Changelog

Changelog

All notable changes to BastionAuth are documented here.

[0.1.0] - 2026-01-02

🎉 Initial Public Beta Release

We're excited to announce the first public beta of BastionAuth!

Added

Core Authentication

  • Email/password authentication with secure Argon2id hashing
  • Breached password detection via HaveIBeenPwned API
  • JWT-based sessions with RS256 signing
  • Refresh token rotation for enhanced security
  • Session management with device tracking

Multi-Factor Authentication

  • TOTP authenticator app support
  • QR code generation for easy setup
  • 10 single-use backup codes
  • Replay attack protection

OAuth & Social Login

  • Google OAuth integration
  • GitHub OAuth integration
  • Microsoft OAuth integration
  • Apple Sign In (coming soon)
  • LinkedIn OAuth (coming soon)

Organizations & Multi-tenancy

  • Create and manage organizations
  • Role-based access control (Owner, Admin, Member)
  • Email domain restrictions
  • Member invitations with expiry

Admin Dashboard

  • User management (view, search, delete)
  • Organization management
  • Session monitoring
  • Error logging and monitoring
  • Settings configuration

SDKs

  • @bastionauth/core - Core utilities and types
  • @bastionauth/react - React hooks and components
  • @bastionauth/nextjs - Next.js middleware and server utilities

Developer Experience

  • Pre-built UI components (Sign In, Sign Up, User Button)
  • TypeScript support throughout
  • Comprehensive API documentation
  • Self-hosting guide

Security Features

  • Rate limiting on sensitive endpoints
  • CSRF protection
  • AES-256-GCM encryption for sensitive data
  • Audit logging

Infrastructure

  • Docker Compose deployment
  • PostgreSQL database
  • Redis for sessions and caching
  • Nginx Proxy Manager support

Roadmap

Coming in v0.2.0

  • Passkey/WebAuthn support
  • Magic link authentication
  • Email templates customization
  • Webhook management UI
  • API key management

Coming in v0.3.0

  • Enterprise SSO (SAML)
  • Custom domains per organization
  • Advanced audit logs
  • User impersonation (admin)
  • Kubernetes Helm chart

Future Plans

  • Mobile SDKs (React Native, Flutter)
  • Edge deployment support
  • SOC 2 Type II certification
  • Enterprise support plans

Versioning

BastionAuth follows Semantic Versioning (opens in a new tab):

  • Major (1.0.0): Breaking changes
  • Minor (0.1.0): New features, backward compatible
  • Patch (0.0.1): Bug fixes, backward compatible

During beta (0.x.x), minor versions may include breaking changes. We recommend pinning versions in production.

Upgrade Guide

From Pre-release to 0.1.0

If you were using a pre-release version:

  1. Backup your database

    pg_dump $DATABASE_URL > backup.sql
  2. Pull latest code

    git pull origin main
  3. Run migrations

    pnpm db:migrate
  4. Rebuild containers

    docker compose -f docker/docker-compose.prod.yml build --no-cache
    docker compose -f docker/docker-compose.prod.yml up -d

Subscribe to Updates