Release 1.1.2.

CHANGELOG.rdoc

@@ -1,14 +1,3 @@
-== 1.1.3
-
-* bugfix
-  * Add reply-to to e-mail headers by default
-  * Updated the views generator to respect the rails :template_engine option (by github.com/fredwu)
-  * Check the type of HTTP Authentication before using Basic headers
-  * Avoid invalid_salt errors by checking salt presence (by github.com/thibaudgg)
-  * Forget user deletes the right cookie before logout, not remembering the user anymore (by github.com/emtrane)
-  * Fix for failed first-ever logins on PostgreSQL where column default is nil (by github.com/bensie)
-  * :default options is now honored in migrations
-
 == 1.1.2
 
 * bugfix

Gemfile

@@ -1,6 +1,6 @@
 source "http://rubygems.org"
 
-gem "rails", "3.0.0"
+gem "rails", "3.0.0.rc2"
 gem "warden", "0.10.7"
 gem "sqlite3-ruby"
 gem "webrat", "0.7.0"

Gemfile.lock

@@ -13,12 +13,12 @@ GEM
   remote: http://rubygems.org/
   specs:
     abstract (1.0.0)
-    actionmailer (3.0.0)
-      actionpack (= 3.0.0)
+    actionmailer (3.0.0.rc2)
+      actionpack (= 3.0.0.rc2)
       mail (~> 2.2.5)
-    actionpack (3.0.0)
-      activemodel (= 3.0.0)
-      activesupport (= 3.0.0)
+    actionpack (3.0.0.rc2)
+      activemodel (= 3.0.0.rc2)
+      activesupport (= 3.0.0.rc2)
       builder (~> 2.1.2)
       erubis (~> 2.6.6)
       i18n (~> 0.4.1)
@@ -26,24 +26,24 @@ GEM
       rack-mount (~> 0.6.12)
       rack-test (~> 0.5.4)
       tzinfo (~> 0.3.23)
-    activemodel (3.0.0)
-      activesupport (= 3.0.0)
+    activemodel (3.0.0.rc2)
+      activesupport (= 3.0.0.rc2)
       builder (~> 2.1.2)
       i18n (~> 0.4.1)
-    activerecord (3.0.0)
-      activemodel (= 3.0.0)
-      activesupport (= 3.0.0)
-      arel (~> 1.0.0)
+    activerecord (3.0.0.rc2)
+      activemodel (= 3.0.0.rc2)
+      activesupport (= 3.0.0.rc2)
+      arel (~> 1.0.0.rc1)
       tzinfo (~> 0.3.23)
-    activeresource (3.0.0)
-      activemodel (= 3.0.0)
-      activesupport (= 3.0.0)
-    activesupport (3.0.0)
-    arel (1.0.1)
-      activesupport (~> 3.0.0)
+    activeresource (3.0.0.rc2)
+      activemodel (= 3.0.0.rc2)
+      activesupport (= 3.0.0.rc2)
+    activesupport (3.0.0.rc2)
+    arel (1.0.0.rc1)
+      activesupport (>= 3.0.0.beta)
     bcrypt-ruby (2.1.2)
     bson (1.0.4)
-    bson_ext (1.0.7)
+    bson_ext (1.0.4)
     builder (2.1.2)
     columnize (0.3.1)
     erubis (2.6.6)
@@ -66,18 +66,18 @@ GEM
       rack (>= 1.0.0)
     rack-test (0.5.4)
       rack (>= 1.0)
-    rails (3.0.0)
-      actionmailer (= 3.0.0)
-      actionpack (= 3.0.0)
-      activerecord (= 3.0.0)
-      activeresource (= 3.0.0)
-      activesupport (= 3.0.0)
-      bundler (~> 1.0.0)
-      railties (= 3.0.0)
-    railties (3.0.0)
-      actionpack (= 3.0.0)
-      activesupport (= 3.0.0)
-      rake (>= 0.8.4)
+    rails (3.0.0.rc2)
+      actionmailer (= 3.0.0.rc2)
+      actionpack (= 3.0.0.rc2)
+      activerecord (= 3.0.0.rc2)
+      activeresource (= 3.0.0.rc2)
+      activesupport (= 3.0.0.rc2)
+      bundler (>= 1.0.0.rc.6)
+      railties (= 3.0.0.rc2)
+    railties (3.0.0.rc2)
+      actionpack (= 3.0.0.rc2)
+      activesupport (= 3.0.0.rc2)
+      rake (>= 0.8.3)
       thor (~> 0.14.0)
     rake (0.8.7)
     ruby-debug (0.10.3)
@@ -107,7 +107,7 @@ DEPENDENCIES
   mocha
   mongo
   mongoid!
-  rails (= 3.0.0)
+  rails (= 3.0.0.rc2)
   ruby-debug (>= 0.10.3)
   sqlite3-ruby
   warden (= 0.10.7)

devise.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{devise}
-  s.version = "1.1.3"
+  s.version = "1.1.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Jos\303\251 Valim", "Carlos Ant\303\264nio"]
-  s.date = %q{2010-09-24}
+  s.date = %q{2010-08-25}
   s.description = %q{Flexible authentication solution for Rails with Warden}
   s.email = %q{contact@plataformatec.com.br}
   s.extra_rdoc_files = [

lib/devise/hooks/forgetable.rb

@@ -5,7 +5,7 @@
 Warden::Manager.before_logout do |record, warden, options|
   if record.respond_to?(:forget_me!)
     record.forget_me! unless record.frozen?
-    cookie_options = record.cookie_domain? ? { :domain => record.cookie_domain } : {}
-    warden.cookies.delete("remember_#{options[:scope]}_token", cookie_options)
+    options = record.cookie_domain? ? { :domain => record.cookie_domain } : {}
+    warden.cookies.delete("remember_#{options[:scope]}_token", options)
   end
 end

lib/devise/models/database_authenticatable.rb

@@ -82,9 +82,7 @@ module Devise
 
       # Digests the password using the configured encryptor.
       def password_digest(password)
-        if self.password_salt.present?
-          self.class.encryptor_class.digest(password, self.class.stretches, self.password_salt, self.class.pepper)
-        end
+        self.class.encryptor_class.digest(password, self.class.stretches, self.password_salt, self.class.pepper)
       end
 
       module ClassMethods

lib/devise/models/lockable.rb

@@ -81,8 +81,6 @@ module Devise
         when TrueClass
           self.failed_attempts = 0
         when FalseClass
-          # PostgreSQL uses nil as the default value for integer columns set to 0
-          self.failed_attempts ||= 0
           self.failed_attempts += 1
           if attempts_exceeded?
             lock_access!

lib/devise/schema.rb

@@ -19,7 +19,7 @@ module Devise
     # encrypter password field in 128 characters.
     def database_authenticatable(options={})
       null    = options[:null] || false
-      default = options.key?(:default) ? options[:default] : ("" if null == false)
+      default = options[:default] || ""
 
       if options.delete(:encryptor)
         ActiveSupport::Deprecation.warn ":encryptor as option is deprecated, simply remove it."

lib/devise/strategies/authenticatable.rb

@@ -96,8 +96,8 @@ module Devise
 
       # Helper to decode credentials from HTTP.
       def decode_credentials
-        return [] unless request.authorization && request.authorization =~ /^Basic (.*)/
-        ActiveSupport::Base64.decode64($1).split(/:/, 2)
+        username_and_password = request.authorization.split(' ', 2).last || ''
+        ActiveSupport::Base64.decode64(username_and_password).split(/:/, 2)
       end
 
       # Sets the authentication hash and the password from params_auth_hash or http_auth_hash.

lib/devise/version.rb

@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "1.1.3".freeze
+  VERSION = "1.1.2".freeze
 end

lib/generators/devise/views_generator.rb

@@ -7,7 +7,7 @@ module Devise
       argument :scope, :required => false, :default => nil,
                        :desc => "The scope to copy views to"
 
-      class_option :template_engine, :type => :string, :aliases => "-t",
+      class_option :template_engine, :type => :string, :aliases => "-t", :default => "erb",
                                      :desc => "Template engine for the views. Available options are 'erb' and 'haml'."
 
       def copy_views

test/controllers/helpers_test.rb

@@ -60,36 +60,26 @@ class ControllerAuthenticableTest < ActionController::TestCase
     @controller.anybody_signed_in?
   end
 
-  test 'proxy current_user to authenticate with user scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :user)
-    @controller.current_user
-  end
-
   test 'proxy current_admin to authenticate with admin scope' do
     @mock_warden.expects(:authenticate).with(:scope => :admin)
     @controller.current_admin
   end
 
-  test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
-    @mock_warden.expects(:authenticate).with(:scope => :publisher_account)
-    @controller.current_publisher_account
+  test 'proxy current_user to authenticate with user scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :user)
+    @controller.current_user
   end
 
-  test 'proxy authenticate_user! to authenticate with user scope' do
+  test 'proxy user_authenticate! to authenticate with user scope' do
     @mock_warden.expects(:authenticate!).with(:scope => :user)
     @controller.authenticate_user!
   end
 
-  test 'proxy authenticate_admin! to authenticate with admin scope' do
+  test 'proxy admin_authenticate! to authenticate with admin scope' do
     @mock_warden.expects(:authenticate!).with(:scope => :admin)
     @controller.authenticate_admin!
   end
 
-  test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
-    @mock_warden.expects(:authenticate!).with(:scope => :publisher_account)
-    @controller.authenticate_publisher_account!
-  end
-
   test 'proxy user_signed_in? to authenticate? with user scope' do
     @mock_warden.expects(:authenticate?).with(:scope => :user)
     @controller.user_signed_in?
@@ -100,11 +90,6 @@ class ControllerAuthenticableTest < ActionController::TestCase
     @controller.admin_signed_in?
   end
 
-  test 'proxy publisher_account_signed_in? to authenticate? with namespaced publisher account scope' do
-    @mock_warden.expects(:authenticate?).with(:scope => :publisher_account)
-    @controller.publisher_account_signed_in?
-  end
-
   test 'proxy user_session to session scope in warden' do
     @mock_warden.expects(:authenticate).with(:scope => :user).returns(true)
     @mock_warden.expects(:session).with(:user).returns({})
@@ -117,12 +102,6 @@ class ControllerAuthenticableTest < ActionController::TestCase
     @controller.admin_session
   end
 
-  test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
-    @mock_warden.expects(:authenticate).with(:scope => :publisher_account).returns(true)
-    @mock_warden.expects(:session).with(:publisher_account).returns({})
-    @controller.publisher_account_session
-  end
-
   test 'sign in proxy to set_user on warden' do
     user = User.new
     @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)

test/integration/authenticatable_test.rb

@@ -313,7 +313,7 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
   test 'sign in with script name' do
     assert_nothing_raised do
       get new_user_session_path, {}, "SCRIPT_NAME" => "/omg"
-      fill_in "email", :with => "user@test.com"
+      fill_in "email", "user@test.com"
     end
   end
 

test/integration/http_authenticatable_test.rb

@@ -39,14 +39,6 @@ class HttpAuthenticationTest < ActionController::IntegrationTest
     end
   end
 
-  test 'test request with oauth2 header doesnt get mistaken for basic authentication' do
-    swap Devise, :http_authenticatable => true do
-      add_oauth2_header
-      assert_equal 401, status
-      assert_equal 'Basic realm="Application"', headers["WWW-Authenticate"]
-    end
-  end
-
   private
 
     def sign_in_as_new_user_with_http(username="user@test.com", password="123456")
@@ -54,11 +46,4 @@ class HttpAuthenticationTest < ActionController::IntegrationTest
       get users_path(:format => :xml), {}, "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("#{username}:#{password}")}"
       user
     end
-    
-    # Sign in with oauth2 token. This is just to test that it isn't misinterpreted as basic authentication
-    def add_oauth2_header
-      user = create_user
-      get users_path(:format => :xml), {}, "HTTP_AUTHORIZATION" => "OAuth #{ActiveSupport::Base64.encode64("#{user.email}:123456")}"
-    end
-
 end

test/integration/registerable_test.rb

@@ -66,7 +66,7 @@ class RegistrationTest < ActionController::IntegrationTest
     click_button 'Sign up'
 
     assert_current_url '/users'
-    assert_contain(/Email .* already.*taken/)
+    assert_contain(/Email .* already .* taken/)
 
     assert_not warden.authenticated?(:user)
   end

test/integration/rememberable_test.rb

@@ -131,7 +131,6 @@ class RememberMeTest < ActionController::IntegrationTest
     get destroy_user_session_path
     assert_not warden.authenticated?(:user)
     assert_nil user.reload.remember_token
-    assert_nil warden.cookies['remember_user_token']
   end
 
   test 'do not remember the user anymore after forget' do
@@ -141,6 +140,5 @@ class RememberMeTest < ActionController::IntegrationTest
     get destroy_user_session_path
     get users_path
     assert_not warden.authenticated?(:user)
-    assert_nil warden.cookies['remember_user_token']
   end
 end

test/models/database_authenticatable_test.rb

@@ -98,13 +98,6 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
     assert_not user.valid_password?('654321')
   end
 
-  test 'should not validate password when salt is nil' do
-    admin = create_admin
-    admin.password_salt = nil
-    admin.save
-    assert_not admin.valid_password?('123456')
-  end
-
   test 'should respond to current password' do
     assert new_user.respond_to?(:current_password)
   end

test/support/helpers.rb

@@ -37,12 +37,6 @@ class ActiveSupport::TestCase
     User.create!(valid_attributes(attributes))
   end
 
-  def create_admin(attributes={})
-    valid_attributes = valid_attributes(attributes)
-    valid_attributes.delete(:username)
-    Admin.create!(valid_attributes)
-  end
-
   # Execute the block setting the given values and restoring old values after
   # the block is executed.
   def swap(object, new_values)