⚡ valuein/shop:5.9 → 1 🎉 → 3 🚀 → 2 🔥

• 🎉 Added MFA Authentication on admin part
• 🚀 Improved mapping of account between Valuein and Salesforce
• 🚀 Improved country management in addresses
• 🚀 Improved "My account" theme and navigation experience
• 🔥 Changed mapping Valuein and Salesforce
• 🔥 Changed dependencies between controllers

🎉 New features

Added MFA Authentication on admin part

Multi-Factor Authentication has been added with TOTP system (Time-based One Time Password) and IP validation via email.
An idle detector has been implemented in order to avoid security issue if a user leave its opened session.
Add admin activity logging in order to identify suspicious activity.
Add reset password from account management dedicated page.

The TOTP is enabled by the environment variable ADMIN_OTP_REQUIRED and is disabled as default.

The default idle delay in second in defined in environment variable ADMIN_IDLE_DELAY_IN_SECONDS and hav a value of 1200 seconds.

The IP validation system is enabled via environment variable ADMIN_IP_VALIDATION_ENABLED ans is disabled as default.

🚀 Improvements

Improved mapping of account between Valuein and Salesforce

The username is now sent to Salesforce when the user is created.

The link between the shop and Salesforce is done using the field VI_AccountName__c
It replaces the field AccountNumber for personn accounts and the field Name for business accounts.

🔥 Breaking changes

Changed mapping Valuein and Salesforce

The mapping between Valuein and Salesforce have changed, so existing customer must be updated to still be linked as expected :

• For person account, the field AccountNumber must be copied to the field VI_AccountName__c
• For business account, the field Name must be copied to the field VI_AccountName__c

Changed dependencies between controllers

The controller "InvoicingAbstractController" have been removed.

The content that was provided by this controller either was not used, or only in one other page. So the content have been split so that each controller become slimer.

The dependency of thoses controller was also updated to have service injected in the action instead of collecting every service in the construct method.