Bump to 1.1.pre3

Points MongoMapper dependency to use a fork on MongoMapper that supports Rails3.

CHANGELOG.rdoc

@@ -4,10 +4,30 @@
   * Rails 3 compatibility.
   * All controllers and views are namespaced, for example: Devise::SessionsController and "devise/sessions".
   * You can specify the controller in routes and have specific controllers for each role.
+  * Devise.orm is deprecated. This reduces the required API to hook your ORM with devise.
+  * Use metal for failure app.
+  * HTML e-mails now have proper formatting.
+  * Do not remove options from Datamapper and MongoMapper in find
 
 * deprecations
   * Rails 3 compatible only.
   * Scoped views are no longer "sessions/users/new". Now use "users/sessions/new".
+  * Devise.orm is deprecated, just require "devise/orm/YOUR_ORM" instead.
+  * Devise.default_url_options is deprecated, just modify ApplicationController.default_url_options.
+
+== 1.0.3
+
+* enhancements
+  * HTML e-mails now have proper formatting
+  * Do not remove MongoMapper options in find
+
+== 1.0.2
+
+* enhancements
+  * Allows you set mailer content type (by github.com/glennr)
+
+* bug fix
+  * Uses the same content type as request on http authenticatable 401 responses
 
 == 1.0.1
 

Gemfile

@@ -1,7 +1,7 @@
 source "http://gemcutter.org"
 
 gem "rails", "3.0.0.beta"
-gem "warden", "0.9.3"
+gem "warden", "0.9.4"
 gem "sqlite3-ruby", :require => "sqlite3"
 gem "webrat", "0.7"
 gem "mocha", :require => false
@@ -14,5 +14,5 @@ end
 group :mongo_mapper do
   gem "mongo",        "0.18.3"
   gem "mongo_ext",    "0.18.3", :require => false
-  gem "mongo_mapper", "0.7.0"
-end
+  gem "mongo_mapper", :git => "git://github.com/merbjedi/mongomapper.git", :branch => "rails3"
+end

README.rdoc

@@ -271,7 +271,8 @@ We have a long running list of contributors. Check them in the CHANGELOG or do `
 If you discover any bugs or want to drop a line, feel free to create an issue on
 GitHub or send an e-mail to the mailing list.
 
-http://github.com/plataformatec/devise/issues
-http://groups.google.com/group/plataformatec-devise
+http://github.com/plataformatec/devise/issues | 
+http://groups.google.com/group/plataformatec-devise | 
+http://wiki.github.com/plataformatec/devise/
 
 MIT License. Copyright 2009 Plataforma Tecnologia. http://blog.plataformatec.com.br

Rakefile

@@ -45,7 +45,7 @@ begin
     s.authors = ['José Valim', 'Carlos Antônio']
     s.files =  FileList["[A-Z]*", "{app,config,lib}/**/*"]
     s.extra_rdoc_files = FileList["[A-Z]*"] - %w(Gemfile Rakefile)
-    s.add_dependency("warden", "~> 0.9.3")
+    s.add_dependency("warden", "~> 0.9.4")
   end
 
   Jeweler::GemcutterTasks.new

app/controllers/devise/registrations_controller.rb

@@ -4,7 +4,7 @@ class Devise::RegistrationsController < ApplicationController
   before_filter :require_no_authentication, :only => [ :new, :create ]
   before_filter :authenticate_scope!, :only => [:edit, :update, :destroy]
 
-  # GET /resource/sign_in
+  # GET /resource/sign_up
   def new
     build_resource
     render_with_scope :new
@@ -54,4 +54,4 @@ class Devise::RegistrationsController < ApplicationController
       send(:"authenticate_#{resource_name}!")
       self.resource = send(:"current_#{resource_name}")
     end
-end
+end

app/views/devise/mailer/confirmation_instructions.html.erb

@@ -1,5 +1,5 @@
-Welcome <%= @resource.email %>!
+<p>Welcome <%= @resource.email %>!</p>
 
-You can confirm your account through the link below:
+<p>You can confirm your account through the link below:</p>
 
-<%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token) %>
+<p><%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token) %></p>

app/views/devise/mailer/reset_password_instructions.html.erb

@@ -1,8 +1,8 @@
-Hello <%= @resource.email %>!
+<p>Hello <%= @resource.email %>!</p>
 
-Someone has requested a link to change your password, and you can do this through the link below.
+<p>Someone has requested a link to change your password, and you can do this through the link below.</p>
 
-<%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token) %>
+<p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token) %></p>
 
-If you didn't request this, please ignore this email.
-Your password won't change until you access the link above and create a new one.
+<p>If you didn't request this, please ignore this email.</p>
+<p>Your password won't change until you access the link above and create a new one.</p>

app/views/devise/mailer/unlock_instructions.html.erb

@@ -1,7 +1,7 @@
-Hello <%= @resource.email %>!
+<p>Hello <%= @resource.email %>!</p>
 
-Your account has been locked due to an excessive amount of unsuccessful sign in attempts.
+<p>Your account has been locked due to an excessive amount of unsuccessful sign in attempts.</p>
 
-Click the link below to unlock your account:
+<p>Click the link below to unlock your account:</p>
 
-<%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token) %>
+<p><%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token) %></p>

devise.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{devise}
-  s.version = "1.1.pre"
+  s.version = "1.1.pre3"
 
   s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
   s.authors = ["Jos\303\251 Valim", "Carlos Ant\303\264nio"]
-  s.date = %q{2010-02-17}
+  s.date = %q{2010-02-24}
   s.description = %q{Flexible authentication solution for Rails with Warden}
   s.email = %q{contact@plataformatec.com.br}
   s.extra_rdoc_files = [
@@ -171,12 +171,12 @@ Gem::Specification.new do |s|
     s.specification_version = 3
 
     if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<warden>, ["~> 0.9.3"])
+      s.add_runtime_dependency(%q<warden>, ["~> 0.9.4"])
     else
-      s.add_dependency(%q<warden>, ["~> 0.9.3"])
+      s.add_dependency(%q<warden>, ["~> 0.9.4"])
     end
   else
-    s.add_dependency(%q<warden>, ["~> 0.9.3"])
+    s.add_dependency(%q<warden>, ["~> 0.9.4"])
   end
 end
 

lib/devise.rb

@@ -1,5 +1,6 @@
 module Devise
   autoload :FailureApp, 'devise/failure_app'
+  autoload :Models, 'devise/models'
   autoload :Schema, 'devise/schema'
   autoload :TestHelpers, 'devise/test_helpers'
 
@@ -20,12 +21,6 @@ module Devise
     autoload :Sha1, 'devise/encryptors/sha1'
   end
 
-  module Orm
-    autoload :ActiveRecord, 'devise/orm/active_record'
-    autoload :DataMapper, 'devise/orm/data_mapper'
-    autoload :MongoMapper, 'devise/orm/mongo_mapper'
-  end
-
   ALL = []
 
   # Authentication ones first
@@ -104,14 +99,6 @@ module Devise
   mattr_accessor :mappings
   @@mappings = ActiveSupport::OrderedHash.new
 
-  # Stores the chosen ORM.
-  mattr_accessor :orm
-  @@orm = :active_record
-
-  # TODO Remove
-  mattr_accessor :all
-  @@all = []
-
   # Tells if devise should apply the schema in ORMs where devise declaration
   # and schema belongs to the same class (as Datamapper and MongoMapper).
   mattr_accessor :apply_schema
@@ -162,6 +149,18 @@ module Devise
       yield self
     end
 
+    # TODO Remove me on 1.1.0 final
+    def orm=(value)
+      ActiveSupport::Deprecation.warn "Devise.orm= and config.orm= are deprecated. " <<
+        "Just load \"devise/orm/\#{ORM_NAME}\" if Devise supports your ORM"
+    end
+
+    # TODO Remove me on 1.1.0 final
+    def default_url_options
+      ActiveSupport::Deprecation.warn "Devise.default_url_options and config.default_url_options are deprecated. " <<
+        "Just modify ApplicationController.default_url_options and Devise will automatically pick it up"
+    end
+
     # Sets warden configuration using a block that will be invoked on warden
     # initialization.
     #
@@ -177,11 +176,6 @@ module Devise
       @warden_config = block
     end
 
-    # Configure default url options to be used within Devise and ActionController.
-    def default_url_options(&block)
-      Devise::Mapping.metaclass.send :define_method, :default_url_options, &block
-    end
-
     # A method used internally to setup warden manager from the Rails initialize
     # block.
     def configure_warden(config) #:nodoc:
@@ -194,11 +188,6 @@ module Devise
       @warden_config.try :call, config
     end
 
-    # The class of the configured ORM
-    def orm_class
-      Devise::Orm.const_get(@@orm.to_s.camelize.to_sym)
-    end
-
     # Generate a friendly string randomically to be used as token.
     def friendly_token
       ActiveSupport::SecureRandom.base64(15).tr('+/=', '-_ ').strip.delete("\n")

lib/devise/controllers/helpers.rb

@@ -7,12 +7,6 @@ module Devise
       included do
         helper_method :warden, :signed_in?, :devise_controller?,
                       *Devise.mappings.keys.map { |m| [:"current_#{m}", :"#{m}_signed_in?"] }.flatten
-
-        # Use devise default_url_options. We have to declare it here to overwrite
-        # default definitions.
-        def default_url_options(options=nil)
-          Devise::Mapping.default_url_options
-        end
       end
 
       # The main accessor for the warden proxy instance

lib/devise/failure_app.rb

@@ -1,57 +1,54 @@
+require "action_controller/metal"
+
 module Devise
   # Failure application that will be called every time :warden is thrown from
   # any strategy or hook. Responsible for redirect the user to the sign in
   # page based on current scope and mapping. If no scope is given, redirect
   # to the default_url.
-  class FailureApp
-    attr_reader :env
-    include Warden::Mixins::Common
+  class FailureApp < ActionController::Metal
+    include ActionController::RackDelegation
+    include ActionController::UrlFor
+    include ActionController::Redirecting
 
-    cattr_accessor :default_url, :default_message, :instance_writer => false
-    @@default_message = :unauthenticated
+    mattr_accessor :default_message
+    self.default_message = :unauthenticated
 
     def self.call(env)
-      new(env).respond!
+      action(:respond).call(env)
     end
 
-    def initialize(env)
-      @env = env
+    def self.default_url_options(*args)
+      ApplicationController.default_url_options(*args)
     end
 
-    def respond!
-      options = @env['warden.options']
-      scope   = options[:scope]
-
-      redirect_path = if mapping = Devise.mappings[scope]
-        "#{mapping.parsed_path}/#{mapping.path_names[:sign_in]}"
-      else
-        "/#{default_url}"
-      end
-      query_string = query_string_for(options)
+    def respond
+      scope = warden_options[:scope]
       store_location!(scope)
-
-      headers = {}
-      headers["Location"] = redirect_path
-      headers["Location"] << "?" << query_string unless query_string.empty?
-      headers["Content-Type"] = 'text/plain'
-
-      [302, headers, ["You are being redirected to #{redirect_path}"]]
+      redirect_to send(:"new_#{scope}_session_path", query_string_params)
     end
 
+  protected
+
     # Build the proper query string based on the given message.
-    def query_string_for(options)
-      message = @env['warden'].try(:message) || options[:message] || default_message
+    def query_string_params
+      message = warden.try(:message) || warden_options[:message] || self.class.default_message
 
-      params = case message
-        when Symbol
-          { message => true }
-        when String
-          { :message => message }
-        else
-          {}
+      case message
+      when Symbol
+        { message => true }
+      when String
+        { :message => message }
+      else
+        {}
       end
+    end
 
-      Rack::Utils.build_query(params)
+    def warden
+      env['warden']
+    end
+
+    def warden_options
+      env['warden.options']
     end
 
     # Stores requested uri to redirect the user after signing in. We cannot use

lib/devise/mapping.rb

@@ -56,11 +56,6 @@ module Devise
       end
     end
 
-    # Default url options which can be used as prefix.
-    def self.default_url_options
-      {}
-    end
-
     def initialize(name, options) #:nodoc:
       @as    = (options.delete(:as) || name).to_sym
       @klass = (options.delete(:class_name) || name.to_s.classify).to_s
@@ -95,19 +90,10 @@ module Devise
     end
 
     # Returns the raw path using path_prefix and as.
-    def raw_path
+    def path
       path_prefix + as.to_s
     end
 
-    # Returns the parsed path taking into account the relative url root and raw path.
-    def parsed_path
-      returning (ActionController::Base.relative_url_root.to_s + raw_path) do |path|
-        self.class.default_url_options.each do |key, value|
-          path.gsub!(key.inspect, value.to_param)
-        end
-      end
-    end
-
     # Create magic predicates for verifying what module is activated by this map.
     # Example:
     #

lib/devise/models.rb

@@ -57,15 +57,12 @@ module Devise
     #
     def devise(*modules)
       raise "You need to give at least one Devise module" if modules.empty?
-      options  = modules.extract_options!
 
+      options = modules.extract_options!
       @devise_modules = Devise::ALL & modules.map(&:to_sym).uniq
 
-      Devise.orm_class.included_modules_hook(self) do
-        devise_modules.each do |m|
-          include Devise::Models.const_get(m.to_s.classify)
-        end
-
+      devise_modules_hook! do
+        devise_modules.each { |m| include Devise::Models.const_get(m.to_s.classify) }
         options.each { |key, value| send(:"#{key}=", value) }
       end
     end
@@ -76,6 +73,12 @@ module Devise
       @devise_modules ||= []
     end
 
+    # The hook which is called inside devise. So your ORM can include devise
+    # compatibility stuff.
+    def devise_modules_hook!
+      yield
+    end
+
     # Find an initialize a record setting an error if it can't be found.
     def find_or_initialize_with_error_by(attribute, value, error=:invalid)
       if value.present?

lib/devise/orm/active_record.rb

@@ -19,16 +19,13 @@ module Devise
     #   add_index "accounts", ["reset_password_token"], :name => "reset_password_token", :unique => true
     #
     module ActiveRecord
-      # Required ORM hook. Just yield the given block in ActiveRecord.
-      def self.included_modules_hook(klass)
-        yield
-      end
+      module Schema
+        include Devise::Schema
 
-      include Devise::Schema
-
-      # Tell how to apply schema methods.
-      def apply_schema(name, type, options={})
-        column name, type.to_s.downcase.to_sym, options
+        # Tell how to apply schema methods.
+        def apply_schema(name, type, options={})
+          column name, type.to_s.downcase.to_sym, options
+        end
       end
     end
   end
@@ -36,6 +33,6 @@ end
 
 if defined?(ActiveRecord)
   ActiveRecord::Base.extend Devise::Models
-  ActiveRecord::ConnectionAdapters::Table.send :include, Devise::Orm::ActiveRecord
-  ActiveRecord::ConnectionAdapters::TableDefinition.send :include, Devise::Orm::ActiveRecord
+  ActiveRecord::ConnectionAdapters::Table.send :include, Devise::Orm::ActiveRecord::Schema
+  ActiveRecord::ConnectionAdapters::TableDefinition.send :include, Devise::Orm::ActiveRecord::Schema
 end

lib/devise/orm/data_mapper.rb

@@ -1,83 +1,86 @@
 module Devise
   module Orm
     module DataMapper
-      module InstanceMethods
-        def save(flag=nil)
-          if flag == false
+      module Hook
+        def devise_modules_hook!
+          extend Schema
+          include Compatibility
+          yield
+          return unless Devise.apply_schema
+          devise_modules.each { |m| send(m) if respond_to?(m, true) }
+        end
+      end
+
+      module Schema
+        include Devise::Schema
+
+        SCHEMA_OPTIONS = {
+          :null  => :required,
+          :limit => :length
+        }
+
+        # Tell how to apply schema methods. This automatically maps :limit to
+        # :length and :null to :required.
+        def apply_schema(name, type, options={})
+          SCHEMA_OPTIONS.each do |old_key, new_key|
+            next unless options.key?(old_key)
+            options[new_key] = !options.delete(old_key)
+          end
+
+          property name, type, options
+        end
+      end
+
+      module Compatibility
+        extend ActiveSupport::Concern
+
+        module ClassMethods
+          # Hooks for confirmable
+          def before_create(*args)
+            wrap_hook(:before, *args)
+          end
+
+          def after_create(*args)
+            wrap_hook(:after, *args)
+          end
+
+          def wrap_hook(action, *args)
+            options = args.extract_options!
+
+            args.each do |callback|
+              send action, :create, callback
+              class_eval <<-METHOD, __FILE__, __LINE__ + 1
+                def #{callback}
+                  super if #{options[:if] || true}
+                end
+              METHOD
+            end
+          end
+
+          # Add ActiveRecord like finder
+          def find(*args)
+            case args.first
+            when :first, :all
+              send(args.shift, *args)
+            else
+              get(*args)
+            end
+          end
+        end
+
+        def save(options=nil)
+          if options.is_a?(Hash) && options[:validate] == false
             save!
           else
             super()
           end
         end
       end
-
-      def self.included_modules_hook(klass)
-        klass.send :extend,  self
-        klass.send :include, InstanceMethods
-
-        yield
-
-        klass.devise_modules.each do |mod|
-          klass.send(mod) if klass.respond_to?(mod)
-        end
-      end
-
-      include Devise::Schema
-
-      SCHEMA_OPTIONS = {
-        :null  => :nullable,
-        :limit => :length
-      }
-
-      # Hooks for confirmable
-      def before_create(*args)
-        wrap_hook(:before, *args)
-      end
-
-      def after_create(*args)
-        wrap_hook(:after, *args)
-      end
-
-      def wrap_hook(action, *args)
-        options = args.extract_options!
-
-        args.each do |callback|
-          send action, :create, callback
-          class_eval <<-METHOD, __FILE__, __LINE__ + 1
-            def #{callback}
-              super if #{options[:if] || true}
-            end
-          METHOD
-        end
-      end
-
-      # Add ActiveRecord like finder
-      def find(*args)
-        options = args.extract_options!
-        case args.first
-          when :first
-            first(options)
-          when :all
-            all(options)
-          else
-            get(*args)
-        end
-      end
-
-      # Tell how to apply schema methods. This automatically maps :limit to
-      # :length and :null to :nullable.
-      def apply_schema(name, type, options={})
-        return unless Devise.apply_schema
-
-        SCHEMA_OPTIONS.each do |old_key, new_key|
-          next unless options.key?(old_key)
-          options[new_key] = options.delete(old_key)
-        end
-
-        property name, type, options
-      end
     end
   end
 end
 
-DataMapper::Model.send(:include, Devise::Models)
+DataMapper::Model.class_eval do
+  extend  Devise::ORM::DataMapper::Hook
+  include Devise::Models
+end

lib/devise/orm/mongo_mapper.rb

@@ -1,39 +1,49 @@
 module Devise
   module Orm
     module MongoMapper
-      def self.included_modules_hook(klass)
-        klass.send :extend, self
-        yield
-
-        klass.devise_modules.each do |mod|
-          klass.send(mod) if klass.respond_to?(mod)
+      module Hook
+        def devise_modules_hook!
+          extend Schema
+          include Compatibility
+          yield
+          return unless Devise.apply_schema
+          devise_modules.each { |m| send(m) if respond_to?(m, true) }
         end
       end
-      
-      def find(*args)
-        options = args.extract_options!
-        case args.first
-          when :first
-            first(options)
-          when :all
-            all(options)
-          else
-            super
+
+      module Schema
+        include Devise::Schema
+
+        # Tell how to apply schema methods. This automatically converts DateTime
+        # to Time, since MongoMapper does not recognize the former.
+        def apply_schema(name, type, options={})
+          type = Time if type == DateTime
+          key name, type, options
         end
       end
-      
-      include Devise::Schema
 
-      # Tell how to apply schema methods. This automatically converts DateTime
-      # to Time, since MongoMapper does not recognize the former.
-      def apply_schema(name, type, options={})
-        return unless Devise.apply_schema
-        type = Time if type == DateTime
-        key name, type, options
+      module Compatibility
+        extend ActiveSupport::Concern
+
+        module ClassMethods
+          def find(*args)
+            case args.first
+            when :first, :all
+              send(args.shift, *args)
+            else
+              super
+            end
+          end
+        end
       end
+
     end
   end
 end
 
-MongoMapper::Document::ClassMethods.send(:include, Devise::Models)
-MongoMapper::EmbeddedDocument::ClassMethods.send(:include, Devise::Models)
+[MongoMapper::Document, MongoMapper::EmbeddedDocument].each do |mod|
+  mod::ClassMethods.class_eval do
+    include Devise::Models
+    include Devise::Orm::MongoMapper::Hook
+  end
+end

lib/devise/rails.rb

@@ -8,9 +8,5 @@ module Devise
     config.middleware.use Warden::Manager do |config|
       Devise.configure_warden(config)
     end
-
-    config.after_initialize do
-      require "devise/orm/#{Devise.orm}"
-    end
   end
 end

lib/devise/rails/routes.rb

@@ -1,8 +1,7 @@
 module ActionDispatch::Routing
   class RouteSet #:nodoc:
     # Ensure Devise modules are included only after loading routes, because we
-    # need devise_for mappings already declared to create magic filters and
-    # helpers.
+    # need devise_for mappings already declared to create filters and helpers.
     def finalize_with_devise!
       finalize_without_devise!
       return if Devise.mappings.empty?
@@ -70,11 +69,13 @@ module ActionDispatch::Routing
     #
     #    devise_for :users, :path_prefix => "/:locale"
     #
-    #  If you are using a dynamic prefix, like :locale above, you need to configure default_url_options through Devise.
-    #  You can do that in config/initializers/devise.rb or setting a Devise.default_url_options:
+    #  If you are using a dynamic prefix, like :locale above, you need to configure default_url_options in your ApplicationController
+    #  class level, so Devise can pick it:
     #
-    #    Devise.default_url_options do
-    #      { :locale => I18n.locale }
+    #    class ApplicationController < ActionController::Base
+    #      def self.default_url_options
+    #        { :locale => I18n.locale }
+    #      end
     #    end
     #
     #  * :controllers => the controller which should be used. All routes by default points to Devise controllers.
@@ -104,7 +105,7 @@ module ActionDispatch::Routing
     protected
 
       def authenticatable(mapping, controllers)
-        scope mapping.raw_path do
+        scope mapping.path do
           get  mapping.path_names[:sign_in],  :to => "#{controllers[:sessions]}#new",     :as => :"new_#{mapping.name}_session"
           post mapping.path_names[:sign_in],  :to => "#{controllers[:sessions]}#create",  :as => :"#{mapping.name}_session"
           get  mapping.path_names[:sign_out], :to => "#{controllers[:sessions]}#destroy", :as => :"destroy_#{mapping.name}_session"
@@ -112,26 +113,26 @@ module ActionDispatch::Routing
       end
  
       def recoverable(mapping, controllers)
-        scope mapping.raw_path, :name_prefix => mapping.name do
+        scope mapping.path, :name_prefix => mapping.name do
           resource :password, :only => [:new, :create, :edit, :update], :as => mapping.path_names[:password], :controller => controllers[:passwords]
         end
       end
  
       def confirmable(mapping, controllers)
-        scope mapping.raw_path, :name_prefix => mapping.name do
+        scope mapping.path, :name_prefix => mapping.name do
           resource :confirmation, :only => [:new, :create, :show], :as => mapping.path_names[:confirmation], :controller => controllers[:confirmations]
         end
       end
  
       def lockable(mapping, controllers)
-        scope mapping.raw_path, :name_prefix => mapping.name do
+        scope mapping.path, :name_prefix => mapping.name do
           resource :unlock, :only => [:new, :create, :show], :as => mapping.path_names[:unlock], :controller => controllers[:unlocks]
         end
       end
 
       def registerable(mapping, controllers)
         scope :name_prefix => mapping.name do
-          resource :registration, :only => [:new, :create, :edit, :update, :destroy], :as => mapping.raw_path[1..-1],
+          resource :registration, :only => [:new, :create, :edit, :update, :destroy], :as => mapping.path[1..-1],
                    :path_names => { :new => mapping.path_names[:sign_up] }, :controller => controllers[:registrations]
         end
       end

lib/devise/strategies/http_authenticatable.rb

@@ -14,7 +14,7 @@ module Devise
         if resource = mapping.to.authenticate_with_http(username, password)
           success!(resource)
         else
-          custom!([401, custom_headers, ["HTTP Basic: Access denied.\n"]])
+          custom!([401, custom_headers, [response_body]])
         end
       end
 
@@ -28,9 +28,15 @@ module Devise
         ActiveSupport::Base64.decode64(request.authorization.split(' ', 2).last || '')
       end
 
+      def response_body
+        body   = "HTTP Basic: Access denied."
+        method = :"to_#{request.format.to_sym}"
+        {}.respond_to?(method) ? { :error => body }.send(method) : body
+      end
+
       def custom_headers
         {
-          "Content-Type" => "text/plain",
+          "Content-Type" => request.format.to_s,
           "WWW-Authenticate" => %(Basic realm="#{Devise.http_authentication_realm.gsub(/"/, "")}")
         }
       end

lib/devise/version.rb

@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "1.1.pre".freeze
+  VERSION = "1.1.pre3".freeze
 end

lib/generators/devise_install/templates/README

@@ -11,8 +11,9 @@ Some setup you must do manually if you haven't yet:
      This is a required Rails configuration. In production is must be the
      actual host of your application
 
-  2. Ensure you have defined root_url to *something* in your config/routes.rb:
+  2. Ensure you have defined root_url to *something* in your config/routes.rb.
+     For example:
 
-       map.root :controller => 'home'
+       root :to => "home#index"
 
 ===============================================================================

lib/generators/devise_install/templates/devise.rb

@@ -63,8 +63,7 @@ Devise.setup do |config|
   # ==> General configuration
   # Load and configure the ORM. Supports :active_record (default), :mongo_mapper
   # (requires mongo_ext installed) and :data_mapper (experimental).
-  # require 'devise/orm/mongo_mapper'
-  # config.orm = :mongo_mapper
+  require 'devise/orm/active_record'
 
   # Turn scoped views on. Before rendering "sessions/new", it will first check for
   # "sessions/users/new". It's turned off by default because it's slower if you
@@ -93,10 +92,4 @@ Devise.setup do |config|
   #   end
   #   manager.default_strategies.unshift :twitter_oauth
   # end
-
-  # Configure default_url_options if you are using dynamic segments in :path_prefix
-  # for devise_for.
-  # config.default_url_options do
-  #   { :locale => I18n.locale }
-  # end
 end

lib/generators/devise_views/devise_views_generator.rb

@@ -8,4 +8,8 @@ class DeviseViewsGenerator < Rails::Generators::Base
   def copy_views
     directory "devise"
   end
+
+  def say_restart_server
+    say "Views copied. Please restart your server."
+  end
 end

test/controllers/helpers_test.rb

@@ -178,13 +178,4 @@ class ControllerAuthenticableTest < ActionController::TestCase
   test 'is not a devise controller' do
     assert_not @controller.devise_controller?
   end
-
-  test 'default url options are retrieved from devise' do
-    begin
-      Devise.default_url_options {{ :locale => I18n.locale }}
-      assert_equal({ :locale => :en }, @controller.send(:default_url_options))
-    ensure
-      Devise.default_url_options {{ }}
-    end
-  end
 end

test/failure_app_test.rb

@@ -7,6 +7,7 @@ class FailureTest < ActiveSupport::TestCase
     env = {
       'warden.options' => { :scope => :user },
       'REQUEST_URI' => 'http://test.host/',
+      'HTTP_HOST' => 'test.host',
       'REQUEST_METHOD' => 'GET',
       'rack.session' => {}
     }.merge!(env_params)
@@ -18,32 +19,28 @@ class FailureTest < ActiveSupport::TestCase
   end
 
   test 'return to the default redirect location' do
-    assert_equal '/users/sign_in?unauthenticated=true', call_failure.second['Location']
+    assert_equal 'http://test.host/users/sign_in?unauthenticated=true', call_failure.second['Location']
   end
 
   test 'uses the proxy failure message' do
     warden = OpenStruct.new(:message => :test)
     location = call_failure('warden' => warden).second['Location']
-    assert_equal '/users/sign_in?test=true', location
+    assert_equal 'http://test.host/users/sign_in?test=true', location
   end
 
   test 'uses the given message' do
     warden = OpenStruct.new(:message => 'Hello world')
     location = call_failure('warden' => warden).second['Location']
-    assert_equal '/users/sign_in?message=Hello+world', location
+    assert_equal 'http://test.host/users/sign_in?message=Hello+world', location
   end
 
-  test 'setup default url' do
-    Devise::FailureApp.default_url = 'test/sign_in'
-    location = call_failure('warden.options' => { :scope => nil }).second['Location']
-    assert_equal '/test/sign_in?unauthenticated=true', location
-  end
-
-  test 'set content type to default text/plain' do
-    assert_equal 'text/plain', call_failure.second['Content-Type']
+  test 'set content type to default text/html' do
+    assert_equal 'text/html; charset=utf-8', call_failure.second['Content-Type']
   end
 
   test 'setup a default message' do
-    assert_equal ['You are being redirected to /users/sign_in?unauthenticated=true'], call_failure.last
+    assert_match /You are being/, call_failure.last.body
+    assert_match /redirected/, call_failure.last.body
+    assert_match /\?unauthenticated=true/, call_failure.last.body
   end
 end

test/integration/http_authenticatable_test.rb

@@ -16,6 +16,13 @@ class HttpAuthenticationTest < ActionController::IntegrationTest
     assert_equal 'Basic realm="Application"', headers["WWW-Authenticate"]
   end
 
+  test 'uses the request format as response content type' do
+    sign_in_as_new_user_with_http("unknown", "123456", :xml)
+    assert_equal 401, status
+    assert_equal "application/xml", headers["Content-Type"]
+    assert response.body.include?("<error>HTTP Basic: Access denied.</error>")
+  end
+
   test 'returns a custom response with www-authenticate and chosen realm' do
     swap Devise, :http_authentication_realm => "MyApp" do
       sign_in_as_new_user_with_http("unknown")
@@ -36,9 +43,9 @@ class HttpAuthenticationTest < ActionController::IntegrationTest
 
   private
 
-    def sign_in_as_new_user_with_http(username="user@test.com", password="123456")
+    def sign_in_as_new_user_with_http(username="user@test.com", password="123456", format=:html)
       user = create_user
-      get users_path, {}, "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("#{username}:#{password}")}"
+      get users_path(:format => format), {}, "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("#{username}:#{password}")}"
       user
     end
 end

test/integration/registerable_test.rb

@@ -16,7 +16,7 @@ class RegistrationTest < ActionController::IntegrationTest
     assert_contain 'You have signed up successfully.'
     assert warden.authenticated?(:admin)
 
-    admin = Admin.last
+    admin = Admin.last :order => "id"
     assert_equal admin.email, 'new_user@test.com'
   end
 
@@ -34,7 +34,7 @@ class RegistrationTest < ActionController::IntegrationTest
 
     assert_not warden.authenticated?(:user)
 
-    user = User.last
+    user = User.last :order => "id"
     assert_equal user.email, 'new_user@test.com'
     assert_not user.confirmed?
   end

test/integration/rememberable_test.rb

@@ -28,6 +28,14 @@ class RememberMeTest < ActionController::IntegrationTest
     assert warden.user(:user) == user
   end
 
+  test 'does not remember other scopes' do
+    user = create_user_and_remember
+    get root_path
+    assert_response :success
+    assert warden.authenticated?(:user)
+    assert_not warden.authenticated?(:admin)
+  end
+
   test 'do not remember with invalid token' do
     user = create_user_and_remember('add')
     get users_path

test/mapping_test.rb

@@ -4,7 +4,6 @@ class MappingTest < ActiveSupport::TestCase
 
   test 'store options' do
     mapping = Devise.mappings[:user]
-
     assert_equal User,                mapping.to
     assert_equal User.devise_modules, mapping.for
     assert_equal :users,              mapping.as
@@ -96,37 +95,9 @@ class MappingTest < ActiveSupport::TestCase
     assert_equal 2, Devise.mappings[:manager].as_position
   end
 
-  test 'raw path is returned' do
-    assert_equal '/users', Devise.mappings[:user].raw_path
-    assert_equal '/:locale/accounts', Devise.mappings[:manager].raw_path
-  end
-
-  test 'raw path ignores the relative_url_root' do
-    swap ActionController::Base, :relative_url_root => "/abc" do
-      assert_equal '/users', Devise.mappings[:user].raw_path
-    end
-  end
-
-  test 'parsed path is returned' do
-    begin
-      Devise.default_url_options {{ :locale => I18n.locale }}
-      assert_equal '/users', Devise.mappings[:user].parsed_path
-      assert_equal '/en/accounts', Devise.mappings[:manager].parsed_path
-    ensure
-      Devise.default_url_options {{ }}
-    end
-  end
-
-  test 'parsed path adds in the relative_url_root' do
-    swap ActionController::Base, :relative_url_root => '/abc' do
-      assert_equal '/abc/users', Devise.mappings[:user].parsed_path
-    end
-  end
-
-  test 'parsed path deals with a nil relative_url_root' do
-    swap ActionController::Base, :relative_url_root => nil do
-      assert_equal '/users', Devise.mappings[:user].raw_path
-    end
+  test 'path is returned with path prefix and as' do
+    assert_equal '/users', Devise.mappings[:user].path
+    assert_equal '/:locale/accounts', Devise.mappings[:manager].path
   end
 
   test 'magic predicates' do

test/rails_app/app/mongo_mapper/admin.rb

@@ -2,7 +2,7 @@ class Admin
   include MongoMapper::Document
   include MongoMapper::Plugins::Callbacks
 
-  devise :authenticatable, :timeoutable
+  devise :authenticatable, :timeoutable, :registerable
 
   def self.find_for_authentication(conditions)
     last(:conditions => conditions, :order => "email")

test/rails_app/app/mongo_mapper/user.rb

@@ -3,9 +3,9 @@ class User
 
   key :created_at, DateTime
 
-  devise :authenticatable, :http_authenticatable, :confirmable, :recoverable,
-         :rememberable, :trackable, :validatable, :timeoutable, :lockable,
-         :token_authenticatable
+  devise :authenticatable, :http_authenticatable, :confirmable, :lockable, :recoverable,
+         :registerable, :rememberable, :timeoutable, :token_authenticatable,
+         :trackable, :validatable
 
   # attr_accessible :username, :email, :password, :password_confirmation
 end

test/rails_app/app/views/layouts/application.html.erb

@@ -14,6 +14,10 @@
         <p>Hello User <%= current_user.email %>! You are signed in!</p>
       <% end -%>
 
+      <% if admin_signed_in? -%>
+        <p>Hello Admin <%= current_admin.email %>! You are signed in!</p>
+      <% end -%>
+
       <%= yield %>
     </div>
   </body>

test/rails_app/config/initializers/devise.rb

@@ -38,7 +38,6 @@ Devise.setup do |config|
 
   # Load and configure the ORM. Supports :active_record, :data_mapper and :mongo_mapper.
   require "devise/orm/#{DEVISE_ORM}"
-  config.orm = DEVISE_ORM
 
   # Turn scoped views on. Before rendering "sessions/new", it will first check for
   # "sessions/users/new". It's turned off by default because it's slower if you

test/support/integration.rb

@@ -50,7 +50,7 @@ class ActionController::IntegrationTest
   end
 
   def assert_current_path(path)
-    assert_equal path, current_url
+    assert_equal(prepend_host(path), prepend_host(current_url))
   end
 
   # Fix assert_redirect_to in integration sessions because they don't take into