== 1.1.2 released 2008-11-13

* Added check for database set up in acts_as_authentic to prevent errors during migrations.

== 1.1.1 released 2008-11-13

* Removed ActiveRecord dependency.
* Removed loading shoulda macros by default, moved to shoulda_macros dir.
* Modified how params access works. Added in single_access_token_field which params now uses. See the single access section in the README. Various configuration options added as well.
* Cleaned up acts_as_authentic configuration, added new config module to do this.
* Cleaned up acts_as_authentic tests
* Moved acts_as_authentic sub modules into the proper name spaces

== 1.1.0 released 2008-11-13

* Moved Rack standards into abstract_adapter for the controllers.
* Added authenticating_with_credentials?, authenticating_with_unauthorized_record?
* Fixed typo in abstract_adapter, black to block.
* Cleaned up / reorganized tests.
* Moved ActiveRecord additions to ORM Adapters name space to make way for Data Mapper.
* Reorganized and modified acts_as_authentic to be free standing and not get info from the related session.
* The session now gets its configuration from the model, since determining which fields are present is ORM specific.
* Extracted session and cookie logic into their own modules for Session.
* Moved crypto providers into their own module and added a Sha1 provider to help with the restful_authentication transition.
* Allow the unique_token method to use the alternate crypto_provider if it is a hash algorithm, otherwise default to Sha512.
* Added last_request_at_threshold configuration option.
* Changed Scoped class to AuthenticatesManyAssociation, like AR has HasManyAssociation, etc.
* Added should_be_authentic shoulda macro.
* Removed some magic from how sessions are initialized. See the initialize documentation, this method is a little more structured now, which was required for adding in openid.
* Added in logging via a params token, which is friendly for feed URLs. Works just like cookies and sessions when persisting the session.
* Added the option to use session.user, instead of session.record. This is based off of what model your session is authenticating with.

== 1.0.0 released 2008-11-05

* Checked for blank login counts, if a default wasnt set in the migrations.
* Added check for database table in acts_as_authentic to avoid errors in initial setup.
* Completely rewrote tests to be more conventional and thorough tests, removed test_app.
* Modified how validations work so that a validate method was added as well as callbacks for that method.
* Extracted scope support into its own module to help organize code better.
* Added in salt for encryption, just like hashes and removed :crypto_provider_type option for acts_as_authentic.
* Added merb adapters.
* Improved documentation throughout.

== 0.10.4 released 2008-10-31

* Changed configuration to use inheritable attributes
* Cleaned up requires to be in their proper files
* Added in scope support.

== 0.10.3 released 2008-10-31

* Instead of raising an error when extra fields are passed in credentials=, just ignore them.
* Added remember_me config option to set the default value.
* Only call credential methods if an argument was passed.
* More unit tests
* Hardened automatic session updating. Also automatically log the user in if they change their password when logged out.

== 0.10.2 released 2008-10-24

* Added in stretches to the default Sha512 encryption algorithm.
* Use column_names instead of columns when determining if a column is present.
* Improved validation callbacks. after_validation should only be run if valid? = true. Also clear errors before the "before_validation" callback.

== 0.10.1 released 2008-10-24

* Sessions now store the "remember token" instead of the id. This is much safer and guarantees all "sessions" that are logged in are logged in with a valid password. This way stale sessions can't be persisted.
* Bumped security to Sha512 from Sha256.
* Remove attr_protected call in acts_as_authentic
* protected_password should use pasword_field configuration value
* changed magic state "inactive" to "active"

== 0.10.0 released 2008-10-24

* Do not allow instantiation if the session has not been activated with a controller object. Just like ActiveRecord won't let you do anything without a DB connection.
* Abstracted controller implementation to allow for rails, merb, etc adapters. So this is not confined to the rails framework.
* Removed create and update methods and added save, like ActiveRecord.
* after_validation should be able to change the result if it adds errors on callbacks.
* Completed tests.

== 0.9.1 released 2008-10-24

* Changed scope to id. Makes more sense to call it an id and fits better with the ActiveRecord model.
* Removed saving_from_session flag, apparently it is not needed.
* Fixed updating sessions to make more sense and be stricter.
* change last_click_at to last_request_at
* Only run "after" callbacks if the result is successful.

== 0.9.0 released 2008-10-24

* Initial release.