AtHeartEngineer/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-09 23:58:06 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,293 Commits 28 Branches 145 Tags
v3.0
Commit Graph

105 Commits

Author SHA1 Message Date
José Valim
d559a32646 Release 3.0.3 2013-08-18 10:26:26 +02:00
José Valim
df8e6cf225 Skip storage for cookies on unverified requests 2013-08-08 23:32:18 +02:00
Drew Ulmer
e029ad7b0c Fix improper login param sanitization permit 
This includes a failing test case that hooks into ActiveSupport
Notifications to catch the param permit error.
 2013-06-25 13:44:39 -05:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
Carlos Antonio da Silva
69f79ad446 Let Devise play with both Rails 3.2 and Rails 4 for now 2013-05-05 19:55:06 -03:00
Carlos Antonio da Silva
a0058d5fbf Add some spaces, remove comment 2013-05-03 21:52:00 -03:00
Tan Jun Rong
804fbdf6d5 Fix spelling error, 'reseting' to 'resetting' 2013-04-22 22:25:40 +08:00
Tan Jun Rong
9d5a9c8a61 Add ability to override the redirect path after user has reset their password 2013-04-22 20:22:53 +08:00
Drew Ulmer
e0ffe8f85f Fix internal helper test referencing resource_params 2013-03-31 21:31:54 -05:00
Vasiliy Ermolovich
61903b534a don't delete the return to url from session if the requested format is not navigational 
closes #2122
 2012-11-04 23:42:38 +03:00
José Valim
18c377e0d7 Merge pull request #2112 from latortuga/patch-1 
Make #set_flash_message respect i18n-set resource_name
 2012-10-26 02:05:42 -07:00
Drew Ulmer
d6449d014e Add test for #devise_i18n_options allowing resource_name override 2012-10-24 12:13:07 -05:00
mathieul
95f20587ef test that destroying a session doesn't set the flash if the requested format is not navigational 2012-06-23 14:43:35 -07:00
José Valim
4f07ed42e3 Lock warden on sign out 2012-06-16 15:21:48 +02:00
José Valim
2b7328535d Check for the request before checking for the mapping, closes #1859 2012-05-25 09:39:50 +02:00
Adam Meehan
7ec4c1424d Add resource_params internal helper to param filtering 
In light of recent discussions around mass assignment security and
the alternate solution of using the controller to filter params, not the model,
a hook/helper is needed to be able to override how the params are filtered
before they are used to build the resource.
 2012-05-15 18:07:02 +10:00
José Valim
5e845ee265 Do not reproduce warden behavior, simply rely on the controller calling it 2012-05-06 12:09:53 +02:00
Matt Connolly
a9b7a4a1de Reinstating tests for the controller test's response object. This does need to be set so the strategy's custom response can be tested. 2012-05-06 19:24:57 +10:00
Matt Connolly
2a3a8b8008 Changing test to not bother with saved response, since it wasn't set by the test. 2012-05-06 17:08:00 +10:00
Matt Connolly
90a63d4d89 Completing test and functionality for TestHelper to correctly return a custom response from a warden strategy. 2012-05-06 16:48:39 +10:00
Matt Connolly
66f74ed579 Adding a test for a warden strategy retuning a custom response. 2012-05-06 13:35:24 +10:00
Christopher Meiklejohn
eb4e23274d Ensure ActiveRecord is defined, which is not true when running Mongoid tests. 2012-04-07 15:54:00 -03:00
José Valim
b74f71fbed Fix build so it works with Rails 3.1. 2012-03-26 18:50:39 +03:00
David FRANCOIS
885d8836d1 Ability to use attr_protected attributes as sign-in keys without triggering ActiveModel::MassAssignmentSecurity::Error when ActiveRecord::Base.mass_assignment_sanitizer is set to :strict. Fixes #1729. 2012-03-21 11:48:00 +01:00
Rodrigo Flores
9e7ab38bce sign_out helper uses the new warden api 2012-02-16 14:53:10 -02:00
José Valim
fb8e093389 Accept devise_i18n_options to handle custom i18n values, closes #1633 2012-02-15 16:58:23 +01:00
José Valim
d9df632671 Get rid of InternalHelpers, refactor scoped views for more performant behavior. 2012-01-02 22:01:28 +01:00
José Valim
bd27bf7677 Deprecate and disable old behavior accumulated with time. 2011-12-04 23:58:19 +01:00
José Valim
1e37e42239 Do not use stored location for sign out. 2011-11-20 19:19:41 +00:00
Hinrik Örn Sigurðsson
9ea7249368 Allow specifying a resource_return_to for sign out 
It was impossible to accomplish this by providing a
custom #after_sign_out_path_for in ApplicationController because the
session gets destroyed before it is called. Furthermore,
resource_return_to is now used by default if it exists, so users won't
have to provide a custom #after_sign_out_path_for in that case.
 2011-11-13 20:27:08 +00:00
José Valim
16208f7ad7 Rework previous commit to clean up the instance variable dynamically. 2011-11-09 17:00:42 -02:00
artemk
c3880e52e4 #1432 current_user still returning user after sign_out 2011-11-09 20:35:19 +02:00
José Valim
1bace6df4e Be sure to expire cached devise data after sign in, closes #1411 2011-11-05 20:11:09 -02:00
José Valim
fac02b58bc Another attempt to fix the misterious loading helpers bug. 2011-10-18 08:35:50 +02:00
José Valim
990dcc8eef Try to fix the misterious case where some url helpers are not defined. 2011-10-09 11:50:48 +02:00
José Valim
59f2767345 Remove deprecated code and tests. 2011-09-29 13:11:12 +02:00
José Valim
98acc84111 Allow options to be passed to authenticate_user! 2011-09-14 16:52:28 -07:00
Aditya Sanghi
873e49ab66 sign_in should return true in case user is already signed in and assert that. 2011-08-02 14:35:46 +05:30
José Valim
77d6d1e8c2 Do not try to authenticate with no_input_strategies are empty. 2011-06-22 15:28:49 -03:00
José Valim
4fd866d113 User cannot access sign up and similar pages if he is already signed in through a cookie or token, closes #1036. 2011-04-29 08:56:57 +02:00
José Valim
c6dd846718 Move the catch to the test level. 2011-04-17 19:37:19 +02:00
Jack Dempsey
567d59e48a update verbiage to be more concise 2011-04-16 19:16:33 +08:00
Jack Dempsey
f89f71262d require_no_authentication now sets flash with I18n message 2011-04-16 19:16:33 +08:00
José Valim
c608fbe89e Rollback to require 'test_helper'. If you want to run it in isolation, do ruby -Itest path/to/test/file. 2011-04-15 10:48:44 +02:00
John Wilger
e4af6adaf7 Added test showing previously incorrect behavior of Devise::SessionsController#create 2011-04-15 16:37:15 +08:00
Prem Sichanugrist
b6652abc7c Add navigational_formats internal helper which filters out wildcard 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-30 13:43:57 +02:00
José Valim
dd721f1857 Use secure compare as well. 2011-02-15 11:33:54 +01:00
Jo Liss
692f7b27ff typos (remaining instances of authenticable -> authenticatable) 2011-01-13 13:02:17 +08:00
Prem Sichanugrist
e8e3df3891 Add support for non-navigational format response to SessionsController 
This will make Devise::SessionsController return the authenticated object in the requested format instead of redirect the client to another page upon success authentication.
 2010-12-25 17:57:15 +08:00
José Valim
13e8bc22e3 Move duplicate sign_in logic to sign_in(). 2010-12-20 10:02:27 +01:00