enabled": true,
        "identityFields": ["email", "username"]
      },
      "oauth2": {
        "enabled": true,
        "providers": [{"name": "gitlab", ...}, {"name": "google", ...}]
      }
    }
    
  • ⚠️ Require specifying collection id or name when sending test email because the email templates can be changed per collection.

    // old
    pb.settings.testEmail(email, "verification")
    
    // new
    pb.settings.testEmail("users", email, "verification")
  • ⚠️ Soft-deprecated and aliased *Url() -> *URL() methods for consistency with other similar native JS APIs and the accepted Go conventions.
    The old methods still works but you may get a console warning to replace them because they will be removed in the future.

    pb.baseUrl                  -> pb.baseURL
    pb.buildUrl()               -> pb.buildURL()
    pb.files.getUrl()           -> pb.files.getURL()
    pb.backups.getDownloadUrl() -> pb.backups.getDownloadURL()
  • ⚠️ Renamed CollectionModel.schema to CollectionModel.fields.

  • ⚠️ Renamed type SchemaField to CollectionField.

v0.22.0-rc Prerelease

06 Oct 08:14
Compare
Choose a tag to compare
v0.22.0-rc Prerelease Pre-release
Pre-release

⚠️ This prerelease works only with PocketBase v0.23.0+ and contains breaking changes!

  • Added support for sending batch/transactional create/updated/delete/upsert requests with the new batch Web APIs.

    const batch = pb.createBatch();
    
    batch.collection("example1").create({ ... });
    batch.collection("example2").update("RECORD_ID", { ... });
    batch.collection("example3").delete("RECORD_ID");
    batch.collection("example4").upsert({ ... });
    
    const result = await batch.send();
  • Added support for authenticating with OTP (email code):

    const result = await pb.collection("users").requestOTP("[email protected]");
    
    // ... show a modal for users to check their email and to enter the received code ...
    
    await pb.collection("users").authWithOTP(result.otpId, "EMAIL_CODE");

    Note that PocketBase v0.23.0 comes also with Multi-factor authentication (MFA) support.
    When enabled from the dashboard, the first auth attempt will result in 401 response and a mfaId response,
    that will have to be submitted with the second auth request. For example:

    try {
      await pb.collection("users").authWithPassword("[email protected]", "1234567890");
    } catch (err) {
      const mfaId = err.response?.mfaId;
      if (!mfaId) {
        throw err; // not mfa -> rethrow
      }
    
      // the user needs to authenticate again with another auth method, for example OTP
      const result = await pb.collection("users").requestOTP("[email protected]");
      // ... show a modal for users to check their email and to enter the received code ...
      await pb.collection("users").authWithOTP(result.otpId, "EMAIL_CODE", { "mfaId": mfaId });
    }
  • Added new pb.collection("users").impersonate("RECORD_ID") method for superusers.
    It authenticates with the specified record id and returns a new client with the impersonated auth state loaded in a memory store.

    // authenticate as superusers (with v0.23.0 admins is converted to a special system auth collection "_superusers"):
    await pb.collection("_superusers").authWithPassword("[email protected]", "1234567890");
    
    // impersonate
    const impersonateClient = pb.collection("users").impersonate("USER_RECORD_ID", 3600 /* optional token duration in seconds */)
    
    // log the impersonate token and user data
    console.log(impersonateClient.authStore.token);
    console.log(impersonateClient.authStore.record);
    
    // send requests as the impersonated user
    impersonateClient.collection("example").getFullList();
  • Added new pb.collections.getScaffolds() method to retrieve a type indexed map with the collection models (base, auth, view) loaded with their defaults.

  • Added new pb.collections.truncate(idOrName) to delete all records associated with the specified collection.

  • Added the submitted fetch options as 3rd last argument in the pb.afterSend hook.

  • ⚠️ Admins are converted to _superusers auth collection and there is no longer AdminService and AdminModel types.
    pb.admins is soft-deprecated and aliased to pb.collection("_superusers").

    // before   ->  after
    pb.admins.* ->  pb.collection("_superusers").*
  • ⚠️ pb.authStore.model is soft-deprecated and superseded by pb.authStore.record.

  • ⚠️ Soft-deprecated the OAuth2 success auth meta.avatarUrl response field in favour of meta.avatarURL for consistency with the Go conventions.

  • ⚠️ Changed AuthMethodsList inerface fields to accomodate the new auth methods and listAuthMethods() response.

    {
      "mfa": {
        "duration": 100,
        "enabled": true
      },
      "otp": {
        "duration": 0,
        "enabled": false
      },
      "password": {
        "enabled": true,
        "identityFields": ["email", "username"]
      },
      "oauth2": {
        "enabled": true,
        "providers": [{"name": "gitlab", ...}, {"name": "google", ...}]
      }
    }
    
  • ⚠️ Require specifying collection id or name when sending test email because the email templates can be changed per collection.

    // old
    pb.settings.testEmail(email, "verification")
    
    // new
    pb.settings.testEmail("users", email, "verification")
  • ⚠️ Soft-deprecated and aliased *Url() -> *URL() methods for consistency with other similar native JS APIs and the accepted Go conventions.
    The old methods still works but you may get a console warning to replace them because they will be removed in the future.

    pb.baseUrl                  -> pb.baseURL
    pb.buildUrl()               -> pb.buildURL()
    pb.files.getUrl()           -> pb.files.getURL()
    pb.backups.getDownloadUrl() -> pb.backups.getDownloadURL()
  • ⚠️ Renamed CollectionModel.schema to CollectionModel.fields.

  • ⚠️ Renamed type SchemaField to CollectionField.

v0.21.5 Release

27 Aug 20:31
Compare
Choose a tag to compare
  • Shallow copy the realtime subscribe options argument for consistency with the other methods (#308).

v0.21.4 Release

27 Jul 09:05
Compare
Choose a tag to compare
  • Fixed the requestKey handling in authWithOAuth2({...}) to allow manually cancelling the entire OAuth2 pending request flow using pb.cancelRequest(requestKey).
    Due to the window.close caveats note that the OAuth2 popup window may still remain open depending on which stage of the OAuth2 flow the cancellation has been invoked.

v0.21.3 Release

31 May 16:33
Compare
Choose a tag to compare

v0.21.2 Release

21 Apr 20:21
Compare
Choose a tag to compare
  • Exported HealthService types (#289).

v0.21.1 Release

03 Feb 14:53
Compare
Choose a tag to compare
  • Manually update the verified state of the current matching AuthStore model on successful "confirm-verification" call.

  • Manually clear the current matching AuthStore on "confirm-email-change" call because previous tokens are always invalidated.

  • Fixed the fetch mock tests to check also the sent body param values.

  • Formatted the source code with prettier.

v0.21.0 Release

24 Jan 10:00
Compare
Choose a tag to compare

⚠️ This release works only with PocketBase v0.21.0+ due to changes of how the multipart/form-data body is handled.

  • Properly sent json body with multipart/form-data requests.
    This should fix the edge cases mentioned in the v0.20.3 release.

  • Gracefully handle OAuth2 redirect error with the authWithOAuth2() call.