HomeBranch

Releases

Release notes for HomeBranch, HomeBranch Web, and the Authentication service.

Authentication v1.2.0 Permalink ↗

Authentication v1.2.0

PostgreSQL session store, OpenID Connect SSO, and Passport strategy refactor

What’s new

PostgreSQL-backed session store

Sessions are now persisted in PostgreSQL using connect-pg-simple. A background job automatically purges stale sessions, preventing unbounded table growth over time.

Breaking change: SESSION_SECRET is now a required environment variable. The service will refuse to start without it. Generate a value with openssl rand -base64 48 and add it to your deployment before upgrading.

OpenID Connect (OIDC) SSO

Single sign-on via OpenID Connect is now fully supported. Once configured, a provider sign-in button appears on the login screen alongside the existing email/password form. OIDC configuration is managed through the admin config API — no service restart is required after changing settings.

New endpoints:

MethodPathAuthDescription
GET/oidc/enabledPublicReturns whether OIDC is configured
GET/login/oidcPublicInitiates the OIDC authorization flow (redirects to provider)
GET/login/oidc/callbackPublicHandles the provider redirect callback and issues tokens
GET/configAdminRetrieve the full authentication configuration including OIDC settings
GET/config/publicPublicRetrieve sanitized config (oidcEnabled, oidcProviderName, signupEnabled)
PATCH/configAdminUpdate authentication configuration including OIDC credentials

Improvements

  • Refactored authentication strategies to use the Passport strategy pattern, making it straightforward to add additional providers in future releases
  • Improved error logging for OIDC authentication exceptions to aid debugging of provider misconfiguration

Breaking changes

SESSION_SECRET is now required. The service will not start without it.

Upgrade notes

  1. Generate a session secret: openssl rand -base64 48
  2. Add SESSION_SECRET to your environment (add APP_URL for OIDC redirect URL generation)
  3. The session table is created automatically on first startup
  4. See the updated Getting Started guide for a revised docker-compose.yml
HomeBranch API v1.2.1 Permalink ↗

HomeBranch API v1.2.1

Favorites attribution fix

Bug fixes

Favorites attribution

Fixed a bug where a user favoriting a book uploaded by another user would incorrectly associate the favorite with the uploader’s account rather than the user who performed the action.

Upgrade notes

No breaking changes. Database migrations run automatically on startup — no manual steps required.

HomeBranch Web v1.3.0 Permalink ↗

HomeBranch Web v1.3.0

OIDC single sign-on, OIDC admin configuration UI, and mobile fixes

What’s new

OpenID Connect single sign-on

Users can now sign in via an OpenID Connect provider when OIDC is configured in the Authentication service. The login page automatically displays a provider sign-in button when OIDC is enabled — no page changes are required after configuration.

OIDC admin configuration UI

Admins can configure the OIDC provider — issuer URL, client ID, client secret, callback URL, and provider display name — directly from the admin settings page without restarting any services.

Requires Authentication v1.2.0 or later.

Bug fixes

  • Favorites attribution: Fixed display of favorite status when viewing books from another user’s library — the UI now correctly reflects the signed-in user’s own favorites
  • Bookshelf search field: Fixed an issue where the search input did not render correctly inside the manage bookshelf button
  • Mobile drawer search: Fixed an issue where the search input retained its value after closing the mobile drawer
  • Mobile menu z-index: Fixed a layering conflict that caused dropdown menus to render behind the mobile navigation drawer

Upgrade notes

No breaking changes. Pull the latest Docker image or rebuild from source. OIDC login requires Authentication v1.2.0 — deploy both services together.