A window of 1 means the token is checked against current time slot T
as well as at time slot T-1 and T+1.
A time slot is 30 seconds by default in Authelia.
One can now plug its own SMTP server to send notifications
for identity validation and password reset requests.
Filesystem has been removed from the template configuration file
since even tests now use mail catcher (the fake webmail) to
retrieve the email and the confirmation link.
ACLs can now be defined by subdomain AND resource using pattern matching
with regular expressions.
It allows a very fine-grained access control to backend resources.
[Note] For using example environmnent, user must update its /etc/hosts with
new subdomains updated in README.
Before this fix, the application was simply crashing during execution
when connection to redis was failing.
Now, it is correctly handled with failing promises and logs have been
enabled to clearly see the problem
Before this fix, the redirection URL was stored in the user session,
but this has a big drawback since user could open several pages in
browser and thus override the redirection URL leading the user to
be incorrectly redirected.
Clement Michaud