AtHeartEngineer/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-09 23:58:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: AtHeartEngineer:v4.7.1
Branches Tags
AtHeartEngineer:main AtHeartEngineer:update-rack-unprocessable_content AtHeartEngineer:ca-devise-locale-throw AtHeartEngineer:password-length-dynamic AtHeartEngineer:4-stable AtHeartEngineer:mf-issue-5140 AtHeartEngineer:mf-check-for-devise-parent-mailer AtHeartEngineer:5-rc AtHeartEngineer:3-stable AtHeartEngineer:let-unsafe-redirect AtHeartEngineer:test-mongoid AtHeartEngineer:drv-improve-reset-token AtHeartEngineer:lm-jruby AtHeartEngineer:4-0-stable AtHeartEngineer:4-1-stable AtHeartEngineer:gh-pages AtHeartEngineer:v3.2 AtHeartEngineer:v2.2 AtHeartEngineer:v3.0 AtHeartEngineer:v3.1 AtHeartEngineer:v2.0 AtHeartEngineer:v2.1 AtHeartEngineer:v1.5 AtHeartEngineer:v1.0 AtHeartEngineer:v1.4 AtHeartEngineer:v1.3 AtHeartEngineer:v1.2 AtHeartEngineer:v1.1
AtHeartEngineer:v5.0.0.rc AtHeartEngineer:v4.9.4 AtHeartEngineer:v4.9.3 AtHeartEngineer:v4.9.2 AtHeartEngineer:v4.9.1 AtHeartEngineer:v4.9.0 AtHeartEngineer:v4.8.1 AtHeartEngineer:v4.8.0 AtHeartEngineer:v4.7.3 AtHeartEngineer:v4.7.2 AtHeartEngineer:v4.7.1 AtHeartEngineer:v4.7.0 AtHeartEngineer:v4.6.2 AtHeartEngineer:v4.6.1 AtHeartEngineer:v4.6.0 AtHeartEngineer:v4.5.0 AtHeartEngineer:v4.4.3 AtHeartEngineer:v4.4.2 AtHeartEngineer:v4.4.1 AtHeartEngineer:v4.4.0 AtHeartEngineer:v4.3.0 AtHeartEngineer:v4.2.1 AtHeartEngineer:v4.2.0 AtHeartEngineer:v3.5.10 AtHeartEngineer:v4.0.3 AtHeartEngineer:v4.1.1 AtHeartEngineer:v4.1.0 AtHeartEngineer:v3.5.9 AtHeartEngineer:v4.0.2 AtHeartEngineer:v4.0.1 AtHeartEngineer:v3.5.8 AtHeartEngineer:v3.5.7 AtHeartEngineer:v4.0.0 AtHeartEngineer:v4.0.0.rc2 AtHeartEngineer:v4.0.0.rc1 AtHeartEngineer:v3.5.6 AtHeartEngineer:v3.5.5 AtHeartEngineer:v3.5.4 AtHeartEngineer:v3.5.3 AtHeartEngineer:v3.5.2 AtHeartEngineer:v3.5.1 AtHeartEngineer:v3.5.0 AtHeartEngineer:v3.4.1 AtHeartEngineer:v3.4.0 AtHeartEngineer:v3.3.0 AtHeartEngineer:v3.2.4 AtHeartEngineer:v3.2.3 AtHeartEngineer:v3.2.2 AtHeartEngineer:v3.2.1 AtHeartEngineer:v2.2.8 AtHeartEngineer:v3.0.4 AtHeartEngineer:v3.1.2 AtHeartEngineer:v3.2.0 AtHeartEngineer:v3.1.1 AtHeartEngineer:v3.1.0 AtHeartEngineer:v2.0.6 AtHeartEngineer:v2.1.4 AtHeartEngineer:v2.2.7 AtHeartEngineer:v3.0.3 AtHeartEngineer:v3.1.0.rc2 AtHeartEngineer:v3.1.0.rc AtHeartEngineer:v2.2.6 AtHeartEngineer:v3.0.2 AtHeartEngineer:v3.0.1 AtHeartEngineer:v2.2.5 AtHeartEngineer:v3.0.0 AtHeartEngineer:v3.0.0.rc AtHeartEngineer:v2.2.4 AtHeartEngineer:v2.2.3 AtHeartEngineer:v2.2.2 AtHeartEngineer:v2.2.1 AtHeartEngineer:v2.2.0 AtHeartEngineer:v2.2.0.rc AtHeartEngineer:v2.1.2 AtHeartEngineer:v2.1.1 AtHeartEngineer:v2.1.0 AtHeartEngineer:v2.1.0.rc2 AtHeartEngineer:v2.1.0.rc AtHeartEngineer:v2.0.4 AtHeartEngineer:v2.0.3 AtHeartEngineer:v2.0.2 AtHeartEngineer:v2.0.1 AtHeartEngineer:v2.0.0 AtHeartEngineer:v2.0.0.rc2 AtHeartEngineer:v2.0.0.rc AtHeartEngineer:v1.5.3 AtHeartEngineer:v1.5.2 AtHeartEngineer:v1.5.1 AtHeartEngineer:v1.5.0 AtHeartEngineer:v1.5.0.rc1 AtHeartEngineer:v1.5.0.rc AtHeartEngineer:v1.4.9 AtHeartEngineer:v1.4.8 AtHeartEngineer:v1.4.7 AtHeartEngineer:v1.4.6 AtHeartEngineer:v1.4.5 AtHeartEngineer:v1.4.4 AtHeartEngineer:v1.4.3 AtHeartEngineer:v1.4.2 AtHeartEngineer:v1.4.1 AtHeartEngineer:v1.4.0 AtHeartEngineer:v1.3.4 AtHeartEngineer:v1.3.3 AtHeartEngineer:v1.3.2 AtHeartEngineer:v1.3.1 AtHeartEngineer:v1.3.0 AtHeartEngineer:v1.2.1 AtHeartEngineer:v1.2.0 AtHeartEngineer:v1.1.9 AtHeartEngineer:v1.0.11 AtHeartEngineer:v1.1.8 AtHeartEngineer:v1.2.rc2 AtHeartEngineer:v1.1.7 AtHeartEngineer:v1.1.6 AtHeartEngineer:v1.1.5 AtHeartEngineer:v1.0.9 AtHeartEngineer:v1.1.4 AtHeartEngineer:v1.2.rc AtHeartEngineer:v1.1.3 AtHeartEngineer:v1.1.2 AtHeartEngineer:v1.1.1 AtHeartEngineer:v1.1.0 AtHeartEngineer:v1.1.rc2 AtHeartEngineer:v1.0.8 AtHeartEngineer:v1.0.7 AtHeartEngineer:v1.1.rc1 AtHeartEngineer:v1.0.6 AtHeartEngineer:v1.1.rc0 AtHeartEngineer:v1.0.5 AtHeartEngineer:v1.0.4 AtHeartEngineer:v1.1.pre4 AtHeartEngineer:v1.1.pre3 AtHeartEngineer:v1.0.3 AtHeartEngineer:v1.1.pre2 AtHeartEngineer:v1.0.2 AtHeartEngineer:v1.1.pre AtHeartEngineer:v1.0.1 AtHeartEngineer:v1.0.0 AtHeartEngineer:v0.9.2 AtHeartEngineer:v0.9.1 AtHeartEngineer:v0.9.0 AtHeartEngineer:v0.8.2 AtHeartEngineer:v0.8.1 AtHeartEngineer:v0.8.0 AtHeartEngineer:v0.7.5
...
compare: AtHeartEngineer:v4.8.0
Branches Tags
AtHeartEngineer:main AtHeartEngineer:update-rack-unprocessable_content AtHeartEngineer:ca-devise-locale-throw AtHeartEngineer:password-length-dynamic AtHeartEngineer:4-stable AtHeartEngineer:mf-issue-5140 AtHeartEngineer:mf-check-for-devise-parent-mailer AtHeartEngineer:5-rc AtHeartEngineer:3-stable AtHeartEngineer:let-unsafe-redirect AtHeartEngineer:test-mongoid AtHeartEngineer:drv-improve-reset-token AtHeartEngineer:lm-jruby AtHeartEngineer:4-0-stable AtHeartEngineer:4-1-stable AtHeartEngineer:gh-pages AtHeartEngineer:v3.2 AtHeartEngineer:v2.2 AtHeartEngineer:v3.0 AtHeartEngineer:v3.1 AtHeartEngineer:v2.0 AtHeartEngineer:v2.1 AtHeartEngineer:v1.5 AtHeartEngineer:v1.0 AtHeartEngineer:v1.4 AtHeartEngineer:v1.3 AtHeartEngineer:v1.2 AtHeartEngineer:v1.1
AtHeartEngineer:v5.0.0.rc AtHeartEngineer:v4.9.4 AtHeartEngineer:v4.9.3 AtHeartEngineer:v4.9.2 AtHeartEngineer:v4.9.1 AtHeartEngineer:v4.9.0 AtHeartEngineer:v4.8.1 AtHeartEngineer:v4.8.0 AtHeartEngineer:v4.7.3 AtHeartEngineer:v4.7.2 AtHeartEngineer:v4.7.1 AtHeartEngineer:v4.7.0 AtHeartEngineer:v4.6.2 AtHeartEngineer:v4.6.1 AtHeartEngineer:v4.6.0 AtHeartEngineer:v4.5.0 AtHeartEngineer:v4.4.3 AtHeartEngineer:v4.4.2 AtHeartEngineer:v4.4.1 AtHeartEngineer:v4.4.0 AtHeartEngineer:v4.3.0 AtHeartEngineer:v4.2.1 AtHeartEngineer:v4.2.0 AtHeartEngineer:v3.5.10 AtHeartEngineer:v4.0.3 AtHeartEngineer:v4.1.1 AtHeartEngineer:v4.1.0 AtHeartEngineer:v3.5.9 AtHeartEngineer:v4.0.2 AtHeartEngineer:v4.0.1 AtHeartEngineer:v3.5.8 AtHeartEngineer:v3.5.7 AtHeartEngineer:v4.0.0 AtHeartEngineer:v4.0.0.rc2 AtHeartEngineer:v4.0.0.rc1 AtHeartEngineer:v3.5.6 AtHeartEngineer:v3.5.5 AtHeartEngineer:v3.5.4 AtHeartEngineer:v3.5.3 AtHeartEngineer:v3.5.2 AtHeartEngineer:v3.5.1 AtHeartEngineer:v3.5.0 AtHeartEngineer:v3.4.1 AtHeartEngineer:v3.4.0 AtHeartEngineer:v3.3.0 AtHeartEngineer:v3.2.4 AtHeartEngineer:v3.2.3 AtHeartEngineer:v3.2.2 AtHeartEngineer:v3.2.1 AtHeartEngineer:v2.2.8 AtHeartEngineer:v3.0.4 AtHeartEngineer:v3.1.2 AtHeartEngineer:v3.2.0 AtHeartEngineer:v3.1.1 AtHeartEngineer:v3.1.0 AtHeartEngineer:v2.0.6 AtHeartEngineer:v2.1.4 AtHeartEngineer:v2.2.7 AtHeartEngineer:v3.0.3 AtHeartEngineer:v3.1.0.rc2 AtHeartEngineer:v3.1.0.rc AtHeartEngineer:v2.2.6 AtHeartEngineer:v3.0.2 AtHeartEngineer:v3.0.1 AtHeartEngineer:v2.2.5 AtHeartEngineer:v3.0.0 AtHeartEngineer:v3.0.0.rc AtHeartEngineer:v2.2.4 AtHeartEngineer:v2.2.3 AtHeartEngineer:v2.2.2 AtHeartEngineer:v2.2.1 AtHeartEngineer:v2.2.0 AtHeartEngineer:v2.2.0.rc AtHeartEngineer:v2.1.2 AtHeartEngineer:v2.1.1 AtHeartEngineer:v2.1.0 AtHeartEngineer:v2.1.0.rc2 AtHeartEngineer:v2.1.0.rc AtHeartEngineer:v2.0.4 AtHeartEngineer:v2.0.3 AtHeartEngineer:v2.0.2 AtHeartEngineer:v2.0.1 AtHeartEngineer:v2.0.0 AtHeartEngineer:v2.0.0.rc2 AtHeartEngineer:v2.0.0.rc AtHeartEngineer:v1.5.3 AtHeartEngineer:v1.5.2 AtHeartEngineer:v1.5.1 AtHeartEngineer:v1.5.0 AtHeartEngineer:v1.5.0.rc1 AtHeartEngineer:v1.5.0.rc AtHeartEngineer:v1.4.9 AtHeartEngineer:v1.4.8 AtHeartEngineer:v1.4.7 AtHeartEngineer:v1.4.6 AtHeartEngineer:v1.4.5 AtHeartEngineer:v1.4.4 AtHeartEngineer:v1.4.3 AtHeartEngineer:v1.4.2 AtHeartEngineer:v1.4.1 AtHeartEngineer:v1.4.0 AtHeartEngineer:v1.3.4 AtHeartEngineer:v1.3.3 AtHeartEngineer:v1.3.2 AtHeartEngineer:v1.3.1 AtHeartEngineer:v1.3.0 AtHeartEngineer:v1.2.1 AtHeartEngineer:v1.2.0 AtHeartEngineer:v1.1.9 AtHeartEngineer:v1.0.11 AtHeartEngineer:v1.1.8 AtHeartEngineer:v1.2.rc2 AtHeartEngineer:v1.1.7 AtHeartEngineer:v1.1.6 AtHeartEngineer:v1.1.5 AtHeartEngineer:v1.0.9 AtHeartEngineer:v1.1.4 AtHeartEngineer:v1.2.rc AtHeartEngineer:v1.1.3 AtHeartEngineer:v1.1.2 AtHeartEngineer:v1.1.1 AtHeartEngineer:v1.1.0 AtHeartEngineer:v1.1.rc2 AtHeartEngineer:v1.0.8 AtHeartEngineer:v1.0.7 AtHeartEngineer:v1.1.rc1 AtHeartEngineer:v1.0.6 AtHeartEngineer:v1.1.rc0 AtHeartEngineer:v1.0.5 AtHeartEngineer:v1.0.4 AtHeartEngineer:v1.1.pre4 AtHeartEngineer:v1.1.pre3 AtHeartEngineer:v1.0.3 AtHeartEngineer:v1.1.pre2 AtHeartEngineer:v1.0.2 AtHeartEngineer:v1.1.pre AtHeartEngineer:v1.0.1 AtHeartEngineer:v1.0.0 AtHeartEngineer:v0.9.2 AtHeartEngineer:v0.9.1 AtHeartEngineer:v0.9.0 AtHeartEngineer:v0.8.2 AtHeartEngineer:v0.8.1 AtHeartEngineer:v0.8.0 AtHeartEngineer:v0.7.5

133 Commits
v4.7.1 ... v4.8.0

Author SHA1 Message Date
Carlos Antonio da Silva
57d1a1d381 Release v4.8.0 2021-04-29 08:52:33 -03:00
Carlos Antonio da Silva
5d5636f03a Merge pull request #5369 from heartcombo/ca-lockable-reset-attempts 
Create a model hook around the lockable warden hook to reset attempts
 2021-04-02 15:52:43 -03:00
Carlos Antonio da Silva
a3ae35e9c9 Create a model hook around the lockable warden hook to reset attempts 
Resetting failed attempts after sign in happened inside a warden hook
specific for the lockable module, but that was hidden inside the hook
implementation and didn't allow any user customization.

One such customization needed for example is to direct these updates to
a write DB when using a multi-DB setup. With the logic hidden in the
warden hook this wasn't possible, now that it's exposed in a model
method much like trackable, we can override the model method to wrap it
in a connection switch block for example, point to a write DB, and
simply call `super`.

Closes #5310
Related to #5264 and #5133
 2021-04-02 15:45:25 -03:00
Carlos Antonio da Silva
e8e0c27599 Revert "Lock bundler to 2.2.9 instead of latest" 
This reverts commit 1ba53dc369.

Let's give the latest bundler (2.2.15 as of today) a try again.
 2021-03-30 21:53:57 -03:00
Carlos Antonio da Silva
429afcbe8a Bundle update 2021-03-30 21:53:56 -03:00
Carlos Antonio da Silva
ef9a2f4104 Use minitest helpers to check if objects respond to certain methods 2021-03-22 18:43:19 -03:00
Carlos Antonio da Silva
0cd72a56f9 Merge pull request #5347 from heartcombo/ca-build 
Support Ruby 3+ officially, remove final Rails 6.1 deprecations, drop test dependency for XML serialization
 2021-02-16 17:35:19 -03:00
Carlos Antonio da Silva
1ba53dc369 Lock bundler to 2.2.9 instead of latest 
2.2.10 is causing the dependency resolution on Rails 6-0-stable to fail:

```
  Bundler could not find compatible versions for gem "railties":
    In Gemfile-rails-6-0:
      devise was resolved to 4.7.3, which depends on
        railties (>= 4.1.0)

      rails was resolved to 6.0.3.5, which depends on
        railties (= 6.0.3.5)

      responders (~> 3.0) was resolved to 3.0.1, which depends on
        railties (>= 5.0)
  Took  27.49 seconds
```

https://github.com/heartcombo/devise/runs/1905780158?check_suite_focus=true#step:5:23

The `railties` version 6.0.3.5 should work, given the other two are
using >= declarations, but it fails in 2.2.10.

Downgrading to 2.2.9 works.
 2021-02-15 16:33:14 -03:00
Carlos Antonio da Silva
faef12cf2b Use the 6-0-stable version of Rails to fix issue with JSON responses 
The test suite was failing on Rails 6.0 + Ruby 3 with errors like:

    Expected "{\"errors\":\"#<ActiveModel::Errors:0x000055f2e6cb8188>\"}"
    to include "{\"errors\":{".

The ActiveModel::Errors object wasn't being serialized to JSON as
expected, and this only happened with that combination of Ruby/Rails.

Upon further investigation, this was caused by a change in Ruby and
fixed in Rails in this PR: https://github.com/rails/rails/pull/39697
(which describes in more details the exact same problem and links to the
Ruby bug tracker with more information).

That fix was backported to 6-0-stable in June 2020, but hasn't been
officially released in a stable version yet: (there have been only
security fixes since then for 6.0)
75f6539d0e

Since the branch contains the fix, I'm pointing directly to it to get
the tests passing. We can't tell if there'll be a new stable 6.0 release
at this point, but hopefully yes, in which case we can go back at
pointing to it.
 2021-02-15 16:33:03 -03:00
Carlos Antonio da Silva
c82a381f29 Bundle update 2021-02-15 14:45:04 -03:00
Carlos Antonio da Silva
a793472a3e Replace XML with JSON serialization across the test suite 
This allows us to remove the dependency on the XML serializer provided
by the external `activemodel-serializers-xml` gem, and eliminates the
following deprecation warning:

    DEPRECATION WARNING: ActiveModel::Errors#to_xml is deprecated and
    will be removed in Rails 6.2.

Please note: this does not mean Devise doesn't support XML, it simply
means our test suite will use JSON to test non-navigatable formats
instead of XML, for simplicity. Devise's job is not to test object
serialization, so as long as your objects properly serialize to
XML/JSON/any other format, it should work out of the box.
 2021-02-15 14:40:05 -03:00
Carlos Antonio da Silva
ad91686b62 Test on Ruby 3+ with Rails 6+ 
And remove dupe entry in the exclude matrix.

In order to get Ruby 3 working we needed to install `rexml` as part of
the test dependencies, only done on the main Gemfile (Rails 6.1) and the
6.0 versions. (which are the only ones supported by Ruby 3.)

Devise itself doesn't require `rexml` as it does nothing with it, but a
dependency we use during tests seem to require it. I was able to track
it down to omniauth-openid -> rack-openid -> ruby-openid requiring it:

    13a88ad644/lib/openid/yadis/xrds.rb (L1)

So while we have tests using omniauth-openid, we'll need this require in
place as well. Ideally that upstream version of ruby-openid should have
it, but it seems that one isn't updated in a while.
 2021-02-15 14:34:36 -03:00
Carlos Antonio da Silva
1bb5fcbbec Merge pull request #5339 from ghiculescu/rails-deprecation 
Fix deprecation warning on Rails 6.1

Related changes in Rails:
https://github.com/rails/rails/pull/38256
https://github.com/rails/rails/pull/38536
 2021-02-02 21:27:31 -03:00
Alex Ghiculescu
80423c8f01 Fix deprecation warning on Rails 6.1 2021-02-02 15:37:45 -07:00
Carlos Antonio da Silva
743b6937e2 Merge pull request #5327 from heartcombo/ca-omniauth-2 
Improve OmniAuth version check to allow anything from 1.0 forward
 2021-02-01 17:30:37 -03:00
Carlos Antonio da Silva
e16d60d0fe Expand the release notes with more info about the OmniAuth v2 upgrade 
I'm sure more people will hit issues so I'm trying to add more guidance
here about how to upgrade... maybe that should be in its own wiki but
I'll keep it all in the changelog for now.
 2021-02-01 12:01:24 -03:00
Carlos Antonio da Silva
9d16f33c7b Revert "Explicitly set OmniAuth to 1.x in the Gemfiles for now" 
This reverts commit 628f2fb2be.

We should be run green on OmniAuth 2.x now.
 2021-02-01 11:51:23 -03:00
Carlos Antonio da Silva
c9a0f896cc Merge branch 'master' into ca-omniauth-2 2021-02-01 11:50:38 -03:00
Carlos Antonio da Silva
aa8d89579a Merge pull request #5338 from heartcombo/ca-build 
Move build to GitHub Actions
 2021-02-01 11:49:36 -03:00
Carlos Antonio da Silva
210c62af38 Add changelog about moving to GitHub Actions 2021-02-01 11:44:42 -03:00
Carlos Antonio da Silva
3048fe0960 Prevent Bundler 2.x. with Rails 4.x versions 2021-02-01 10:10:26 -03:00
Carlos Antonio da Silva
628f2fb2be Explicitly set OmniAuth to 1.x in the Gemfiles for now 
The build is breaking with 2.x (which is expected), so this is a step to
get it to green on GA.
 2021-01-31 10:19:06 -03:00
Carlos Antonio da Silva
13ba27497b Use the latest 2.x patch version for each Ruby, remove ruby-head 
ruby-head was always in allowed failures with travis anyway, and we
never really paid much attention to it, so let's just remove it entirely
for now.
 2021-01-31 10:08:57 -03:00
Carlos Antonio da Silva
7386f419e3 Use latest bundler on Gemfile.lock 
Bundler 1.x uses git instead of https by default and we don't have that
github source setting in the Gemfile, but this should work.
 2021-01-31 10:05:03 -03:00
Carlos Antonio da Silva
e07932c181 Rename gemfiles to keep consistency 2021-01-31 09:54:47 -03:00
Carlos Antonio da Silva
d0eafe70dc Remove the lock gemfiles from the previous versions 
Keep only the lock for the main Gemfile to keep Devise consistent with
the other heartcombo libs.
 2021-01-31 09:51:20 -03:00
Carlos Antonio da Silva
7e6da424e2 Move from Travis to GitHub Actions 2021-01-29 16:59:14 -03:00
AsbahIshaq
81bf3ad8c1 changed support to supports (#5334) 
Co-authored-by: Asbah Ishaq <asbahishaq>
 2021-01-24 08:51:09 -03:00
Carlos Antonio da Silva
51c05a5b21 Add changelog entry for OmniAuth 2 support 
And a note/warning about how it might break apps that don't update their
integration accordingly as OmniAuth now expects.
 2021-01-22 09:28:05 -03:00
Carlos Antonio da Silva
1d138dd40c Simplify OmniAuth version check by trying to load the gem with the necessary version 2021-01-22 09:16:58 -03:00
Carlos Antonio da Silva
c43ae8cb47 Merge branch 'master' into ca-omniauth-2 2021-01-19 15:22:57 -03:00
Carlos Antonio da Silva
cd60c747cc Update to latest released omniauth* gems 
omniauth-openid v2.0.1 was just released opening support for omniauth
v2, so we can bundle update everything from the released gems now.
 2021-01-19 15:21:26 -03:00
Jordan Owens
837baaf2e1 Update omniauthable tests for OmniAuth 2.0 (#5331) 2021-01-19 15:19:55 -03:00
Carlos Antonio da Silva
e0395367e4 Merge pull request #5333 from ghiculescu/patch-1 
Fix Rails default log level in Readme
 2021-01-18 21:53:46 -03:00
Carlos Antonio da Silva
fb17e2755f Move Rails 6.1 to the main Gemfile instead of an extra one 
We have the gemfiles/* to test other versions of Rails, but keep the
most recent one in the main Gemfile.
 2021-01-18 21:52:07 -03:00
Alex Ghiculescu
f4462cd85e Fix Rails default log level 
This changed in 229fd2a02f - the advice about changing your log level still stands though.
 2021-01-18 16:51:23 -06:00
Carlos Antonio da Silva
8bb358cf80 Improve OmniAuth version check to allow anything from 1.0 forward 
This should enable people to try OmniAuth 2 currently in pre-release.
 2021-01-07 09:21:15 -03:00
Ryunosuke Sato
98fc5e8e39 Test on rails 6.1 (#5323) 
* Make test for validation to be Rails 6.1 compatible

The `ActiveModel::Errors` has been changed in Rails 6.1.
https://github.com/rails/rails/pull/32313

* Add gemfile for Rails 6.1

* Add CI matrix for Rails 6.1
 2021-01-04 20:17:58 -03:00
Carlos Antonio da Silva
dfbed22cee Merge pull request #5315 from bipashant/master 
Add missing period to devise.registrations.updated_but_not_signed_in
 2020-11-23 08:10:22 -03:00
Bibek Sharma Chapagain
fd03f9e353 Added missing full stop "." on registrations.updated_but_not_signed_in. 2020-11-23 12:21:22 +11:00
Carlos Antonio da Silva
a19e78cdb4 Merge pull request #5306 from janz93/cleanup 
Add to-do to cleanup rack/rails session bug fix when supporting Rails 5.2+ only
 2020-11-22 21:42:48 -03:00
Jan Zaydowicz
b88af5d65e chore: add expiry note for old rack/rails session bug fix 
Seven year ago rails `session.keys` could be empty if the session was
not loaded yet.

To prevent an error the removed code was introduced
https://github.com/heartcombo/devise/issues/2660

Since then rails changed the behaviour and makes sure that the session
is loaded before someone wants to access any session keys
3498aacbbe

Which means the `session.empty?` is not needed anymore once Rails 5.2+
and upwards only supported.
 2020-11-22 12:33:30 +01:00
Carlos Antonio da Silva
45b831c4ea Release 4.7.3 2020-09-20 21:24:01 -03:00
Carlos Antonio da Silva
f12be553cc Update changelog [ci skip] 2020-09-20 10:45:10 -03:00
Carlos Antonio da Silva
4896a9b41a Update bundle 2020-09-20 10:43:42 -03:00
mune
eed641d2be Add spaces around method arguments when setting default values 
Closes #5288
 2020-08-31 18:15:45 -03:00
Carlos Antonio da Silva
97aa37bb50 Use assert_empty minitest helper 2020-08-27 18:40:03 -03:00
Carlos Antonio da Silva
15135f7dc6 User assert_includes/refute_includes minitest helpers 2020-08-27 18:38:26 -03:00
Carlos Antonio da Silva
e39b9b9134 Fix order of arguments for assert_equal on tests 
Use `assert_equal expected, actual` for proper error messages in case of
failures.
 2020-08-27 18:24:17 -03:00
Carlos Antonio da Silva
4a5e7a9143 Switch to https for git repos in the lock file 2020-08-27 08:54:18 -03:00
Carlos Antonio da Silva
8664bac682 Merge pull request #5286 from clockspring/fix-5285 
Fix hanging tests for streaming controllers using Devise
 2020-08-27 08:52:17 -03:00
Tony Novak
3e588d2d25 Work around "uncaught throw :warden" issue in Rails 4 2020-08-26 12:02:11 -04:00
Tony Novak
23fbc35b2d Fix hanging tests for streaming controllers using Devise 
Fixes #5285.
 2020-08-26 12:02:09 -04:00
Carlos Antonio da Silva
2c844b0649 Merge branch 'ca-deprecate-blacklist-constant' into master 
Closes #5280
 2020-08-20 09:07:43 -03:00
Carlos Antonio da Silva
0c2cab7c94 Deprecate BLACKLIST_FOR_SERIALIZATION on all supported Rails versions 
Deprecate `BLACKLIST_FOR_SERIALIZATION` constant in favor of a more
descriptive name `UNSAFE_ATTRIBUTES_FOR_SERIALIZATION`, removing
unnecessary usage of the word `blacklist` from devise.

The previous constant still works but will emit a warning if used, to
allow anyone still depending on it to upgrade.

This includes an internal backport of the Rails `deprecate_constant`
implementation that exists on Rails 5.1+ to be able to deprecate it
properly in prior versions, while we support those. (which I intend to
drop soon.)
 2020-08-19 19:36:25 -03:00
Seiei Miyagi
2da46d8dd6 Replace BLACKLIST_FOR_SERIALIZATION with DENYLIST_FOR_SERIALIZATION 2020-08-17 22:17:06 +09:00
Daniel Pepper
507573994a Ensure serializable_hash doesn't raise with a frozen :except array 
I ran into an issue where options[:except] is a frozen array, which
explodes when we try to concat values in `serializable_hash`. To fix this
we dup the `:except` option before concatenating with the other options
there.

Closes #5278.
 2020-08-13 18:38:23 -03:00
Carlos Antonio da Silva
f26e05c200 Update bundle 2020-08-10 22:47:15 -03:00
Carlos Antonio da Silva
f5cc775a5f Remove commented out code 2020-06-23 08:50:20 -03:00
Carlos Antonio da Silva
b94b957490 Prefer american style english for code 
Nothing personal, just seems to be much more common usage across the
code.
 2020-06-23 08:50:20 -03:00
Carlos Antonio da Silva
057afdc1e6 Fix another thor deprecation warning in the install generator 
This one has been showing up when running tests:

    Deprecation warning: Expected string default value for '--orm'; got false (boolean).
    This will be rejected in the future unless you explicitly pass the options
    `check_default_type: false` or call `allow_incompatible_default_type!` in your code
    You can silence deprecations warning by setting the environment variable THOR_SILENCE_DEPRECATION.
 2020-06-18 18:02:43 -03:00
Carlos Antonio da Silva
c249ba991b Merge pull request #5258 from deivid-rodriguez/fix_thor_warning 
The `:orm` option can also have string values. Fixes #5252.
 2020-06-18 18:00:11 -03:00
David Rodríguez
ffa8a80f42 Fix warning from thor 
The `:orm` option can also have string values.
 2020-06-18 16:21:58 +02:00
Carlos Antonio da Silva
4f60544396 Improve deprecation message with example of how to remove it 
The deprecation of `devise_error_messages!` wasn't super clear on what
was happening and how to get rid of the message, not it has a more
detailed explanation with an example of what to look for and what to
replace it with.

Closes #5257.
 2020-06-17 08:52:43 -03:00
Rafael França
79d7eddfc3 Merge pull request #5256 from ptcodes/remove_heroku_anchor_link 
Remove Heroku anchor link and fix some typos
 2020-06-15 23:38:36 -04:00
Pavel Timofeev
b25492ea01 Remove Heroku anchor link and fix some typos 2020-06-15 23:19:31 -04:00
Руслан Корнев
0e33f55b7d Fixes broken image (#5253) [ci skip] 2020-06-12 21:37:02 -03:00
Carlos Antonio da Silva
6991ff4eb4 Oops, fix changelog [ci skip] 2020-06-10 15:28:31 -03:00
Carlos Antonio da Silva
16f27b3074 Bump to v4.7.2 2020-06-10 15:23:45 -03:00
Carlos Antonio da Silva
87108ad4d5 Merge pull request #5250 from hyuraku/remove_useless_rails51 
remove unused rails51? method
 2020-06-09 10:18:55 -03:00
hyuraku
6d37e32437 remove useless rails51? method 2020-06-09 21:50:30 +09:00
Carlos Antonio da Silva
a3c0c65269 Devise no longer supports Rails 3.2 since version 4 [ci skip] 
And this `initialize_on_precompile` option is obsolete.
 2020-06-08 18:44:21 -03:00
Carlos Antonio da Silva
2c1b5fb240 Update changelog with latest [ci skip] 2020-06-08 18:40:50 -03:00
Carlos Antonio da Silva
50f820a6cf Use master of Rails controller testing gem to remove Ruby 2.7 warning 2020-06-07 20:00:17 -03:00
Carlos Antonio da Silva
34d9053819 Remove unnecessary monkey-patch of test helpers with Rails 5+ 
This is warning on Ruby 2.7, and seems unnecessary since Rails 5+
adopted kwargs approach. We still need to handle the difference for
Rails < 5 for now, while we support it (which I would like to remove
soon.)
 2020-06-07 20:00:17 -03:00
Carlos Antonio da Silva
94be5fb6a1 Remove mocha deprecation warning 
Mocha deprecation warning at
    ...../active_support/dependencies.rb:324:in `require':
    Require 'mocha/test_unit', 'mocha/minitest' or 'mocha/api'
    instead of 'mocha/setup'.
 2020-06-07 19:49:51 -03:00
Carlos Antonio da Silva
14a3084b59 Simplify the view generator with scoped views 2020-06-07 19:16:36 -03:00
Carlos Antonio da Silva
bbbff3a350 Add changelog entry for #5067 [ci skip] 2020-06-07 19:16:36 -03:00
Carlos Antonio da Silva
a451b98cf2 Revert "Updated README with additional video resources for learning Devise (#5232)" 
This reverts commit d85d45bcef.

My mistake: this section is about *not* using Devise when starting with
Rails and building authentication for the first time, therefore we
should not be linking to Devise specific resources here.

[ci skip]
 2020-06-05 17:49:32 -03:00
Carlos Antonio da Silva
c3759be33e Link to both Ryan Bates Railscasts [ci skip] 2020-06-05 17:47:05 -03:00
David Kimura
d85d45bcef Updated README with additional video resources for learning Devise (#5232) 
[ci skip]
 2020-06-05 17:44:37 -03:00
David Auza
cb8c72171f Update README.md with current link to Railscast (#5221) 
Updated README.md with the latest link to Ryan Bates' Railscast
 2020-06-05 17:43:56 -03:00
Vitalii Lazebnyi
e0b9915418 #5234 fix. Deprecated warning at controller_helpers.rb 2020-06-05 11:41:19 -03:00
Carlos Antonio da Silva
26c7dffe2a Remove test_after_commit from Rails 5+ Gemfiles 
It is not required anymore since Rails does the right thing since Rails
5.0.
 2020-06-05 11:41:19 -03:00
Carlos Antonio da Silva
22e2ab4be3 Update Gemfile to point to Rails 6.0.x 
This is essentially the same as `gemfiles/Gemfile.rails-6.0-stable`, but
I'm keeping both for now since I want to change the main `Gemfile` later
to point to Rails master (`6.1.0.alpha`), so then I won't need to
recreate the `6.0-stable` Gemfile again.
 2020-06-05 11:40:57 -03:00
Carlos Antonio da Silva
a3d9161712 Bundle update everything 2020-06-05 11:13:22 -03:00
Carlos Antonio da Silva
2e3b70ca62 Update Ruby versions to test against 2020-06-05 11:13:22 -03:00
Carlos Antonio da Silva
1a83b58d72 Remove Rails 6 from allow failures 
Rails 6 is officially supported, so tests must pass with it.
 2020-06-05 11:13:22 -03:00
Carlos Antonio da Silva
e3f4beced4 Add Rails 5.1 to the matrix 
Not sure how/when this one was removed, probably just mistakenly, so
let's add it back for now, at least while we support multiple old Ruby /
Rails versions. (which I plan to remove support in the near future.)
 2020-06-05 11:13:21 -03:00
Carlos Antonio da Silva
9437f2de57 Test with Ruby 2.7 2020-06-05 10:25:08 -03:00
Carlos Antonio da Silva
70f3ae24e0 Merge pull request #5229 from okuramasafumi/patch-1 
Correct warden URL in README [ci skip]
 2020-05-01 08:20:35 -03:00
OKURA Masafumi
64ea43f6ab Correct warden URL in README [ci skip] 
Warden moved to its own organization so we should follow it.
 2020-05-01 16:48:17 +09:00
Carlos Antonio da Silva
a59fd76da4 Merge pull request #5225 from chiastolite/remove_unused_method 
Remove unused method from Devise::Generators::InstallGenerator
 2020-04-26 14:37:20 -03:00
Hiroyuki Morita
1f30f6fa85 Remove unused method from Devise::Generators::InstallGenerator 
`rails_4?` is not called anymore since 2024fca4df.
 2020-04-23 08:19:21 +09:00
Rafael França
6486351350 Merge pull request #5215 from HLFH/master 
Fix Deprecation warning: Expected string default value for '--orm'
 2020-04-16 14:41:55 -04:00
HLFH
d65bb156c1 type: :boolean for :orm 2020-03-28 09:13:35 +00:00
Gaspard d'Hautefeuille
6851f1d1c4 Deprecation warning: Expected string default value for '--orm' 2020-03-26 17:13:51 +00:00
Rafael França
769506e96c Merge pull request #5204 from unleashy/patch-1 
Clarify DatabaseAuthenticable's behaviour for password fields
 2020-03-12 14:54:45 -04:00
unleashy
eefae83c92 Make a more accurate claim 2020-03-12 15:52:51 -03:00
Rafael França
ec0b55a13a Merge pull request #5208 from p8/document-changes-stretches 
Explain how changing stretches affects existing password hashes
 2020-03-12 11:33:25 -04:00
Petrik
63fe1a843f Explain how changing stretches affects existing password hashes 2020-03-12 16:16:55 +01:00
unleashy
748803cd59 Clarify DatabaseAuthenticable's behaviour 
with regards to the `password` field
 2020-03-05 14:47:43 -03:00
Carlos Antonio da Silva
97a6fd2895 Merge pull request #5193 from pickerflicker/skip-timeout-optimization 
Avoid checking if the record timed out when skipping timeoutable
 2020-03-01 18:04:19 -03:00
Steven Hsieh
12a265d1eb optimize earlier timeout_skip to avoid unecessary record lookup 2020-02-19 10:51:36 -08:00
Rafael França
29943a26e6 Merge pull request #5192 from fwolfst/update_readme_rails6 
update README to reflect current Rails version
 2020-02-06 12:53:06 -05:00
Felix Wolfsteller
249064d8f6 update README to reflect current Rails version 
Paragraph defaults to description of how to test in Rails 5/6 now.
 2020-02-06 18:13:30 +01:00
Rafael Mendonça França
f8daa52b9b Change license of the logo 2020-02-03 12:01:11 -05:00
Rafael Mendonça França
a17abad57a Remove all references to Plataformatec 2020-02-03 11:33:17 -05:00
Rafael França
3ef4e0b701 Merge pull request #5172 from lukerollans/chore/case-mapping-collisions-test 
Add a test which checks for Case Mapping Collisions when requesting a password reset
 2020-01-22 12:23:22 -05:00
Rafael França
83a32e6d21 Merge pull request #5174 from connorshea/fix-ruby-27-deprecation-warnings 
Fix two deprecated usages of keyword arguments.
 2019-12-27 12:44:32 -03:00
Connor Shea
a3fcb3b682 Fix two deprecated usages of keyword arguments. 
This prevents us from using behavior that was deprecated in Ruby 2.7.
 2019-12-26 17:44:53 -07:00
Luke Rollans
0d95c5ae8b Generalise email address 2019-12-17 13:47:40 +08:00
Luke Rollans
9fb079c097 Add a test which checks for Case Mapping Collisions when resetting pw 
See here for more information
https://eng.getwisdom.io/hacking-github-with-unicode-dotless-i/
 2019-12-17 13:43:53 +08:00
Leonardo Tegon
43068ac239 Merge pull request #5167 from plataformatec/sp-fix-typos 
Fix typos
 2019-11-29 09:53:03 -03:00
Samuel Pordeus
fb18c6ca8d Fix typos 2019-11-28 18:13:47 -03:00
Colin Ross
14863ba4c9 Documentation: Details/Notes regarding Rails API-only applications (#5152) 
* doc: Add some additional details concerning using devise in an API-only Rails application

* Apply wording suggestions from code review

Co-Authored-By: Marcos Ferreira <mracos@users.noreply.github.com>

* Apply suggestions from code review

Co-Authored-By: Marcos Ferreira <mracos@users.noreply.github.com>
 2019-10-29 15:06:37 -03:00
Rafael França
885c61ece3 Merge pull request #5157 from tabakazu/add_assert_and_replace_mathcer 
Add assert to Lockable integration test and Replace mathcer `assert_not` to `refute`
 2019-10-25 11:54:53 -04:00
tabakazu
940b939791 Add assert for check last_sign_in_ip value 2019-10-24 21:12:27 +09:00
Looi David
406915cb78 changed? behaviour has been updated (#5135) 
* `changed?` behaviour has been updated

Due to 16ae3db5a5 `changed?` has been updated to check for dirtiness after save. The new method that behaves like the old `changed` is `saved_changes?`.

* Add comment to explain which method to used based on which rails version it is
 2019-10-22 10:39:34 -03:00
Leonardo Tegon
c5de662454 Merge pull request #5153 from storrence88/patch-1 
Update README.md
 2019-10-14 14:21:00 -03:00
Steven Torrence
0a6cd99d03 Update README.md 
Change before filter to before action to match the code example given below.
 2019-10-11 09:27:46 -05:00
Leonardo Tegon
ffeb942699 Merge pull request #5148 from gurgelrenan/flash_message 
Call set_flash_message helper instead of flash accessor
 2019-10-07 15:35:00 -03:00
Leonardo Tegon
f148c90fc7 Merge pull request #5142 from rlue/doc/initializer 
Explain layout of default config initializer
 2019-10-07 15:02:24 -03:00
Renan Gurgel
d022fb8cc4 Update code with single-quotes 2019-10-03 14:27:59 -03:00
Renan Gurgel
421ffc479f Add test to admin error message 2019-10-03 14:15:47 -03:00
Renan Gurgel
0f134f7030 Call set_flash_message helper instead of flash accessor 2019-10-03 00:15:15 -03:00
Ryan Lue
5d73e1e3bb Explain layout of default config initializer [ci skip] 2019-09-27 06:21:27 +08:00
Marcos Ferreira
f48b6f1651 Merge pull request #5067 from shobhitic/master 
Using scoped errors for scoped views. Fixes #5066
 2019-09-17 14:49:57 -03:00
Marcos Ferreira
34ed989725 Move PR #5074 to unreleased in changelog [skip ci] 2019-09-17 13:38:00 -03:00
Marcos Ferreira
b52e642c01 Merge pull request #5074 from sergey-alekseev/increase-default-stretches-to-12 
Increase default stretches to 12
 2019-09-17 13:30:55 -03:00
Sergey Alekseev
45245df16a update changelog 
[skip ci]
 2019-05-13 14:15:14 +03:00
Sergey Alekseev
63ea6533de increase default stretches to 12 
Test script
---

```ruby
require 'bcrypt'
require 'benchmark'
Benchmark.measure { BCrypt::Password.create('password', cost: 12) }
```

Test results
---

- [Intel(R) Core(TM) i5-7360U CPU @ 2.30GHz](https://ark.intel.com/content/www/us/en/ark/products/97535/intel-core-i5-7360u-processor-4m-cache-up-to-3-60-ghz.html): `#<Benchmark::Tms:0x00007fdd00a4eb30 @label="", @real=0.21730700000080105, @cstime=0.0, @cutime=0.0, @stime=0.00020399999999999585, @utime=0.21685199999999996, @total=0.21705599999999997>`
- [Intel(R) Core(TM) i7-8559U CPU @ 2.70GHz](https://ark.intel.com/content/www/us/en/ark/products/137979/intel-core-i7-8559u-processor-8m-cache-up-to-4-50-ghz.html): `#<Benchmark::Tms:0x00007fe91094fd30 @label="", @real=0.17964200000278652, @cstime=0.0, @cutime=0.0, @stime=7.399999999996298e-05, @utime=0.17950799999999845, @total=0.1795819999999984>`

Other gems
---

- bcrypt-ruby which is used by devise [updated](https://github.com/codahale/bcrypt-ruby/pull/181) their default cost to 12 (not released a gem version yet).
- rails has [a PR](https://github.com/rails/rails/pull/35321) from the Rails core team member to update their `ActiveModel::SecurePassword` which powers `has_secure_password` default cost to 13 (not merged yet).

Previous changes
---

[Previous PR](https://github.com/plataformatec/devise/pull/3549) to increase the default stretches to 12 was created more than 4 years ago. That time the default stretches value [was increased](9efc601c73) from 10 to 11.
 2019-05-11 19:35:13 +03:00
Shobhit Bakliwal
a823e510f3 Using scoped errors for scoped views. Fixes #5066 2019-05-02 13:24:01 +05:30
103 changed files with 951 additions and 1725 deletions
Expand all files Collapse all files

106
.github/workflows/test.yml vendored Normal file
View File

@@ -0,0 +1,106 @@
name: Test
on: [push, pull_request]
jobs:
test:
strategy:
fail-fast: false
matrix:
gemfile:
- Gemfile
- gemfiles/Gemfile-rails-6-0
- gemfiles/Gemfile-rails-5-2
- gemfiles/Gemfile-rails-5-1
- gemfiles/Gemfile-rails-5-0
- gemfiles/Gemfile-rails-4-2
- gemfiles/Gemfile-rails-4-1
ruby:
- 2.1
- 2.2
- 2.3
- 2.4
- 2.5
- 2.6
- 2.7
- 3.0
env:
- DEVISE_ORM=active_record
- DEVISE_ORM=mongoid
exclude:
- ruby: 2.1
gemfile: Gemfile
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-5-2
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-5-1
- ruby: 2.1
gemfile: gemfiles/Gemfile-rails-5-0
- ruby: 2.2
gemfile: Gemfile
- ruby: 2.2
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.2
gemfile: gemfiles/Gemfile-rails-5-2
- ruby: 2.3
gemfile: Gemfile
- ruby: 2.3
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.4
gemfile: Gemfile
- ruby: 2.4
gemfile: gemfiles/Gemfile-rails-6-0
- ruby: 2.4
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.5
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.6
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.6
gemfile: gemfiles/Gemfile-rails-4-2
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-4-2
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-5-0
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-5-1
- ruby: 2.7
gemfile: gemfiles/Gemfile-rails-5-2
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-4-1
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-4-2
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-5-0
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-5-1
- ruby: 3.0
gemfile: gemfiles/Gemfile-rails-5-2
- env: DEVISE_ORM=mongoid
gemfile: Gemfile
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-5-0
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-5-1
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-5-2
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile-rails-6-0
runs-on: ubuntu-latest
env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps
BUNDLE_GEMFILE: ${{ matrix.gemfile }}
steps:
- uses: actions/checkout@v2
- name: Setup Bundler 1.x for Rails 4.x
if: ${{ matrix.gemfile == 'gemfiles/Gemfile-rails-4-1' || matrix.gemfile == 'gemfiles/Gemfile-rails-4-2' }}
run: echo "BUNDLER_VERSION=1.17.3" >> $GITHUB_ENV
- uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true # runs bundle install and caches installed gems automatically
bundler: ${{ env.BUNDLER_VERSION || 'latest' }}
- uses: supercharge/mongodb-github-action@1.3.0
if: ${{ matrix.env == 'DEVISE_ORM=mongoid' }}
- run: bundle exec rake

1
.gitignore vendored
View File

@@ -8,3 +8,4 @@ rdoc/*
pkg
log
test/tmp/*
gemfiles/*.lock

89
.travis.yml
View File

@@ -1,89 +0,0 @@
language: ruby
rvm:
- 2.1.10
- 2.2.10
- 2.3.8
- 2.4.5
- 2.5.3
- 2.6.0
- ruby-head
gemfile:
- Gemfile
- gemfiles/Gemfile.rails-6.0-stable
- gemfiles/Gemfile.rails-5.2-stable
- gemfiles/Gemfile.rails-5.0-stable
- gemfiles/Gemfile.rails-4.2-stable
- gemfiles/Gemfile.rails-4.1-stable
matrix:
exclude:
- rvm: 2.1.10
gemfile: Gemfile
- rvm: 2.1.10
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.1.10
gemfile: gemfiles/Gemfile.rails-5.2-stable
- rvm: 2.1.10
gemfile: gemfiles/Gemfile.rails-5.0-stable
- rvm: 2.2.10
gemfile: Gemfile
- rvm: 2.2.10
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.2.10
gemfile: gemfiles/Gemfile.rails-5.2-stable
- rvm: 2.3.8
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.4.5
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.4.5
gemfile: gemfiles/Gemfile.rails-6.0-stable
- rvm: 2.5.3
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.6.0
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: 2.6.0
gemfile: gemfiles/Gemfile.rails-4.2-stable
- rvm: ruby-head
gemfile: gemfiles/Gemfile.rails-4.1-stable
- rvm: ruby-head
gemfile: gemfiles/Gemfile.rails-4.2-stable
- env: DEVISE_ORM=mongoid
gemfile: Gemfile
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile.rails-5.0-stable
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile.rails-5.2-stable
- env: DEVISE_ORM=mongoid
gemfile: gemfiles/Gemfile.rails-6.0-stable
allow_failures:
- rvm: ruby-head
- gemfile: gemfiles/Gemfile.rails-6.0-stable
services:
- mongodb
cache: bundler
env:
matrix:
- DEVISE_ORM=active_record
- DEVISE_ORM=mongoid
before_install:
- gem uninstall -v '>= 2' -i $(rvm gemdir)@global -ax bundler || true
- gem install bundler -v '< 2'
- "rm ${BUNDLE_GEMFILE}.lock"
before_script: "bundle update"
script: "bin/test"
notifications:
email: false
slack:
on_pull_requests: false
on_success: change
on_failure: always
secure: Q3M+kmude3FjisibEeeGe0wSMXgvwLH+vL7Zrx9//q4QtkfnrQ/BBMvY9KXxPEsNF+eys4YopYjTkJ8uRmeboUATW/oQ4Jrv3+u3zkIHK2sFn/Q2cQWpK5w+CbgEnHPjKYnUu34b09njXTgDlr/mqtbPqrKeZ1dLlpKXCB/q4GY=

40
CHANGELOG.md
View File

@@ -1,4 +1,36 @@
### Unreleased
### unreleased
### 4.8.0 - 2021-04-29
* enhancements
* Devise now enables the upgrade of OmniAuth 2+. Previously Devise would raise an error if you'd try to upgrade. Please note that OmniAuth 2 is considered a security upgrade and recommended to everyone. You can read more about the details (and possible necessary changes to your app as part of the upgrade) in [their release notes](https://github.com/omniauth/omniauth/releases/tag/v2.0.0). [Devise's OmniAuth Overview wiki](https://github.com/heartcombo/devise/wiki/OmniAuth:-Overview) was also updated to cover OmniAuth 2.0 requirements.
- Note that the upgrade required Devise shared links that initiate the OmniAuth flow to be changed to `method: :post`, which is now a requirement for OmniAuth, part of the security improvement. If you have copied and customized the Devise shared links partial to your app, or if you have other links in your app that initiate the OmniAuth flow, they will have to be updated to use `method: :post`, or changed to use buttons (e.g. `button_to`) to work with OmniAuth 2. (if you're using links with `method: :post`, make sure your app has `rails-ujs` or `jquery-ujs` included in order for these links to work properly.)
- As part of the OmniAuth 2.0 upgrade you might also need to add the [`omniauth-rails_csrf_protection`](https://github.com/cookpad/omniauth-rails_csrf_protection) gem to your app if you don't have it already. (and you don't want to roll your own code to verify requests.) Check the OmniAuth v2 release notes for more info.
* Introduce `Lockable#reset_failed_attempts!` model method to reset failed attempts counter to 0 after the user signs in.
- This logic existed inside the lockable warden hook and is triggered automatically after the user signs in. The new model method is an extraction to allow you to override it in the application to implement things like switching to a write database if you're using the new multi-DB infrastructure from Rails for example, similar to how it's already possible with `Trackable#update_tracked_fields!`.
* Add support for Ruby 3.
* Add support for Rails 6.1.
* Move CI to GitHub Actions.
* deprecations
* `Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION` is deprecated in favor of `Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION` (@hanachin)
### 4.7.3 - 2020-09-20
* bug fixes
* Do not modify `:except` option given to `#serializable_hash`. (by @dpep)
* Fix thor deprecation when running the devise generator. (by @deivid-rodriguez)
* Fix hanging tests for streaming controllers using Devise. (by @afn)
### 4.7.2 - 2020-06-10
* enhancements
* Increase default stretches to 12 (by @sergey-alekseev)
* Ruby 2.7 support (kwarg warnings removed)
* bug fixes
* Generate scoped views with proper scoped errors partial (by @shobhitic)
* Allow to set scoped `already_authenticated` error messages (by @gurgelrenan)
### 4.7.1 - 2019-09-06
@@ -21,7 +53,7 @@
### 4.6.2 - 2019-03-26
* bug fixes
* Revert "Set `encrypted_password` to `nil` when `password` is set to `nil`" since it broke backward compatibility with existing applications. See more on https://github.com/plataformatec/devise/issues/5033#issuecomment-476386275 (by @mracos)
* Revert "Set `encrypted_password` to `nil` when `password` is set to `nil`" since it broke backward compatibility with existing applications. See more on https://github.com/heartcombo/devise/issues/5033#issuecomment-476386275 (by @mracos)
### 4.6.1 - 2019-02-11
@@ -68,7 +100,7 @@
* Add `autocomplete="new-password"` to new password fields (by @gssbzn)
* Add `autocomplete="current-password"` to current password fields (by @gssbzn)
* Remove redundant `self` from `database_authenticatable` module (by @abhishekkanojia)
* Update `simple_form` templates with changes from https://github.com/plataformatec/devise/commit/16b3d6d67c7e017d461ea17ed29ea9738dc77e83 and https://github.com/plataformatec/devise/commit/6260c29a867b9a656f1e1557abe347a523178fab (by @gssbzn)
* Update `simple_form` templates with changes from https://github.com/heartcombo/devise/commit/16b3d6d67c7e017d461ea17ed29ea9738dc77e83 and https://github.com/heartcombo/devise/commit/6260c29a867b9a656f1e1557abe347a523178fab (by @gssbzn)
* Remove `:trackable` from the default modules in the generators, to be more GDPR-friendly (by @fakenine)
* bug fixes
@@ -315,5 +347,5 @@ configured (by @joshpencheon)
You can check more examples and explanations on the [README section](README.md#strong-parameters)
and on the [ParameterSanitizer docs](lib/devise/parameter_sanitizer.rb).
Please check [3-stable](https://github.com/plataformatec/devise/blob/3-stable/CHANGELOG.md)
Please check [3-stable](https://github.com/heartcombo/devise/blob/3-stable/CHANGELOG.md)
for previous changes.

2
CODE_OF_CONDUCT.md
View File

@@ -17,6 +17,6 @@ Project maintainers have the right and responsibility to remove, edit, or reject
This code of conduct applies both within project spaces and in public spaces when an individual is representing the project or its community.
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by sending an email to [conduct@plataformatec.com.br](conduct@plataformatec.com.br) or contacting one or more of the project maintainers.
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by sending an email to [heartcombo@googlegroups.com](heartcombo@googlegroups.com) or contacting one or more of the project maintainers.
This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.2.0, available at [http://contributor-covenant.org/version/1/2/0/](http://contributor-covenant.org/version/1/2/0/)

10
CONTRIBUTING.md
View File

@@ -8,7 +8,7 @@ expected to follow our [Code of Conduct](CODE_OF_CONDUCT.md).
## Reporting Issues
Before reporting a new issue, please be sure that the issue wasn't already
reported or fixed by searching on GitHub through our [issues](https://github.com/plataformatec/devise/issues).
reported or fixed by searching on GitHub through our [issues](https://github.com/heartcombo/devise/issues).
When creating a new issue, be sure to include a **title and clear description**,
as much relevant information as possible, and either a test case example or
@@ -22,7 +22,7 @@ Please do not attempt to translate Devise built in views. The views are meant
to be a starting point for fresh apps and not production material - eventually
all applications will require custom views where you can write your own copy and
translate it if the application requires it . For historical references, please look into closed
[Issues/Pull Requests](https://github.com/plataformatec/devise/issues?q=i18n) regarding
[Issues/Pull Requests](https://github.com/heartcombo/devise/issues?q=i18n) regarding
internationalization.
Avoid opening new issues to ask questions in our issues tracker. Please go through
@@ -30,7 +30,7 @@ the project wiki, documentation and source code first, or try to ask your questi
on [Stack Overflow](http://stackoverflow.com/questions/tagged/devise).
**If you find a security bug, do not report it through GitHub. Please send an
e-mail to [opensource@plataformatec.com.br](mailto:opensource@plataformatec.com.br)
e-mail to [heartcombo@googlegroups.com](mailto:heartcombo@googlegroups.com)
instead.**
## Sending Pull Requests
@@ -50,7 +50,7 @@ are beneficial to a wide range of use cases or it's an application specific chan
that might not be so valuable to other applications. Some changes can be introduced
as a new `devise-something` gem instead of belonging to the main codebase.
When adding new settings, you can take advantage of the [`Devise::Models.config`](https://github.com/plataformatec/devise/blob/245b1f9de0b3386b7913e14b60ea24f43b77feb0/lib/devise/models.rb#L13-L50) method to add class and instance level fallbacks
When adding new settings, you can take advantage of the [`Devise::Models.config`](https://github.com/heartcombo/devise/blob/245b1f9de0b3386b7913e14b60ea24f43b77feb0/lib/devise/models.rb#L13-L50) method to add class and instance level fallbacks
to the new setting.
We also welcome Pull Requests that improve our existing documentation (both our
@@ -66,7 +66,7 @@ you can do:
* Help ensure that existing issues follows the recommendations from the
_[Reporting Issues](#reporting-issues)_ section, providing feedback to the issue's
author on what might be missing.
* Review and update the existing content of our [Wiki](https://github.com/plataformatec/devise/wiki)
* Review and update the existing content of our [Wiki](https://github.com/heartcombo/devise/wiki)
with up to date instructions and code samples - the wiki was grown with several
different tutorials and references that we can't keep track of everything, so if
there is a page that showcases an integration or customization that you are

26
Gemfile
View File

@@ -4,35 +4,33 @@ source "https://rubygems.org"
gemspec
gem "rails", "~> 5.2"
gem "omniauth", "~> 1.3"
gem "oauth2"
gem "rails", "~> 6.1.0"
gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing", github: "rails/rails-controller-testing"
gem "rails-controller-testing"
gem "responders", "~> 2.4"
gem "responders", "~> 3.0"
group :test do
gem "omniauth-facebook"
gem "omniauth-openid"
gem "rexml"
gem "timecop"
gem "webrat", "0.7.3", require: false
gem "mocha", "~> 1.1", require: false
end
platforms :jruby do
gem "activerecord-jdbc-adapter"
gem "activerecord-jdbcsqlite3-adapter"
gem "jruby-openssl"
platforms :ruby do
gem "sqlite3", "~> 1.4"
end
platforms :ruby do
gem "sqlite3", "~> 1.3.6"
end
# platforms :jruby do
# gem "activerecord-jdbc-adapter"
# gem "activerecord-jdbcsqlite3-adapter"
# gem "jruby-openssl"
# end
# TODO:
# group :mongoid do

279
Gemfile.lock
View File

@@ -1,16 +1,16 @@
GIT
remote: git://github.com/rails/activemodel-serializers-xml.git
revision: dd9c0acf26aab111ebc647cd8deb99ebc6946531
remote: https://github.com/rails/rails-controller-testing.git
revision: bc6f3356803d7c5d373f89a44625d59953dc0cef
specs:
activemodel-serializers-xml (1.0.1)
activemodel (> 5.x)
activesupport (> 5.x)
builder (~> 3.1)
rails-controller-testing (1.0.5)
actionpack (>= 5.0.1.rc1)
actionview (>= 5.0.1.rc1)
activesupport (>= 5.0.1.rc1)
PATH
remote: .
specs:
devise (4.7.1)
devise (4.8.0)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
@@ -20,185 +20,202 @@ PATH
GEM
remote: https://rubygems.org/
specs:
actioncable (5.2.0)
actionpack (= 5.2.0)
actioncable (6.1.3.1)
actionpack (= 6.1.3.1)
activesupport (= 6.1.3.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailer (5.2.0)
actionpack (= 5.2.0)
actionview (= 5.2.0)
activejob (= 5.2.0)
actionmailbox (6.1.3.1)
actionpack (= 6.1.3.1)
activejob (= 6.1.3.1)
activerecord (= 6.1.3.1)
activestorage (= 6.1.3.1)
activesupport (= 6.1.3.1)
mail (>= 2.7.1)
actionmailer (6.1.3.1)
actionpack (= 6.1.3.1)
actionview (= 6.1.3.1)
activejob (= 6.1.3.1)
activesupport (= 6.1.3.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.2.0)
actionview (= 5.2.0)
activesupport (= 5.2.0)
rack (~> 2.0)
actionpack (6.1.3.1)
actionview (= 6.1.3.1)
activesupport (= 6.1.3.1)
rack (~> 2.0, >= 2.0.9)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.2.0)
activesupport (= 5.2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.1.3.1)
actionpack (= 6.1.3.1)
activerecord (= 6.1.3.1)
activestorage (= 6.1.3.1)
activesupport (= 6.1.3.1)
nokogiri (>= 1.8.5)
actionview (6.1.3.1)
activesupport (= 6.1.3.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.2.0)
activesupport (= 5.2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.1.3.1)
activesupport (= 6.1.3.1)
globalid (>= 0.3.6)
activemodel (5.2.0)
activesupport (= 5.2.0)
activerecord (5.2.0)
activemodel (= 5.2.0)
activesupport (= 5.2.0)
arel (>= 9.0)
activestorage (5.2.0)
actionpack (= 5.2.0)
activerecord (= 5.2.0)
marcel (~> 0.3.1)
activesupport (5.2.0)
activemodel (6.1.3.1)
activesupport (= 6.1.3.1)
activerecord (6.1.3.1)
activemodel (= 6.1.3.1)
activesupport (= 6.1.3.1)
activestorage (6.1.3.1)
actionpack (= 6.1.3.1)
activejob (= 6.1.3.1)
activerecord (= 6.1.3.1)
activesupport (= 6.1.3.1)
marcel (~> 1.0.0)
mini_mime (~> 1.0.2)
activesupport (6.1.3.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
arel (9.0.0)
bcrypt (3.1.13)
builder (3.2.3)
concurrent-ruby (1.0.5)
crass (1.0.4)
erubi (1.7.1)
faraday (0.11.0)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
zeitwerk (~> 2.3)
bcrypt (3.1.16)
builder (3.2.4)
concurrent-ruby (1.1.8)
crass (1.0.6)
erubi (1.10.0)
faraday (1.3.0)
faraday-net_http (~> 1.0)
multipart-post (>= 1.2, < 3)
globalid (0.4.1)
ruby2_keywords
faraday-net_http (1.0.1)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (3.5.7)
i18n (1.0.0)
hashie (4.1.0)
i18n (1.8.10)
concurrent-ruby (~> 1.0)
jwt (1.5.6)
loofah (2.2.2)
jwt (2.2.2)
loofah (2.9.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.0)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (0.3.2)
mimemagic (~> 0.3.2)
metaclass (0.0.4)
method_source (0.9.0)
mimemagic (0.3.2)
mini_mime (1.0.0)
mini_portile2 (2.3.0)
minitest (5.11.3)
mocha (1.2.1)
metaclass (~> 0.0.1)
multi_json (1.12.1)
marcel (1.0.0)
method_source (1.0.0)
mini_mime (1.0.3)
mini_portile2 (2.5.0)
minitest (5.14.4)
mocha (1.12.0)
multi_json (1.15.0)
multi_xml (0.6.0)
multipart-post (2.0.0)
nio4r (2.3.0)
nokogiri (1.8.2)
mini_portile2 (~> 2.3.0)
oauth2 (1.3.1)
faraday (>= 0.8, < 0.12)
jwt (~> 1.0)
multipart-post (2.1.1)
nio4r (2.5.7)
nokogiri (1.11.2)
mini_portile2 (~> 2.5.0)
racc (~> 1.4)
oauth2 (1.4.7)
faraday (>= 0.8, < 2.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.8.1)
hashie (>= 3.4.6, < 3.6.0)
omniauth (2.0.3)
hashie (>= 3.4.6)
rack (>= 1.6.2, < 3)
omniauth-facebook (4.0.0)
rack-protection
omniauth-facebook (8.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.4.0)
oauth2 (~> 1.0)
omniauth (~> 1.2)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
omniauth-oauth2 (1.7.1)
oauth2 (~> 1.4)
omniauth (>= 1.9, < 3)
omniauth-openid (2.0.1)
omniauth (>= 1.0, < 3.0)
rack-openid (~> 1.4.0)
orm_adapter (0.5.0)
rack (2.0.4)
rack-openid (1.3.1)
racc (1.5.2)
rack (2.2.3)
rack-openid (1.4.2)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (1.0.0)
rack-protection (2.1.0)
rack
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (5.2.0)
actioncable (= 5.2.0)
actionmailer (= 5.2.0)
actionpack (= 5.2.0)
actionview (= 5.2.0)
activejob (= 5.2.0)
activemodel (= 5.2.0)
activerecord (= 5.2.0)
activestorage (= 5.2.0)
activesupport (= 5.2.0)
bundler (>= 1.3.0)
railties (= 5.2.0)
rails (6.1.3.1)
actioncable (= 6.1.3.1)
actionmailbox (= 6.1.3.1)
actionmailer (= 6.1.3.1)
actionpack (= 6.1.3.1)
actiontext (= 6.1.3.1)
actionview (= 6.1.3.1)
activejob (= 6.1.3.1)
activemodel (= 6.1.3.1)
activerecord (= 6.1.3.1)
activestorage (= 6.1.3.1)
activesupport (= 6.1.3.1)
bundler (>= 1.15.0)
railties (= 6.1.3.1)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.1)
actionpack (~> 5.x)
actionview (~> 5.x)
activesupport (~> 5.x)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.0.4)
loofah (~> 2.2, >= 2.2.2)
railties (5.2.0)
actionpack (= 5.2.0)
activesupport (= 5.2.0)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
railties (6.1.3.1)
actionpack (= 6.1.3.1)
activesupport (= 6.1.3.1)
method_source
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (12.3.1)
rdoc (5.1.0)
responders (2.4.0)
actionpack (>= 4.2.0, < 5.3)
railties (>= 4.2.0, < 5.3)
ruby-openid (2.7.0)
sprockets (3.7.1)
thor (~> 1.0)
rake (13.0.3)
rdoc (6.3.0)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
rexml (3.2.4)
ruby-openid (2.9.2)
ruby2_keywords (0.0.4)
sprockets (4.0.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
sprockets-rails (3.2.2)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
thor (0.20.0)
thread_safe (0.3.6)
timecop (0.8.1)
tzinfo (1.2.5)
thread_safe (~> 0.1)
warden (1.2.7)
rack (>= 1.0)
sqlite3 (1.4.2)
thor (1.1.0)
timecop (0.9.4)
tzinfo (2.0.4)
concurrent-ruby (~> 1.0)
warden (1.2.9)
rack (>= 2.0.9)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.7.0)
websocket-driver (0.7.3)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.3)
websocket-extensions (0.1.5)
zeitwerk (2.4.2)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
activerecord-jdbc-adapter
activerecord-jdbcsqlite3-adapter
devise!
jruby-openssl
mocha (~> 1.1)
oauth2
omniauth (~> 1.3)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 5.2)
rails-controller-testing
rails (~> 6.1.0)
rails-controller-testing!
rdoc
responders (~> 2.4)
sqlite3 (~> 1.3.6)
responders (~> 3.0)
rexml
sqlite3 (~> 1.4)
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3
2.2.7

2
ISSUE_TEMPLATE.md
View File

@@ -2,7 +2,7 @@
- Do not use the issues tracker for help or support, try Stack Overflow.
- For bugs, do a quick search and make sure the bug has not yet been reported
- If you found a security bug, do not report it through GitHub. Please send an e-mail to opensource@plataformatec.com.br instead.
- If you found a security bug, do not report it through GitHub. Please send an e-mail to heartcombo@googlegroups.com instead.
- Finally, be nice and have fun!
## Environment

3
MIT-LICENSE
View File

@@ -1,4 +1,5 @@
Copyright 2009-2019 Plataformatec. http://plataformatec.com.br
Copyright 2020 Rafael França, Leonardo Tegon, Carlos Antônio da Silva.
Copyright 2009-2019 Plataformatec.
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the

131
README.md
View File

@@ -1,11 +1,6 @@
![Devise Logo](https://raw.github.com/plataformatec/devise/master/devise.png)
![Devise Logo](https://raw.github.com/heartcombo/devise/master/devise.png)
By [Plataformatec](http://plataformatec.com.br/).
[![Build Status](https://api.travis-ci.org/plataformatec/devise.svg?branch=master)](http://travis-ci.org/plataformatec/devise)
[![Code Climate](https://codeclimate.com/github/plataformatec/devise.svg)](https://codeclimate.com/github/plataformatec/devise)
This README is [also available in a friendly navigable format](http://devise.plataformatec.com.br/).
[![Code Climate](https://codeclimate.com/github/heartcombo/devise.svg)](https://codeclimate.com/github/heartcombo/devise)
Devise is a flexible authentication solution for Rails based on Warden. It:
@@ -16,16 +11,16 @@ Devise is a flexible authentication solution for Rails based on Warden. It:
It's composed of 10 modules:
* [Database Authenticatable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/DatabaseAuthenticatable): hashes and stores a password in the database to validate the authenticity of a user while signing in. The authentication can be done both through POST requests or HTTP Basic Authentication.
* [Omniauthable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Omniauthable): adds OmniAuth (https://github.com/omniauth/omniauth) support.
* [Confirmable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Confirmable): sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
* [Recoverable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Recoverable): resets the user password and sends reset instructions.
* [Registerable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Registerable): handles signing up users through a registration process, also allowing them to edit and destroy their account.
* [Rememberable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Rememberable): manages generating and clearing a token for remembering the user from a saved cookie.
* [Trackable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Trackable): tracks sign in count, timestamps and IP address.
* [Timeoutable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Timeoutable): expires sessions that have not been active in a specified period of time.
* [Validatable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Validatable): provides validations of email and password. It's optional and can be customized, so you're able to define your own validations.
* [Lockable](http://www.rubydoc.info/github/plataformatec/devise/master/Devise/Models/Lockable): locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.
* [Database Authenticatable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/DatabaseAuthenticatable): hashes and stores a password in the database to validate the authenticity of a user while signing in. The authentication can be done both through POST requests or HTTP Basic Authentication.
* [Omniauthable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Omniauthable): adds OmniAuth (https://github.com/omniauth/omniauth) support.
* [Confirmable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Confirmable): sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
* [Recoverable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Recoverable): resets the user password and sends reset instructions.
* [Registerable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Registerable): handles signing up users through a registration process, also allowing them to edit and destroy their account.
* [Rememberable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Rememberable): manages generating and clearing a token for remembering the user from a saved cookie.
* [Trackable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Trackable): tracks sign in count, timestamps and IP address.
* [Timeoutable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Timeoutable): expires sessions that have not been active in a specified period of time.
* [Validatable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Validatable): provides validations of email and password. It's optional and can be customized, so you're able to define your own validations.
* [Lockable](http://www.rubydoc.info/github/heartcombo/devise/master/Devise/Models/Lockable): locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.
## Table of Contents
@@ -58,7 +53,6 @@ It's composed of 10 modules:
- [Other ORMs](#other-orms)
- [Rails API mode](#rails-api-mode)
- [Additional information](#additional-information)
- [Heroku](#heroku)
- [Warden](#warden)
- [Contributors](#contributors)
- [License](#license)
@@ -73,15 +67,15 @@ It's composed of 10 modules:
The Devise Wiki has lots of additional information about Devise including many "how-to" articles and answers to the most frequently asked questions. Please browse the Wiki after finishing this README:
https://github.com/plataformatec/devise/wiki
https://github.com/heartcombo/devise/wiki
### Bug reports
If you discover a problem with Devise, we would like to know about it. However, we ask that you please review these guidelines before submitting a bug report:
https://github.com/plataformatec/devise/wiki/Bug-reports
https://github.com/heartcombo/devise/wiki/Bug-reports
If you have discovered a security related bug, please do *NOT* use the GitHub issue tracker. Send an email to opensource@plataformatec.com.br.
If you have discovered a security related bug, please do *NOT* use the GitHub issue tracker. Send an email to heartcombo@googlegroups.com.
### StackOverflow and Mailing List
@@ -97,7 +91,7 @@ https://groups.google.com/group/plataformatec-devise
You can view the Devise documentation in RDoc format here:
http://rubydoc.info/github/plataformatec/devise/master/frames
http://rubydoc.info/github/heartcombo/devise/master/frames
If you need to use Devise with previous versions of Rails, you can always run "gem server" from the command line after you install the gem to access the old documentation.
@@ -105,26 +99,26 @@ If you need to use Devise with previous versions of Rails, you can always run "g
There are a few example applications available on GitHub that demonstrate various features of Devise with different versions of Rails. You can view them here:
https://github.com/plataformatec/devise/wiki/Example-Applications
https://github.com/heartcombo/devise/wiki/Example-Applications
### Extensions
Our community has created a number of extensions that add functionality above and beyond what is included with Devise. You can view a list of available extensions and add your own here:
https://github.com/plataformatec/devise/wiki/Extensions
https://github.com/heartcombo/devise/wiki/Extensions
### Contributing
We hope that you will consider contributing to Devise. Please read this short overview for some information about how to get started:
https://github.com/plataformatec/devise/wiki/Contributing
https://github.com/heartcombo/devise/wiki/Contributing
You will usually want to write tests for your changes. To run the test suite, go into Devise's top-level directory and run `bundle install` and `bin/test`.
Devise works with multiple Ruby and Rails versions, and ActiveRecord and Mongoid ORMs, which means you can run the test suite with some modifiers: `DEVISE_ORM` and `BUNDLE_GEMFILE`.
### DEVISE_ORM
Since Devise support both Mongoid and ActiveRecord, we rely on this variable to run specific code for each ORM.
The default value of `DEVISE_ORM` is `active_record`. To run the tests for mongoid, you can pass `mongoid`:
Since Devise supports both Mongoid and ActiveRecord, we rely on this variable to run specific code for each ORM.
The default value of `DEVISE_ORM` is `active_record`. To run the tests for Mongoid, you can pass `mongoid`:
```
DEVISE_ORM=mongoid bin/test
@@ -136,7 +130,7 @@ Please note that the command output will show the variable value being used.
### BUNDLE_GEMFILE
We can use this variable to tell bundler what Gemfile it should use (instead of the one in the current directory).
Inside the [gemfiles](https://github.com/plataformatec/devise/tree/master/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite breaks on Travis using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
Inside the [gemfiles](https://github.com/heartcombo/devise/tree/master/gemfiles) directory, we have one for each version of Rails we support. When you send us a pull request, it may happen that the test suite breaks using some of them. If that's the case, you can simulate the same environment using the `BUNDLE_GEMFILE` variable.
For example, if the tests broke using Ruby 2.4.2 and Rails 4.1, you can do the following:
```bash
rbenv shell 2.4.2 # or rvm use 2.4.2
@@ -170,10 +164,10 @@ bin/test test/models/trackable_test.rb:16
## Starting with Rails?
If you are building your first Rails application, we recommend you *do not* use Devise. Devise requires a good understanding of the Rails Framework. In such cases, we advise you to start a simple authentication system from scratch. Today, we have three resources that should help you get started:
If you are building your first Rails application, we recommend you *do not* use Devise. Devise requires a good understanding of the Rails Framework. In such cases, we advise you to start a simple authentication system from scratch. Here's a few resources that should help you get started:
* Michael Hartl's online book: https://www.railstutorial.org/book/modeling_users
* Ryan Bates' Railscast: http://railscasts.com/episodes/250-authentication-from-scratch
* Ryan Bates' Railscasts: http://railscasts.com/episodes/250-authentication-from-scratch and http://railscasts.com/episodes/250-authentication-from-scratch-revised
* Codecademy's Ruby on Rails: Authentication and Authorization: https://www.codecademy.com/learn/rails-auth
Once you have solidified your understanding of Rails and authentication mechanisms, we assure you Devise will be very pleasant to work with. :smiley:
@@ -270,16 +264,16 @@ member_session
The Devise method in your models also accepts some options to configure its modules. For example, you can choose the cost of the hashing algorithm with:
```ruby
devise :database_authenticatable, :registerable, :confirmable, :recoverable, stretches: 12
devise :database_authenticatable, :registerable, :confirmable, :recoverable, stretches: 13
```
Besides `:stretches`, you can define `:pepper`, `:encryptor`, `:confirm_within`, `:remember_for`, `:timeout_in`, `:unlock_in` among other options. For more details, see the initializer file that was created when you invoked the "devise:install" generator described above. This file is usually located at `/config/initializers/devise.rb`.
### Strong Parameters
![The Parameter Sanitizer API has changed for Devise 4](http://messages.hellobits.com/warning.svg?message=The%20Parameter%20Sanitizer%20API%20has%20changed%20for%20Devise%204)
The Parameter Sanitizer API has changed for Devise 4 :warning:
*For previous Devise versions see https://github.com/plataformatec/devise/tree/3-stable#strong-parameters*
*For previous Devise versions see https://github.com/heartcombo/devise/tree/3-stable#strong-parameters*
When you customize your own views, you may end up adding new attributes to forms. Rails 4 moved the parameter sanitization from the model to the controller, causing Devise to handle this concern at the controller as well.
@@ -289,7 +283,7 @@ There are just three actions in Devise that allow any set of parameters to be pa
* `sign_up` (`Devise::RegistrationsController#create`) - Permits authentication keys plus `password` and `password_confirmation`
* `account_update` (`Devise::RegistrationsController#update`) - Permits authentication keys plus `password`, `password_confirmation` and `current_password`
In case you want to permit additional parameters (the lazy way™), you can do so using a simple before filter in your `ApplicationController`:
In case you want to permit additional parameters (the lazy way™), you can do so using a simple before action in your `ApplicationController`:
```ruby
class ApplicationController < ActionController::Base
@@ -317,7 +311,7 @@ class ApplicationController < ActionController::Base
end
```
Devise allows you to completely change Devise defaults or invoke custom behaviour by passing a block:
Devise allows you to completely change Devise defaults or invoke custom behavior by passing a block:
To permit simple scalar values for username and email, use this
@@ -440,7 +434,7 @@ If the customization at the views level is not enough, you can customize each co
end
```
Or you can simply add new behaviour to it:
Or you can simply add new behavior to it:
```ruby
class Users::SessionsController < Devise::SessionsController
@@ -464,7 +458,7 @@ Devise also ships with default routes. If you need to customize them, you should
devise_for :users, path: 'auth', path_names: { sign_in: 'login', sign_out: 'logout', password: 'secret', confirmation: 'verification', unlock: 'unblock', registration: 'register', sign_up: 'cmon_let_me_in' }
```
Be sure to check `devise_for` [documentation](http://www.rubydoc.info/github/plataformatec/devise/master/ActionDispatch/Routing/Mapper%3Adevise_for) for details.
Be sure to check `devise_for` [documentation](http://www.rubydoc.info/github/heartcombo/devise/master/ActionDispatch/Routing/Mapper%3Adevise_for) for details.
If you have the need for more deep customization, for instance to also allow "/sign_in" besides "/users/sign_in", all you need to do is create your routes normally and wrap them in a `devise_scope` block in the router:
@@ -520,7 +514,7 @@ en:
Take a look at our locale file to check all available messages. You may also be interested in one of the many translations that are available on our wiki:
https://github.com/plataformatec/devise/wiki/I18n
https://github.com/heartcombo/devise/wiki/I18n
Caution: Devise Controllers inherit from ApplicationController. If your app uses multiple locales, you should be sure to set I18n.locale in ApplicationController.
@@ -532,15 +526,21 @@ cases/specs.
### Controller tests
Controller tests require that you include `Devise::Test::ControllerHelpers` on
Controller tests require that you include `Devise::Test::IntegrationHelpers` on
your test case or its parent `ActionController::TestCase` superclass.
For Rails 5, include `Devise::Test::IntegrationHelpers` instead, since the superclass
for controller tests has been changed to ActionDispatch::IntegrationTest
For Rails versions prior to 5, include `Devise::Test::ControllerHelpers` instead, since the superclass
for controller tests was changed to ActionDispatch::IntegrationTest
(for more details, see the [Integration tests](#integration-tests) section).
```ruby
class PostsControllerTest < ActionController::TestCase
include Devise::Test::ControllerHelpers
include Devise::Test::IntegrationHelpers # Rails >= 5
end
```
```ruby
class PostsControllerTest < ActionController::TestCase
include Devise::Test::ControllerHelpers # Rails < 5
end
```
@@ -620,7 +620,7 @@ are executed in your tests.
You can read more about testing your Rails 3 - Rails 4 controllers with RSpec in the wiki:
* https://github.com/plataformatec/devise/wiki/How-To:-Test-controllers-with-Rails-(and-RSpec)
* https://github.com/heartcombo/devise/wiki/How-To:-Test-controllers-with-Rails-(and-RSpec)
### OmniAuth
@@ -632,7 +632,7 @@ config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
You can read more about OmniAuth support in the wiki:
* https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
* https://github.com/heartcombo/devise/wiki/OmniAuth:-Overview
### Configuring multiple models
@@ -679,12 +679,12 @@ end
### Password reset tokens and Rails logs
If you enable the [Recoverable](http://rubydoc.info/github/plataformatec/devise/master/Devise/Models/Recoverable) module, note that a stolen password reset token could give an attacker access to your application. Devise takes effort to generate random, secure tokens, and stores only token digests in the database, never plaintext. However the default logging behavior in Rails can cause plaintext tokens to leak into log files:
If you enable the [Recoverable](http://rubydoc.info/github/heartcombo/devise/master/Devise/Models/Recoverable) module, note that a stolen password reset token could give an attacker access to your application. Devise takes effort to generate random, secure tokens, and stores only token digests in the database, never plaintext. However the default logging behavior in Rails can cause plaintext tokens to leak into log files:
1. Action Mailer logs the entire contents of all outgoing emails to the DEBUG level. Password reset tokens delivered to users in email will be leaked.
2. Active Job logs all arguments to every enqueued job at the INFO level. If you configure Devise to use `deliver_later` to send password reset emails, password reset tokens will be leaked.
Rails sets the production logger level to DEBUG by default. Consider changing your production logger level to WARN if you wish to prevent tokens from being leaked into your logs. In `config/environments/production.rb`:
Rails sets the production logger level to INFO by default. Consider changing your production logger level to WARN if you wish to prevent tokens from being leaked into your logs. In `config/environments/production.rb`:
```ruby
config.log_level = :warn
@@ -697,41 +697,48 @@ Devise supports ActiveRecord (default) and Mongoid. To select another ORM, simpl
### Rails API Mode
Rails 5+ has a built-in [API Mode](https://edgeguides.rubyonrails.org/api_app.html) which optimizes Rails for use as an API (only). One of the side effects is that it changes the order of the middleware stack, and this can cause problems for `Devise::Test::IntegrationHelpers`. This problem usually surfaces as an ```undefined method `[]=' for nil:NilClass``` error when using integration test helpers, such as `#sign_in`. The solution is simply to reorder the middlewares by adding the following to test.rb:
Rails 5+ has a built-in [API Mode](https://edgeguides.rubyonrails.org/api_app.html) which optimizes Rails for use as an API (only). Devise is _somewhat_ able to handle applications that are built in this mode without additional modifications in the sense that it should not raise exceptions and the like. But some issues may still arise during `development`/`testing`, as we still don't know the full extent of this compatibility. (For more information, see [issue #4947](https://github.com/heartcombo/devise/issues/4947/))
#### Supported Authentication Strategies
API-only applications don't support browser-based authentication via cookies, which is devise's default. Yet, devise can still provide authentication out of the box in those cases with the `http_authenticatable` strategy, which uses HTTP Basic Auth and authenticates the user on each request. (For more info, see this wiki article for [How To: Use HTTP Basic Authentication](https://github.com/heartcombo/devise/wiki/How-To:-Use-HTTP-Basic-Authentication))
The devise default for HTTP Auth is disabled, so it will need to be enabled in the devise initializer for the database strategy:
```ruby
config.http_authenticatable = [:database]
```
This restriction does not limit you from implementing custom warden strategies, either in your application or via gem-based extensions for devise.
A common authentication strategy for APIs is token-based authentication. For more information on extending devise to support this type of authentication and others, see the wiki article for [Simple Token Authentication Examples and alternatives](https://github.com/heartcombo/devise/wiki/How-To:-Simple-Token-Authentication-Example#alternatives) or this blog post on [Custom authentication methods with Devise](http://blog.plataformatec.com.br/2019/01/custom-authentication-methods-with-devise/).
#### Testing
API Mode changes the order of the middleware stack, and this can cause problems for `Devise::Test::IntegrationHelpers`. This problem usually surfaces as an ```undefined method `[]=' for nil:NilClass``` error when using integration test helpers, such as `#sign_in`. The solution is simply to reorder the middlewares by adding the following to test.rb:
```ruby
Rails.application.config.middleware.insert_before Warden::Manager, ActionDispatch::Cookies
Rails.application.config.middleware.insert_before Warden::Manager, ActionDispatch::Session::CookieStore
```
For a deeper understanding of this, review [this issue](https://github.com/plataformatec/devise/issues/4696).
For a deeper understanding of this, review [this issue](https://github.com/heartcombo/devise/issues/4696).
Additionally be mindful that without views supported, some email-based flows from Confirmable, Recoverable and Lockable are not supported directly at this time.
## Additional information
### Heroku
Using Devise on Heroku with Ruby on Rails 3.2 requires setting:
```ruby
config.assets.initialize_on_precompile = false
```
Read more about the potential issues at http://guides.rubyonrails.org/asset_pipeline.html
### Warden
Devise is based on Warden, which is a general Rack authentication framework created by Daniel Neighman. We encourage you to read more about Warden here:
https://github.com/hassox/warden
https://github.com/wardencommunity/warden
### Contributors
We have a long list of valued contributors. Check them all at:
https://github.com/plataformatec/devise/graphs/contributors
https://github.com/heartcombo/devise/graphs/contributors
## License
MIT License. Copyright 2009-2019 Plataformatec. http://plataformatec.com.br
MIT License. Copyright 2020 Rafael França, Leonardo Tegon, Carlos Antônio da Silva. Copyright 2009-2019 Plataformatec.
You are not granted rights or licenses to the trademarks of Plataformatec, including without limitation the Devise name or logo.
The Devise logo is licensed under [Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License](https://creativecommons.org/licenses/by-nc-nd/4.0/).

4
app/controllers/devise_controller.rb
View File

@@ -112,7 +112,7 @@ MESSAGE
end
if authenticated && resource = warden.user(resource_name)
flash[:alert] = I18n.t("devise.failure.already_authenticated")
set_flash_message(:alert, 'already_authenticated', scope: 'devise.failure')
redirect_to after_sign_in_path_for(resource)
end
end
@@ -184,7 +184,7 @@ MESSAGE
options[:default] = Array(options[:default]).unshift(kind.to_sym)
options[:resource_name] = resource_name
options = devise_i18n_options(options)
I18n.t("#{options[:resource_name]}.#{kind}", options)
I18n.t("#{options[:resource_name]}.#{kind}", **options)
end
# Controllers inheriting DeviseController are advised to override this

24
app/helpers/devise_helper.rb
View File

@@ -1,14 +1,26 @@
# frozen_string_literal: true
module DeviseHelper
# Retain this method for backwards compatibility, deprecated in favour of modifying the
# devise/shared/error_messages partial
# Retain this method for backwards compatibility, deprecated in favor of modifying the
# devise/shared/error_messages partial.
def devise_error_messages!
ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
[Devise] `DeviseHelper.devise_error_messages!`
is deprecated and it will be removed in the next major version.
To customize the errors styles please run `rails g devise:views` and modify the
`devise/shared/error_messages` partial.
[Devise] `DeviseHelper#devise_error_messages!` is deprecated and will be
removed in the next major version.
Devise now uses a partial under "devise/shared/error_messages" to display
error messages by default, and make them easier to customize. Update your
views changing calls from:
<%= devise_error_messages! %>
to:
<%= render "devise/shared/error_messages", resource: resource %>
To start customizing how errors are displayed, you can copy the partial
from devise to your `app/views` folder. Alternatively, you can run
`rails g devise:views` which will copy all of them again to your app.
DEPRECATION
return "" if resource.errors.empty?

10
app/mailers/devise/mailer.rb
View File

@@ -4,26 +4,26 @@ if defined?(ActionMailer)
class Devise::Mailer < Devise.parent_mailer.constantize
include Devise::Mailers::Helpers
def confirmation_instructions(record, token, opts={})
def confirmation_instructions(record, token, opts = {})
@token = token
devise_mail(record, :confirmation_instructions, opts)
end
def reset_password_instructions(record, token, opts={})
def reset_password_instructions(record, token, opts = {})
@token = token
devise_mail(record, :reset_password_instructions, opts)
end
def unlock_instructions(record, token, opts={})
def unlock_instructions(record, token, opts = {})
@token = token
devise_mail(record, :unlock_instructions, opts)
end
def email_changed(record, opts={})
def email_changed(record, opts = {})
devise_mail(record, :email_changed, opts)
end
def password_change(record, opts={})
def password_change(record, opts = {})
devise_mail(record, :password_change, opts)
end
end

2
app/views/devise/shared/_links.html.erb
View File

@@ -20,6 +20,6 @@
<%- if devise_mapping.omniauthable? %>
<%- resource_class.omniauth_providers.each do |provider| %>
<%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider) %><br />
<%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), method: :post %><br />
<% end %>
<% end %>

4
config/locales/en.yml
View File

@@ -1,4 +1,4 @@
# Additional translations at https://github.com/plataformatec/devise/wiki/I18n
# Additional translations at https://github.com/heartcombo/devise/wiki/I18n
en:
devise:
@@ -44,7 +44,7 @@ en:
signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
updated: "Your account has been updated successfully."
updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again"
updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again."
sessions:
signed_in: "Signed in successfully."
signed_out: "Signed out successfully."

4
devise.gemspec
View File

@@ -10,8 +10,8 @@ Gem::Specification.new do |s|
s.platform = Gem::Platform::RUBY
s.licenses = ["MIT"]
s.summary = "Flexible authentication solution for Rails with Warden"
s.email = "contact@plataformatec.com.br"
s.homepage = "https://github.com/plataformatec/devise"
s.email = "heartcombo@googlegroups.com"
s.homepage = "https://github.com/heartcombo/devise"
s.description = "Flexible authentication solution for Rails with Warden"
s.authors = ['José Valim', 'Carlos Antônio']

0
gemfiles/Gemfile.rails-4.1-stable → gemfiles/Gemfile-rails-4-1
View File

0
gemfiles/Gemfile.rails-4.2-stable → gemfiles/Gemfile-rails-4-2
View File

3
gemfiles/Gemfile.rails-5.0-stable → gemfiles/Gemfile-rails-5-0
View File

@@ -9,8 +9,6 @@ gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing"
gem "responders", "~> 2.1"
@@ -21,7 +19,6 @@ group :test do
gem "timecop"
gem "webrat", "0.7.3", require: false
gem "mocha", "~> 1.1", require: false
gem 'test_after_commit', require: false
end
platforms :ruby do

5
gemfiles/Gemfile.rails-5.2-stable → gemfiles/Gemfile-rails-5-1
View File

@@ -2,13 +2,11 @@ source "https://rubygems.org"
gemspec path: ".."
gem "rails", '~> 5.2'
gem "rails", '~> 5.1.0'
gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing"
gem "responders", "~> 2.1"
@@ -19,7 +17,6 @@ group :test do
gem "timecop"
gem "webrat", "0.7.3", require: false
gem "mocha", "~> 1.1", require: false
gem 'test_after_commit', require: false
end
platforms :ruby do

24
gemfiles/Gemfile-rails-5-2 Normal file
View File

@@ -0,0 +1,24 @@
source "https://rubygems.org"
gemspec path: ".."
gem "rails", '~> 5.2.0'
gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "rails-controller-testing"
gem "responders", "~> 2.1"
group :test do
gem "omniauth-facebook"
gem "omniauth-openid"
gem "timecop"
gem "webrat", "0.7.3", require: false
gem "mocha", "~> 1.1", require: false
end
platforms :ruby do
gem "sqlite3", "~> 1.3.6"
end

8
gemfiles/Gemfile.rails-6.0-stable → gemfiles/Gemfile-rails-6-0
View File

@@ -2,24 +2,22 @@ source "https://rubygems.org"
gemspec path: ".."
gem "rails", '~> 6.0.0'
gem "rails", '~> 6.0.0', github: 'rails/rails', branch: '6-0-stable'
gem "omniauth"
gem "omniauth-oauth2"
gem "rdoc"
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
gem "rails-controller-testing"
gem "rails-controller-testing", github: "rails/rails-controller-testing"
gem "responders", "~> 3.0"
group :test do
gem "omniauth-facebook"
gem "omniauth-openid"
gem "rexml"
gem "timecop"
gem "webrat", "0.7.3", require: false
gem "mocha", "~> 1.1", require: false
gem 'test_after_commit', require: false
end
platforms :ruby do

174
gemfiles/Gemfile.rails-4.1-stable.lock
View File

@@ -1,174 +0,0 @@
GIT
remote: git://github.com/rails/rails.git
revision: 0cad778c2605a5204a05a9f1dbd3344e39f248d8
branch: 4-1-stable
specs:
actionmailer (4.1.16)
actionpack (= 4.1.16)
actionview (= 4.1.16)
mail (~> 2.5, >= 2.5.4)
rails (4.1.16)
actionmailer (= 4.1.16)
actionpack (= 4.1.16)
actionview (= 4.1.16)
activemodel (= 4.1.16)
activerecord (= 4.1.16)
activesupport (= 4.1.16)
bundler (>= 1.3.0, < 2.0)
railties (= 4.1.16)
sprockets-rails (~> 2.0)
PATH
remote: ..
specs:
devise (4.7.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actionpack (4.1.16)
actionview (= 4.1.16)
activesupport (= 4.1.16)
rack (~> 1.5.2)
rack-test (~> 0.6.2)
actionview (4.1.16)
activesupport (= 4.1.16)
builder (~> 3.1)
erubis (~> 2.7.0)
activemodel (4.1.16)
activesupport (= 4.1.16)
builder (~> 3.1)
activerecord (4.1.16)
activemodel (= 4.1.16)
activesupport (= 4.1.16)
arel (~> 5.0.0)
activesupport (4.1.16)
i18n (~> 0.6, >= 0.6.9)
json (~> 1.7, >= 1.7.7)
minitest (~> 5.1)
thread_safe (~> 0.1)
tzinfo (~> 1.1)
arel (5.0.1.20140414130214)
bcrypt (3.1.13)
bson (3.2.6)
builder (3.2.3)
concurrent-ruby (1.0.5)
connection_pool (2.2.1)
erubis (2.7.0)
faraday (0.11.0)
multipart-post (>= 1.2, < 3)
hashie (3.5.5)
i18n (0.8.1)
json (1.8.6)
jwt (1.5.6)
mail (2.6.4)
mime-types (>= 1.16, < 4)
metaclass (0.0.4)
mime-types (3.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2016.0521)
mini_portile2 (2.4.0)
minitest (5.10.1)
mocha (1.2.1)
metaclass (~> 0.0.1)
mongoid (4.0.2)
activemodel (~> 4.0)
moped (~> 2.0.0)
origin (~> 2.1)
tzinfo (>= 0.3.37)
moped (2.0.7)
bson (~> 3.0)
connection_pool (~> 2.0)
optionable (~> 0.2.0)
multi_json (1.12.1)
multi_xml (0.6.0)
multipart-post (2.0.0)
nokogiri (1.9.1)
mini_portile2 (~> 2.4.0)
oauth2 (1.3.1)
faraday (>= 0.8, < 0.12)
jwt (~> 1.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.4.2)
hashie (>= 1.2, < 4)
rack (>= 1.0, < 3)
omniauth-facebook (4.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.4.0)
oauth2 (~> 1.0)
omniauth (~> 1.2)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
optionable (0.2.0)
origin (2.3.0)
orm_adapter (0.5.0)
rack (1.5.5)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (0.6.3)
rack (>= 1.0)
railties (4.1.16)
actionpack (= 4.1.16)
activesupport (= 4.1.16)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (12.0.0)
rdoc (5.1.0)
responders (1.1.2)
railties (>= 3.2, < 4.2)
ruby-openid (2.7.0)
sprockets (3.7.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (2.3.3)
actionpack (>= 3.0)
activesupport (>= 3.0)
sprockets (>= 2.8, < 4.0)
sqlite3 (1.3.13)
test_after_commit (1.1.0)
activerecord (>= 3.2)
thor (0.19.4)
thread_safe (0.3.6)
timecop (0.8.1)
tzinfo (1.2.2)
thread_safe (~> 0.1)
warden (1.2.7)
rack (>= 1.0)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
PLATFORMS
ruby
DEPENDENCIES
activerecord-jdbc-adapter
activerecord-jdbcsqlite3-adapter
devise!
jruby-openssl
mocha (~> 1.1)
mongoid (~> 4.0)
nokogiri (= 1.9.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails!
rdoc (~> 5.1)
sqlite3 (~> 1.3.6)
test_after_commit
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

195
gemfiles/Gemfile.rails-4.2-stable.lock
View File

@@ -1,195 +0,0 @@
GIT
remote: git://github.com/rails/rails.git
revision: dc3ae21802c316e1639239d28202db7aa7fb7cac
branch: 4-2-stable
specs:
actionmailer (4.2.8)
actionpack (= 4.2.8)
actionview (= 4.2.8)
activejob (= 4.2.8)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 1.0, >= 1.0.5)
actionpack (4.2.8)
actionview (= 4.2.8)
activesupport (= 4.2.8)
rack (~> 1.6)
rack-test (~> 0.6.2)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (4.2.8)
activesupport (= 4.2.8)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (4.2.8)
activesupport (= 4.2.8)
globalid (>= 0.3.0)
activemodel (4.2.8)
activesupport (= 4.2.8)
builder (~> 3.1)
activerecord (4.2.8)
activemodel (= 4.2.8)
activesupport (= 4.2.8)
arel (~> 6.0)
activesupport (4.2.8)
i18n (~> 0.7)
minitest (~> 5.1)
thread_safe (~> 0.3, >= 0.3.4)
tzinfo (~> 1.1)
rails (4.2.8)
actionmailer (= 4.2.8)
actionpack (= 4.2.8)
actionview (= 4.2.8)
activejob (= 4.2.8)
activemodel (= 4.2.8)
activerecord (= 4.2.8)
activesupport (= 4.2.8)
bundler (>= 1.3.0, < 2.0)
railties (= 4.2.8)
sprockets-rails
railties (4.2.8)
actionpack (= 4.2.8)
activesupport (= 4.2.8)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
PATH
remote: ..
specs:
devise (4.7.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
arel (6.0.4)
bcrypt (3.1.13)
bson (3.2.6)
builder (3.2.3)
concurrent-ruby (1.0.5)
connection_pool (2.2.1)
erubis (2.7.0)
faraday (0.11.0)
multipart-post (>= 1.2, < 3)
globalid (0.3.7)
activesupport (>= 4.1.0)
hashie (3.5.5)
i18n (0.8.1)
jwt (1.5.6)
loofah (2.0.3)
nokogiri (>= 1.5.9)
mail (2.6.4)
mime-types (>= 1.16, < 4)
metaclass (0.0.4)
mime-types (3.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2016.0521)
mini_portile2 (2.4.0)
minitest (5.10.1)
mocha (1.2.1)
metaclass (~> 0.0.1)
mongoid (4.0.2)
activemodel (~> 4.0)
moped (~> 2.0.0)
origin (~> 2.1)
tzinfo (>= 0.3.37)
moped (2.0.7)
bson (~> 3.0)
connection_pool (~> 2.0)
optionable (~> 0.2.0)
multi_json (1.12.1)
multi_xml (0.6.0)
multipart-post (2.0.0)
nokogiri (1.9.1)
mini_portile2 (~> 2.4.0)
oauth2 (1.3.1)
faraday (>= 0.8, < 0.12)
jwt (~> 1.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.6.1)
hashie (>= 3.4.6, < 3.6.0)
rack (>= 1.6.2, < 3)
omniauth-facebook (4.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.4.0)
oauth2 (~> 1.0)
omniauth (~> 1.2)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
optionable (0.2.0)
origin (2.3.0)
orm_adapter (0.5.0)
rack (1.6.5)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (0.6.3)
rack (>= 1.0)
rails-deprecated_sanitizer (1.0.3)
activesupport (>= 4.2.0.alpha)
rails-dom-testing (1.0.8)
activesupport (>= 4.2.0.beta, < 5.0)
nokogiri (~> 1.6)
rails-deprecated_sanitizer (>= 1.0.1)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
rake (12.0.0)
rdoc (5.1.0)
responders (2.4.1)
actionpack (>= 4.2.0, < 6.0)
railties (>= 4.2.0, < 6.0)
ruby-openid (2.7.0)
sprockets (3.7.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.0)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
test_after_commit (1.1.0)
activerecord (>= 3.2)
thor (0.19.4)
thread_safe (0.3.6)
timecop (0.8.1)
tzinfo (1.2.2)
thread_safe (~> 0.1)
warden (1.2.7)
rack (>= 1.0)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
PLATFORMS
ruby
DEPENDENCIES
activerecord-jdbc-adapter
activerecord-jdbcsqlite3-adapter
devise!
jruby-openssl
mocha (~> 1.1)
mongoid (~> 4.0)
nokogiri (= 1.9.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails!
rdoc (~> 5.1)
sqlite3 (~> 1.3.6)
test_after_commit
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

194
gemfiles/Gemfile.rails-5.0-stable.lock
View File

@@ -1,194 +0,0 @@
GIT
remote: git://github.com/rails/activemodel-serializers-xml.git
revision: dd9c0acf26aab111ebc647cd8deb99ebc6946531
specs:
activemodel-serializers-xml (1.0.1)
activemodel (> 5.x)
activesupport (> 5.x)
builder (~> 3.1)
PATH
remote: ..
specs:
devise (4.7.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actioncable (5.0.2)
actionpack (= 5.0.2)
nio4r (>= 1.2, < 3.0)
websocket-driver (~> 0.6.1)
actionmailer (5.0.2)
actionpack (= 5.0.2)
actionview (= 5.0.2)
activejob (= 5.0.2)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.0.2)
actionview (= 5.0.2)
activesupport (= 5.0.2)
rack (~> 2.0)
rack-test (~> 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.0.2)
activesupport (= 5.0.2)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.0.2)
activesupport (= 5.0.2)
globalid (>= 0.3.6)
activemodel (5.0.2)
activesupport (= 5.0.2)
activerecord (5.0.2)
activemodel (= 5.0.2)
activesupport (= 5.0.2)
arel (~> 7.0)
activesupport (5.0.2)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (~> 0.7)
minitest (~> 5.1)
tzinfo (~> 1.1)
arel (7.1.4)
bcrypt (3.1.13)
builder (3.2.3)
concurrent-ruby (1.0.5)
erubis (2.7.0)
faraday (0.11.0)
multipart-post (>= 1.2, < 3)
globalid (0.4.0)
activesupport (>= 4.2.0)
hashie (3.5.5)
i18n (0.8.1)
jwt (1.5.6)
loofah (2.0.3)
nokogiri (>= 1.5.9)
mail (2.6.5)
mime-types (>= 1.16, < 4)
metaclass (0.0.4)
method_source (0.8.2)
mime-types (3.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2016.0521)
mini_portile2 (2.1.0)
minitest (5.10.1)
mocha (1.2.1)
metaclass (~> 0.0.1)
multi_json (1.12.1)
multi_xml (0.6.0)
multipart-post (2.0.0)
nio4r (2.0.0)
nokogiri (1.7.2)
mini_portile2 (~> 2.1.0)
oauth2 (1.3.1)
faraday (>= 0.8, < 0.12)
jwt (~> 1.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.6.1)
hashie (>= 3.4.6, < 3.6.0)
rack (>= 1.6.2, < 3)
omniauth-facebook (4.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.4.0)
oauth2 (~> 1.0)
omniauth (~> 1.2)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
orm_adapter (0.5.0)
rack (2.0.2)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (0.6.3)
rack (>= 1.0)
rails (5.0.2)
actioncable (= 5.0.2)
actionmailer (= 5.0.2)
actionpack (= 5.0.2)
actionview (= 5.0.2)
activejob (= 5.0.2)
activemodel (= 5.0.2)
activerecord (= 5.0.2)
activesupport (= 5.0.2)
bundler (>= 1.3.0, < 2.0)
railties (= 5.0.2)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.1)
actionpack (~> 5.x)
actionview (~> 5.x)
activesupport (~> 5.x)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
railties (5.0.2)
actionpack (= 5.0.2)
activesupport (= 5.0.2)
method_source
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (12.0.0)
rdoc (5.1.0)
responders (2.4.0)
actionpack (>= 4.2.0, < 5.3)
railties (>= 4.2.0, < 5.3)
ruby-openid (2.7.0)
sprockets (3.7.1)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.0)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
test_after_commit (1.1.0)
activerecord (>= 3.2)
thor (0.19.4)
thread_safe (0.3.6)
timecop (0.8.1)
tzinfo (1.2.3)
thread_safe (~> 0.1)
warden (1.2.7)
rack (>= 1.0)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.6.5)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.2)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 5.0.0)
rails-controller-testing
rdoc
responders (~> 2.1)
sqlite3 (~> 1.3.6)
test_after_commit
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

203
gemfiles/Gemfile.rails-5.2-stable.lock
View File

@@ -1,203 +0,0 @@
GIT
remote: git://github.com/rails/activemodel-serializers-xml.git
revision: f744aeca2747ed3134e492249c4ee39b548efdf6
specs:
activemodel-serializers-xml (1.0.2)
activemodel (> 5.x)
activesupport (> 5.x)
builder (~> 3.1)
PATH
remote: ..
specs:
devise (4.7.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actioncable (5.2.1)
actionpack (= 5.2.1)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailer (5.2.1)
actionpack (= 5.2.1)
actionview (= 5.2.1)
activejob (= 5.2.1)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.2.1)
actionview (= 5.2.1)
activesupport (= 5.2.1)
rack (~> 2.0)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.2.1)
activesupport (= 5.2.1)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.2.1)
activesupport (= 5.2.1)
globalid (>= 0.3.6)
activemodel (5.2.1)
activesupport (= 5.2.1)
activerecord (5.2.1)
activemodel (= 5.2.1)
activesupport (= 5.2.1)
arel (>= 9.0)
activestorage (5.2.1)
actionpack (= 5.2.1)
activerecord (= 5.2.1)
marcel (~> 0.3.1)
activesupport (5.2.1)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
arel (9.0.0)
bcrypt (3.1.13)
builder (3.2.3)
concurrent-ruby (1.0.5)
crass (1.0.4)
erubi (1.7.1)
faraday (0.12.2)
multipart-post (>= 1.2, < 3)
globalid (0.4.1)
activesupport (>= 4.2.0)
hashie (3.5.7)
i18n (1.1.0)
concurrent-ruby (~> 1.0)
jwt (1.5.6)
loofah (2.2.2)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.0)
mini_mime (>= 0.1.1)
marcel (0.3.3)
mimemagic (~> 0.3.2)
metaclass (0.0.4)
method_source (0.9.0)
mimemagic (0.3.2)
mini_mime (1.0.1)
mini_portile2 (2.3.0)
minitest (5.11.3)
mocha (1.7.0)
metaclass (~> 0.0.1)
multi_json (1.13.1)
multi_xml (0.6.0)
multipart-post (2.0.0)
nio4r (2.3.1)
nokogiri (1.8.5)
mini_portile2 (~> 2.3.0)
oauth2 (1.4.0)
faraday (>= 0.8, < 0.13)
jwt (~> 1.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.8.1)
hashie (>= 3.4.6, < 3.6.0)
rack (>= 1.6.2, < 3)
omniauth-facebook (5.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.5.0)
oauth2 (~> 1.1)
omniauth (~> 1.2)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
orm_adapter (0.5.0)
rack (2.0.5)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (5.2.1)
actioncable (= 5.2.1)
actionmailer (= 5.2.1)
actionpack (= 5.2.1)
actionview (= 5.2.1)
activejob (= 5.2.1)
activemodel (= 5.2.1)
activerecord (= 5.2.1)
activestorage (= 5.2.1)
activesupport (= 5.2.1)
bundler (>= 1.3.0)
railties (= 5.2.1)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.2)
actionpack (~> 5.x, >= 5.0.1)
actionview (~> 5.x, >= 5.0.1)
activesupport (~> 5.x)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.0.4)
loofah (~> 2.2, >= 2.2.2)
railties (5.2.1)
actionpack (= 5.2.1)
activesupport (= 5.2.1)
method_source
rake (>= 0.8.7)
thor (>= 0.19.0, < 2.0)
rake (12.3.1)
rdoc (6.0.4)
responders (2.4.0)
actionpack (>= 4.2.0, < 5.3)
railties (>= 4.2.0, < 5.3)
ruby-openid (2.7.0)
sprockets (3.7.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.3.13)
test_after_commit (1.1.0)
activerecord (>= 3.2)
thor (0.20.0)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.5)
thread_safe (~> 0.1)
warden (1.2.7)
rack (>= 1.0)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.7.0)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.3)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 5.2)
rails-controller-testing
rdoc
responders (~> 2.1)
sqlite3 (~> 1.3.6)
test_after_commit
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

219
gemfiles/Gemfile.rails-6.0-stable.lock
View File

@@ -1,219 +0,0 @@
GIT
remote: git://github.com/rails/activemodel-serializers-xml.git
revision: 93689638c28525acc65afb638fce866826532641
specs:
activemodel-serializers-xml (1.0.2)
activemodel (>= 5.0.0.a)
activesupport (>= 5.0.0.a)
builder (~> 3.1)
PATH
remote: ..
specs:
devise (4.7.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
GEM
remote: https://rubygems.org/
specs:
actioncable (6.0.0)
actionpack (= 6.0.0)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.0.0)
actionpack (= 6.0.0)
activejob (= 6.0.0)
activerecord (= 6.0.0)
activestorage (= 6.0.0)
activesupport (= 6.0.0)
mail (>= 2.7.1)
actionmailer (6.0.0)
actionpack (= 6.0.0)
actionview (= 6.0.0)
activejob (= 6.0.0)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (6.0.0)
actionview (= 6.0.0)
activesupport (= 6.0.0)
rack (~> 2.0)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.0.0)
actionpack (= 6.0.0)
activerecord (= 6.0.0)
activestorage (= 6.0.0)
activesupport (= 6.0.0)
nokogiri (>= 1.8.5)
actionview (6.0.0)
activesupport (= 6.0.0)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.0.0)
activesupport (= 6.0.0)
globalid (>= 0.3.6)
activemodel (6.0.0)
activesupport (= 6.0.0)
activerecord (6.0.0)
activemodel (= 6.0.0)
activesupport (= 6.0.0)
activestorage (6.0.0)
actionpack (= 6.0.0)
activejob (= 6.0.0)
activerecord (= 6.0.0)
marcel (~> 0.3.1)
activesupport (6.0.0)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
zeitwerk (~> 2.1, >= 2.1.8)
bcrypt (3.1.13)
builder (3.2.3)
concurrent-ruby (1.1.5)
crass (1.0.4)
erubi (1.8.0)
faraday (0.15.4)
multipart-post (>= 1.2, < 3)
globalid (0.4.2)
activesupport (>= 4.2.0)
hashie (3.6.0)
i18n (1.6.0)
concurrent-ruby (~> 1.0)
jwt (2.2.1)
loofah (2.2.3)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
mail (2.7.1)
mini_mime (>= 0.1.1)
marcel (0.3.3)
mimemagic (~> 0.3.2)
metaclass (0.0.4)
method_source (0.9.2)
mimemagic (0.3.3)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.11.3)
mocha (1.9.0)
metaclass (~> 0.0.1)
multi_json (1.13.1)
multi_xml (0.6.0)
multipart-post (2.1.1)
nio4r (2.4.0)
nokogiri (1.10.4)
mini_portile2 (~> 2.4.0)
oauth2 (1.4.1)
faraday (>= 0.8, < 0.16.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.9.0)
hashie (>= 3.4.6, < 3.7.0)
rack (>= 1.6.2, < 3)
omniauth-facebook (5.0.0)
omniauth-oauth2 (~> 1.2)
omniauth-oauth2 (1.6.0)
oauth2 (~> 1.1)
omniauth (~> 1.9)
omniauth-openid (1.0.1)
omniauth (~> 1.0)
rack-openid (~> 1.3.1)
orm_adapter (0.5.0)
rack (2.0.7)
rack-openid (1.3.1)
rack (>= 1.1.0)
ruby-openid (>= 2.1.8)
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (6.0.0)
actioncable (= 6.0.0)
actionmailbox (= 6.0.0)
actionmailer (= 6.0.0)
actionpack (= 6.0.0)
actiontext (= 6.0.0)
actionview (= 6.0.0)
activejob (= 6.0.0)
activemodel (= 6.0.0)
activerecord (= 6.0.0)
activestorage (= 6.0.0)
activesupport (= 6.0.0)
bundler (>= 1.3.0)
railties (= 6.0.0)
sprockets-rails (>= 2.0.0)
rails-controller-testing (1.0.4)
actionpack (>= 5.0.1.x)
actionview (>= 5.0.1.x)
activesupport (>= 5.0.1.x)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.2.0)
loofah (~> 2.2, >= 2.2.2)
railties (6.0.0)
actionpack (= 6.0.0)
activesupport (= 6.0.0)
method_source
rake (>= 0.8.7)
thor (>= 0.20.3, < 2.0)
rake (12.3.3)
rdoc (6.1.1)
responders (3.0.0)
actionpack (>= 5.0)
railties (>= 5.0)
ruby-openid (2.7.0)
sprockets (3.7.2)
concurrent-ruby (~> 1.0)
rack (> 1, < 3)
sprockets-rails (3.2.1)
actionpack (>= 4.0)
activesupport (>= 4.0)
sprockets (>= 3.0.0)
sqlite3 (1.4.1)
test_after_commit (1.1.0)
activerecord (>= 3.2)
thor (0.20.3)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.5)
thread_safe (~> 0.1)
warden (1.2.8)
rack (>= 2.0.6)
webrat (0.7.3)
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
websocket-driver (0.7.1)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.4)
zeitwerk (2.1.9)
PLATFORMS
ruby
DEPENDENCIES
activemodel-serializers-xml!
devise!
mocha (~> 1.1)
omniauth
omniauth-facebook
omniauth-oauth2
omniauth-openid
rails (~> 6.0.0)
rails-controller-testing
rdoc
responders (~> 3.0)
sqlite3 (~> 1.4)
test_after_commit
timecop
webrat (= 0.7.3)
BUNDLED WITH
1.17.3

6
lib/devise.rb
View File

@@ -71,7 +71,7 @@ module Devise
# The number of times to hash the password.
mattr_accessor :stretches
@@stretches = 11
@@stretches = 12
# The default key used when authenticating over http auth.
mattr_accessor :http_authentication_key
@@ -297,10 +297,6 @@ module Devise
mattr_accessor :sign_in_after_change_password
@@sign_in_after_change_password = true
def self.rails51? # :nodoc:
Rails.gem_version >= Gem::Version.new("5.1.x")
end
def self.activerecord51? # :nodoc:
defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
end

14
lib/devise/controllers/helpers.rb
View File

@@ -36,14 +36,14 @@ module Devise
# before_action ->{ authenticate_blogger! :admin } # Redirects to the admin login page
# current_blogger :user # Preferably returns a User if one is signed in
#
def devise_group(group_name, opts={})
def devise_group(group_name, opts = {})
mappings = "[#{ opts[:contains].map { |m| ":#{m}" }.join(',') }]"
class_eval <<-METHODS, __FILE__, __LINE__ + 1
def authenticate_#{group_name}!(favourite=nil, opts={})
def authenticate_#{group_name}!(favorite = nil, opts = {})
unless #{group_name}_signed_in?
mappings = #{mappings}
mappings.unshift mappings.delete(favourite.to_sym) if favourite
mappings.unshift mappings.delete(favorite.to_sym) if favorite
mappings.each do |mapping|
opts[:scope] = mapping
warden.authenticate!(opts) if !devise_controller? || opts.delete(:force)
@@ -57,9 +57,9 @@ module Devise
end
end
def current_#{group_name}(favourite=nil)
def current_#{group_name}(favorite = nil)
mappings = #{mappings}
mappings.unshift mappings.delete(favourite.to_sym) if favourite
mappings.unshift mappings.delete(favorite.to_sym) if favorite
mappings.each do |mapping|
current = warden.authenticate(scope: mapping)
return current if current
@@ -113,7 +113,7 @@ module Devise
mapping = mapping.name
class_eval <<-METHODS, __FILE__, __LINE__ + 1
def authenticate_#{mapping}!(opts={})
def authenticate_#{mapping}!(opts = {})
opts[:scope] = :#{mapping}
warden.authenticate!(opts) if !devise_controller? || opts.delete(:force)
end
@@ -252,7 +252,7 @@ module Devise
# Overwrite Rails' handle unverified request to sign out all scopes,
# clear run strategies and remove cached variables.
def handle_unverified_request
super # call the default behaviour which resets/nullifies/raises
super # call the default behavior which resets/nullifies/raises
request.env["devise.skip_storage"] = true
sign_out_all_scopes(false)
end

10
lib/devise/controllers/sign_in_out.rb
View File

@@ -10,7 +10,7 @@ module Devise
# cause exceptions to be thrown from this method; if you simply want to check
# if a scope has already previously been authenticated without running
# authentication hooks, you can directly call `warden.authenticated?(scope: scope)`
def signed_in?(scope=nil)
def signed_in?(scope = nil)
[scope || Devise.mappings.keys].flatten.any? do |_scope|
warden.authenticate?(scope: _scope)
end
@@ -21,7 +21,7 @@ module Devise
# to the set_user method in warden.
# If you are using a custom warden strategy and the timeoutable module, you have to
# set `env["devise.skip_timeout"] = true` in the request to use this method, like we do
# in the sessions controller: https://github.com/plataformatec/devise/blob/master/app/controllers/devise/sessions_controller.rb#L7
# in the sessions controller: https://github.com/heartcombo/devise/blob/master/app/controllers/devise/sessions_controller.rb#L7
#
# Examples:
#
@@ -77,7 +77,7 @@ module Devise
# sign_out :user # sign_out(scope)
# sign_out @user # sign_out(resource)
#
def sign_out(resource_or_scope=nil)
def sign_out(resource_or_scope = nil)
return sign_out_all_scopes unless resource_or_scope
scope = Devise::Mapping.find_scope!(resource_or_scope)
user = warden.user(scope: scope, run_callbacks: false) # If there is no user
@@ -92,7 +92,7 @@ module Devise
# Sign out all active users or scopes. This helper is useful for signing out all roles
# in one click. This signs out ALL scopes in warden. Returns true if there was at least one logout
# and false if there was no user logged in on all scopes.
def sign_out_all_scopes(lock=true)
def sign_out_all_scopes(lock = true)
users = Devise.mappings.keys.map { |s| warden.user(scope: s, run_callbacks: false) }
warden.logout
@@ -106,10 +106,12 @@ module Devise
private
def expire_data_after_sign_in!
# TODO: remove once Rails 5.2+ and forward are only supported.
# session.keys will return an empty array if the session is not yet loaded.
# This is a bug in both Rack and Rails.
# A call to #empty? forces the session to be loaded.
session.empty?
session.keys.grep(/^devise\./).each { |k| session.delete(k) }
end

2
lib/devise/controllers/url_helpers.rb
View File

@@ -34,7 +34,7 @@ module Devise
end
end
def self.generate_helpers!(routes=nil)
def self.generate_helpers!(routes = nil)
routes ||= begin
mappings = Devise.mappings.values.map(&:used_helpers).flatten.uniq
Devise::URL_HELPERS.slice(*mappings)

5
lib/devise/failure_app.rb
View File

@@ -71,7 +71,6 @@ module Devise
end
flash.now[:alert] = i18n_message(:invalid) if is_flashing_format?
# self.response = recall_app(warden_options[:recall]).call(env)
self.response = recall_app(warden_options[:recall]).call(request.env)
end
@@ -107,7 +106,7 @@ module Devise
options[:authentication_keys] = keys.join(I18n.translate(:"support.array.words_connector"))
options = i18n_options(options)
I18n.t(:"#{scope}.#{message}", options)
I18n.t(:"#{scope}.#{message}", **options)
else
message.to_s
end
@@ -152,7 +151,7 @@ module Devise
# We need to add the rootpath to `script_name` manually for applications that use a Rails
# version lower than 5.1. Otherwise, it is going to generate a wrong path for Engines
# that use Devise. Remove it when the support of Rails 5.0 is droped.
# that use Devise. Remove it when the support of Rails 5.0 is dropped.
elsif root_path_defined?(context) && !rails_51_and_up?
rootpath = context.routes.url_helpers.root_path
opts[:script_name] = rootpath.chomp('/') if rootpath.length > 1

7
lib/devise/hooks/lockable.rb
View File

@@ -3,10 +3,7 @@
# After each sign in, if resource responds to failed_attempts, sets it to 0
# This is only triggered when the user is explicitly set (with set_user)
Warden::Manager.after_set_user except: :fetch do |record, warden, options|
if record.respond_to?(:failed_attempts) && warden.authenticated?(options[:scope])
unless record.failed_attempts.to_i.zero?
record.failed_attempts = 0
record.save(validate: false)
end
if record.respond_to?(:reset_failed_attempts!) && warden.authenticated?(options[:scope])
record.reset_failed_attempts!
end
end

4
lib/devise/hooks/timeoutable.rb
View File

@@ -21,8 +21,8 @@ Warden::Manager.after_set_user do |record, warden, options|
proxy = Devise::Hooks::Proxy.new(warden)
if record.timedout?(last_request_at) &&
!env['devise.skip_timeout'] &&
if !env['devise.skip_timeout'] &&
record.timedout?(last_request_at) &&
!proxy.remember_me_is_active?(record)
Devise.sign_out_all_scopes ? proxy.sign_out : proxy.sign_out(scope)
throw :warden, scope: scope, message: :timeout

2
lib/devise/mapping.rb
View File

@@ -46,7 +46,7 @@ module Devise
raise "Could not find a valid mapping for #{obj.inspect}"
end
def self.find_by_path!(path, path_type=:fullpath)
def self.find_by_path!(path, path_type = :fullpath)
Devise.mappings.each_value { |m| return m if path.include?(m.send(path_type)) }
raise "Could not find a valid mapping for path #{path.inspect}"
end

19
lib/devise/models/authenticatable.rb
View File

@@ -2,6 +2,7 @@
require 'devise/hooks/activatable'
require 'devise/hooks/csrf_cleaner'
require 'devise/rails/deprecated_constant_accessor'
module Devise
module Models
@@ -55,11 +56,14 @@ module Devise
module Authenticatable
extend ActiveSupport::Concern
BLACKLIST_FOR_SERIALIZATION = [:encrypted_password, :reset_password_token, :reset_password_sent_at,
UNSAFE_ATTRIBUTES_FOR_SERIALIZATION = [:encrypted_password, :reset_password_token, :reset_password_sent_at,
:remember_created_at, :sign_in_count, :current_sign_in_at, :last_sign_in_at, :current_sign_in_ip,
:last_sign_in_ip, :password_salt, :confirmation_token, :confirmed_at, :confirmation_sent_at,
:remember_token, :unconfirmed_email, :failed_attempts, :unlock_token, :locked_at]
include Devise::DeprecatedConstantAccessor
deprecate_constant "BLACKLIST_FOR_SERIALIZATION", "Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION"
included do
class_attribute :devise_modules, instance_writer: false
self.devise_modules ||= []
@@ -104,12 +108,12 @@ module Devise
# given to :except will simply add names to exempt to Devise internal list.
def serializable_hash(options = nil)
options = options.try(:dup) || {}
options[:except] = Array(options[:except])
options[:except] = Array(options[:except]).dup
if options[:force_except]
options[:except].concat Array(options[:force_except])
else
options[:except].concat BLACKLIST_FOR_SERIALIZATION
options[:except].concat UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
end
super(options)
@@ -152,7 +156,8 @@ module Devise
# # If the record is new or changed then delay the
# # delivery until the after_commit callback otherwise
# # send now because after_commit will not be called.
# if new_record? || changed?
# # For Rails < 6 use `changed?` instead of `saved_changes?`.
# if new_record? || saved_changes?
# pending_devise_notifications << [notification, args]
# else
# render_and_send_devise_message(notification, *args)
@@ -271,17 +276,17 @@ module Devise
find_first_by_auth_conditions(tainted_conditions)
end
def find_first_by_auth_conditions(tainted_conditions, opts={})
def find_first_by_auth_conditions(tainted_conditions, opts = {})
to_adapter.find_first(devise_parameter_filter.filter(tainted_conditions).merge(opts))
end
# Find or initialize a record setting an error if it can't be found.
def find_or_initialize_with_error_by(attribute, value, error=:invalid) #:nodoc:
def find_or_initialize_with_error_by(attribute, value, error = :invalid) #:nodoc:
find_or_initialize_with_errors([attribute], { attribute => value }, error)
end
# Find or initialize a record with group of attributes based on a list of required attributes.
def find_or_initialize_with_errors(required_attributes, attributes, error=:invalid) #:nodoc:
def find_or_initialize_with_errors(required_attributes, attributes, error = :invalid) #:nodoc:
attributes.try(:permit!)
attributes = attributes.to_h.with_indifferent_access
.slice(*required_attributes)

4
lib/devise/models/confirmable.rb
View File

@@ -76,7 +76,7 @@ module Devise
# Confirm a user by setting it's confirmed_at to actual time. If the user
# is already confirmed, add an error to email field. If the user is invalid
# add errors
def confirm(args={})
def confirm(args = {})
pending_any_confirmation do
if confirmation_period_expired?
self.errors.add(:email, :confirmation_period_expired,
@@ -334,7 +334,7 @@ module Devise
# confirmation instructions to it. If not, try searching for a user by unconfirmed_email
# field. If no user is found, returns a new user with an email not found error.
# Options must contain the user email
def send_confirmation_instructions(attributes={})
def send_confirmation_instructions(attributes = {})
confirmable = find_by_unconfirmed_email_with_errors(attributes) if reconfirmable
unless confirmable.try(:persisted?)
confirmable = find_or_initialize_with_errors(confirmation_keys, attributes, :not_found)

6
lib/devise/models/database_authenticatable.rb
View File

@@ -7,6 +7,10 @@ module Devise
# Authenticatable Module, responsible for hashing the password and
# validating the authenticity of a user while signing in.
#
# This module defines a `password=` method. This method will hash the argument
# and store it in the `encrypted_password` column, bypassing any pre-existing
# `password` column if it exists.
#
# == Options
#
# DatabaseAuthenticatable adds the following options to devise_for:
@@ -195,7 +199,7 @@ module Devise
# Hashes the password using bcrypt. Custom hash functions should override
# this method to apply their own algorithm.
#
# See https://github.com/plataformatec/devise-encryptable for examples
# See https://github.com/heartcombo/devise-encryptable for examples
# of other hashing engines.
def password_digest(password)
Devise::Encryptor.digest(self.class, password)

12
lib/devise/models/lockable.rb
View File

@@ -57,6 +57,14 @@ module Devise
save(validate: false)
end
# Resets failed attempts counter to 0.
def reset_failed_attempts!
if respond_to?(:failed_attempts) && !failed_attempts.to_i.zero?
self.failed_attempts = 0
save(validate: false)
end
end
# Verifies whether a user is locked or not.
def access_locked?
!!locked_at && !lock_expired?
@@ -110,7 +118,7 @@ module Devise
false
end
end
def increment_failed_attempts
self.class.increment_counter(:failed_attempts, id)
reload
@@ -168,7 +176,7 @@ module Devise
# unlock instructions to it. If not user is found, returns a new user
# with an email not found error.
# Options must contain the user's unlock keys
def send_unlock_instructions(attributes={})
def send_unlock_instructions(attributes = {})
lockable = find_or_initialize_with_errors(unlock_keys, attributes, :not_found)
lockable.resend_unlock_instructions if lockable.persisted?
lockable

4
lib/devise/models/recoverable.rb
View File

@@ -131,7 +131,7 @@ module Devise
# password instructions to it. If user is not found, returns a new user
# with an email not found error.
# Attributes must contain the user's email
def send_reset_password_instructions(attributes={})
def send_reset_password_instructions(attributes = {})
recoverable = find_or_initialize_with_errors(reset_password_keys, attributes, :not_found)
recoverable.send_reset_password_instructions if recoverable.persisted?
recoverable
@@ -142,7 +142,7 @@ module Devise
# try saving the record. If not user is found, returns a new user
# containing an error in reset_password_token attribute.
# Attributes must contain reset_password_token, password and confirmation
def reset_password_by_token(attributes={})
def reset_password_by_token(attributes = {})
original_token = attributes[:reset_password_token]
reset_password_token = Devise.token_generator.digest(self, :reset_password_token, original_token)

2
lib/devise/models/rememberable.rb
View File

@@ -102,7 +102,7 @@ module Devise
def remember_me?(token, generated_at)
# TODO: Normalize the JSON type coercion along with the Timeoutable hook
# in a single place https://github.com/plataformatec/devise/blob/ffe9d6d406e79108cf32a2c6a1d0b3828849c40b/lib/devise/hooks/timeoutable.rb#L14-L18
# in a single place https://github.com/heartcombo/devise/blob/ffe9d6d406e79108cf32a2c6a1d0b3828849c40b/lib/devise/hooks/timeoutable.rb#L14-L18
if generated_at.is_a?(String)
generated_at = time_from_json(generated_at)
end

2
lib/devise/models/trackable.rb
View File

@@ -33,7 +33,7 @@ module Devise
def update_tracked_fields!(request)
# We have to check if the user is already persisted before running
# `save` here because invalid users can be saved if we don't.
# See https://github.com/plataformatec/devise/issues/4673 for more details.
# See https://github.com/heartcombo/devise/issues/4673 for more details.
return if new_record?
update_tracked_fields(request)

7
lib/devise/omniauth.rb
View File

@@ -1,17 +1,14 @@
# frozen_string_literal: true
begin
gem "omniauth", ">= 1.0.0"
require "omniauth"
require "omniauth/version"
rescue LoadError
warn "Could not load 'omniauth'. Please ensure you have the omniauth gem >= 1.0.0 installed and listed in your Gemfile."
raise
end
unless OmniAuth::VERSION =~ /^1\./
raise "You are using an old OmniAuth version, please ensure you have 1.0.0.pr2 version or later installed."
end
# Clean up the default path_prefix. It will be automatically set by Devise.
OmniAuth.config.path_prefix = nil

39
lib/devise/rails/deprecated_constant_accessor.rb Normal file
View File

@@ -0,0 +1,39 @@
# frozen_string_literal: true
begin
require 'active_support/deprecation/constant_accessor'
module Devise
DeprecatedConstantAccessor = ActiveSupport::Deprecation::DeprecatedConstantAccessor #:nodoc:
end
rescue LoadError
# Copy of constant deprecation module from Rails / Active Support version 6, so we can use it
# with Rails <= 5.0 versions. This can be removed once we support only Rails 5.1 or greater.
module Devise
module DeprecatedConstantAccessor #:nodoc:
def self.included(base)
require "active_support/inflector/methods"
extension = Module.new do
def const_missing(missing_const_name)
if class_variable_defined?(:@@_deprecated_constants)
if (replacement = class_variable_get(:@@_deprecated_constants)[missing_const_name.to_s])
replacement[:deprecator].warn(replacement[:message] || "#{name}::#{missing_const_name} is deprecated! Use #{replacement[:new]} instead.", Rails::VERSION::MAJOR == 4 ? caller : caller_locations)
return ActiveSupport::Inflector.constantize(replacement[:new].to_s)
end
end
super
end
def deprecate_constant(const_name, new_constant, message: nil, deprecator: ActiveSupport::Deprecation.instance)
class_variable_set(:@@_deprecated_constants, {}) unless class_variable_defined?(:@@_deprecated_constants)
class_variable_get(:@@_deprecated_constants)[const_name.to_s] = { new: new_constant, message: message, deprecator: deprecator }
end
end
base.singleton_class.prepend extension
end
end
end
end

8
lib/devise/rails/routes.rb
View File

@@ -287,7 +287,7 @@ module ActionDispatch::Routing
# root to: "admin/dashboard#show", as: :user_root
# end
#
def authenticate(scope=nil, block=nil)
def authenticate(scope = nil, block = nil)
constraints_for(:authenticate!, scope, block) do
yield
end
@@ -311,7 +311,7 @@ module ActionDispatch::Routing
#
# root to: 'landing#show'
#
def authenticated(scope=nil, block=nil)
def authenticated(scope = nil, block = nil)
constraints_for(:authenticate?, scope, block) do
yield
end
@@ -328,7 +328,7 @@ module ActionDispatch::Routing
#
# root to: 'dashboard#show'
#
def unauthenticated(scope=nil)
def unauthenticated(scope = nil)
constraint = lambda do |request|
not request.env["warden"].authenticate? scope: scope
end
@@ -474,7 +474,7 @@ ERROR
@scope = current_scope
end
def constraints_for(method_to_apply, scope=nil, block=nil)
def constraints_for(method_to_apply, scope = nil, block = nil)
constraint = lambda do |request|
request.env['warden'].send(method_to_apply, scope: scope) &&
(block.nil? || block.call(request.env["warden"].user(scope)))

4
lib/devise/test/controller_helpers.rb
View File

@@ -37,6 +37,8 @@ module Devise
@response
end
ruby2_keywords(:process) if respond_to?(:ruby2_keywords, true)
# We need to set up the environment variables and the response in the controller.
def setup_controller_for_warden #:nodoc:
@request.env['action_controller.instance'] = @controller
@@ -141,7 +143,7 @@ module Devise
@controller.response.headers.merge!(headers)
@controller.response.content_type = headers["Content-Type"] unless Rails::VERSION::MAJOR >= 5
@controller.status = status
@controller.response.body = response.body
@controller.response_body = response.body
nil # causes process return @response
end

2
lib/devise/test/integration_helpers.rb
View File

@@ -28,7 +28,7 @@ module Devise
end
end
# Signs in a specific resource, mimicking a successfull sign in
# Signs in a specific resource, mimicking a successful sign in
# operation through +Devise::SessionsController#create+.
#
# * +resource+ - The resource that should be authenticated

2
lib/devise/version.rb
View File

@@ -1,5 +1,5 @@
# frozen_string_literal: true
module Devise
VERSION = "4.7.1".freeze
VERSION = "4.8.0".freeze
end

19
lib/generators/active_record/devise_generator.rb
View File

@@ -86,9 +86,24 @@ RUBY
Rails::VERSION::MAJOR >= 5
end
def rails61_and_up?
Rails::VERSION::MAJOR > 6 || (Rails::VERSION::MAJOR == 6 && Rails::VERSION::MINOR >= 1)
end
def postgresql?
config = ActiveRecord::Base.configurations[Rails.env]
config && config['adapter'] == 'postgresql'
ar_config && ar_config['adapter'] == 'postgresql'
end
def ar_config
if ActiveRecord::Base.configurations.respond_to?(:configs_for)
if rails61_and_up?
ActiveRecord::Base.configurations.configs_for(env_name: Rails.env, name: "primary").configuration_hash
else
ActiveRecord::Base.configurations.configs_for(env_name: Rails.env, spec_name: "primary").config
end
else
ActiveRecord::Base.configurations[Rails.env]
end
end
def migration_version

2
lib/generators/devise/devise_generator.rb
View File

@@ -13,7 +13,7 @@ module Devise
desc "Generates a model with the given NAME (if one does not exist) with devise " \
"configuration plus a migration file and devise routes."
hook_for :orm
hook_for :orm, required: true
class_option :routes, desc: "Generate routes", type: :boolean, default: true

6
lib/generators/devise/install_generator.rb
View File

@@ -11,7 +11,7 @@ module Devise
source_root File.expand_path("../../templates", __FILE__)
desc "Creates a Devise initializer and copy locale files to your application."
class_option :orm
class_option :orm, required: true
def copy_initializer
unless options[:orm]
@@ -37,10 +37,6 @@ module Devise
def show_readme
readme "README" if behavior == :invoke
end
def rails_4?
Rails::VERSION::MAJOR == 4
end
end
end
end

2
lib/generators/devise/views_generator.rb
View File

@@ -42,7 +42,7 @@ module Devise
def view_directory(name, _target_path = nil)
directory name.to_s, _target_path || "#{target_path}/#{name}" do |content|
if scope
content.gsub "devise/shared/links", "#{plural_scope}/shared/links"
content.gsub("devise/shared", "#{plural_scope}/shared")
else
content
end

10
lib/generators/templates/README
View File

@@ -1,6 +1,6 @@
===============================================================================
Some setup you must do manually if you haven't yet:
Depending on your application's configuration some manual setup may be required:
1. Ensure you have defined default url options in your environments files. Here
is an example of default_url_options appropriate for a development environment
@@ -10,10 +10,14 @@ Some setup you must do manually if you haven't yet:
In production, :host should be set to the actual host of your application.
* Required for all applications. *
2. Ensure you have defined root_url to *something* in your config/routes.rb.
For example:
root to: "home#index"
* Not required for API-only Applications *
3. Ensure you have flash messages in app/views/layouts/application.html.erb.
For example:
@@ -21,8 +25,12 @@ Some setup you must do manually if you haven't yet:
<p class="notice"><%= notice %></p>
<p class="alert"><%= alert %></p>
* Not required for API-only Applications *
4. You can copy Devise views (for customization) to your app by running:
rails g devise:views
* Not required *
===============================================================================

2
lib/generators/templates/controllers/omniauth_callbacks_controller.rb
View File

@@ -9,7 +9,7 @@ class <%= @scope_prefix %>OmniauthCallbacksController < Devise::OmniauthCallback
# end
# More info at:
# https://github.com/plataformatec/devise#omniauth
# https://github.com/heartcombo/devise#omniauth
# GET|POST /resource/auth/twitter
# def passthru

18
lib/generators/templates/devise.rb
View File

@@ -1,5 +1,11 @@
# frozen_string_literal: true
# Assuming you have not yet modified this file, each configuration option below
# is set to its default value. Note that some are commented out while others
# are not: uncommented lines are intended to protect your configuration from
# breaking changes in upgrades (i.e., in the event that future versions of
# Devise change the default values for those options).
#
# Use this hook to configure devise mailer, warden hooks and so forth.
# Many of these configuration options can be set straight in your model.
Devise.setup do |config|
@@ -68,7 +74,10 @@ Devise.setup do |config|
# Tell if authentication through HTTP Auth is enabled. False by default.
# It can be set to an array that will enable http authentication only for the
# given strategies, for example, `config.http_authenticatable = [:database]` will
# enable it only for database authentication. The supported strategies are:
# enable it only for database authentication.
# For API-only applications to support authentication "out-of-the-box", you will likely want to
# enable this with :database unless you are using a custom strategy.
# The supported strategies are:
# :database = Support basic authentication with authentication key + password
# config.http_authenticatable = false
@@ -103,15 +112,18 @@ Devise.setup do |config|
# config.reload_routes = true
# ==> Configuration for :database_authenticatable
# For bcrypt, this is the cost for hashing the password and defaults to 11. If
# For bcrypt, this is the cost for hashing the password and defaults to 12. If
# using other algorithms, it sets how many times you want the password to be hashed.
# The number of stretches used for generating the hashed password are stored
# with the hashed password. This allows you to change the stretches without
# invalidating existing passwords.
#
# Limiting the stretches to just one in testing will increase the performance of
# your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
# a value less than 10 in other environments. Note that, for bcrypt (the default
# algorithm), the cost increases exponentially with the number of stretches (e.g.
# a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
config.stretches = Rails.env.test? ? 1 : 11
config.stretches = Rails.env.test? ? 1 : 12
# Set up a pepper to generate the hashed password.
# config.pepper = '<%= SecureRandom.hex(64) %>'

10
test/controllers/custom_strategy_test.rb
View File

@@ -42,9 +42,7 @@ class CustomStrategyTest < Devise::ControllerTestCase
test "custom strategy can return its own status code" do
ret = get :new
# check the returned rack array
# assert ret.is_a?(Array)
# assert_equal 400, ret.first
# check the returned response
assert ret.is_a?(ActionDispatch::TestResponse)
# check the saved response as well. This is purely so that the response is available to the testing framework
@@ -55,12 +53,10 @@ class CustomStrategyTest < Devise::ControllerTestCase
test "custom strategy can return custom headers" do
ret = get :new
# check the returned rack array
# assert ret.is_a?(Array)
# assert_equal ret.third['X-FOO'], 'BAR'
# check the returned response
assert ret.is_a?(ActionDispatch::TestResponse)
# check the saved response headers as well.
assert_equal response.headers['X-FOO'], 'BAR'
assert_equal 'BAR', response.headers['X-FOO']
end
end

2
test/controllers/internal_helpers_test.rb
View File

@@ -51,7 +51,7 @@ class HelpersTest < Devise::ControllerTestCase
end
test 'resources methods are not controller actions' do
assert @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }.empty?
assert_empty @controller.class.action_methods.delete_if { |m| m.include? 'commenter' }
end
test 'require no authentication tests current mapping' do

4
test/controllers/load_hooks_controller_test.rb
View File

@@ -16,6 +16,6 @@ class LoadHooksControllerTest < Devise::ControllerTestCase
end
test 'load hook called when controller is loaded' do
assert DeviseController.instance_methods.include? :defined_by_load_hook
assert_includes DeviseController.instance_methods, :defined_by_load_hook
end
end
end

2
test/controllers/url_helpers_test.rb
View File

@@ -5,7 +5,7 @@ require 'test_helper'
class RoutesTest < Devise::ControllerTestCase
tests ApplicationController
def assert_path_and_url(name, prepend_path=nil)
def assert_path_and_url(name, prepend_path = nil)
@request.path = '/users/session'
prepend_path = "#{prepend_path}_" if prepend_path

34
test/failure_app_test.rb
View File

@@ -73,7 +73,7 @@ class FailureTest < ActiveSupport::TestCase
instance_eval(&block)
end
def call_failure(env_params={})
def call_failure(env_params = {})
env = {
'REQUEST_URI' => 'http://test.host/',
'HTTP_HOST' => 'test.host',
@@ -220,8 +220,8 @@ class FailureTest < ActiveSupport::TestCase
end
test 'works for any navigational format' do
swap Devise, navigational_formats: [:xml] do
call_failure('formats' => Mime[:xml])
swap Devise, navigational_formats: [:json] do
call_failure('formats' => Mime[:json])
assert_equal 302, @response.first
end
end
@@ -236,7 +236,7 @@ class FailureTest < ActiveSupport::TestCase
context 'For HTTP request' do
test 'return 401 status' do
call_failure('formats' => Mime[:xml])
call_failure('formats' => Mime[:json])
assert_equal 401, @response.first
end
@@ -258,13 +258,13 @@ class FailureTest < ActiveSupport::TestCase
end
test 'return WWW-authenticate headers if model allows' do
call_failure('formats' => Mime[:xml])
call_failure('formats' => Mime[:json])
assert_equal 'Basic realm="Application"', @response.second["WWW-Authenticate"]
end
test 'does not return WWW-authenticate headers if model does not allow' do
swap Devise, http_authenticatable: false do
call_failure('formats' => Mime[:xml])
call_failure('formats' => Mime[:json])
assert_nil @response.second["WWW-Authenticate"]
end
end
@@ -326,8 +326,8 @@ class FailureTest < ActiveSupport::TestCase
"warden" => stub_everything
}
call_failure(env)
assert @response.third.body.include?('<h2>Log in</h2>')
assert @response.third.body.include?('Invalid Email or password.')
assert_includes @response.third.body, '<h2>Log in</h2>'
assert_includes @response.third.body, 'Invalid Email or password.'
end
test 'calls the original controller if not confirmed email' do
@@ -337,8 +337,8 @@ class FailureTest < ActiveSupport::TestCase
"warden" => stub_everything
}
call_failure(env)
assert @response.third.body.include?('<h2>Log in</h2>')
assert @response.third.body.include?('You have to confirm your email address before continuing.')
assert_includes @response.third.body, '<h2>Log in</h2>'
assert_includes @response.third.body, 'You have to confirm your email address before continuing.'
end
test 'calls the original controller if inactive account' do
@@ -348,8 +348,8 @@ class FailureTest < ActiveSupport::TestCase
"warden" => stub_everything
}
call_failure(env)
assert @response.third.body.include?('<h2>Log in</h2>')
assert @response.third.body.include?('Your account is not activated yet.')
assert_includes @response.third.body, '<h2>Log in</h2>'
assert_includes @response.third.body, 'Your account is not activated yet.'
end
if Rails.application.config.respond_to?(:relative_url_root)
@@ -361,10 +361,10 @@ class FailureTest < ActiveSupport::TestCase
"warden" => stub_everything
}
call_failure(env)
assert @response.third.body.include?('<h2>Log in</h2>')
assert @response.third.body.include?('Invalid Email or password.')
assert_equal @request.env["SCRIPT_NAME"], '/sample'
assert_equal @request.env["PATH_INFO"], '/users/sign_in'
assert_includes @response.third.body, '<h2>Log in</h2>'
assert_includes @response.third.body, 'Invalid Email or password.'
assert_equal '/sample', @request.env["SCRIPT_NAME"]
assert_equal '/users/sign_in', @request.env["PATH_INFO"]
end
end
end
@@ -372,7 +372,7 @@ class FailureTest < ActiveSupport::TestCase
context "Lazy loading" do
test "loads" do
assert_equal Devise::FailureApp.new.lazy_loading_works?, "yes it does"
assert_equal "yes it does", Devise::FailureApp.new.lazy_loading_works?
end
end
context "Without Flash Support" do

18
test/generators/views_generator_test.rb
View File

@@ -11,16 +11,19 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
run_generator
assert_files
assert_shared_links
assert_error_messages
end
test "Assert all views are properly created with scope param" do
run_generator %w(users)
assert_files "users"
assert_shared_links "users"
assert_error_messages "users"
run_generator %w(admins)
assert_files "admins"
assert_shared_links "admins"
assert_error_messages "admins"
end
test "Assert views with simple form" do
@@ -74,7 +77,7 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
assert_file "app/views/devise/mailer/reset_password_instructions.markerb"
end
def assert_files(scope = nil, options={})
def assert_files(scope = nil, options = {})
scope = "devise" if scope.nil?
mail_template_engine = options[:mail_template_engine] || "html.erb"
@@ -88,6 +91,7 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
assert_file "app/views/#{scope}/registrations/edit.html.erb"
assert_file "app/views/#{scope}/sessions/new.html.erb"
assert_file "app/views/#{scope}/shared/_links.html.erb"
assert_file "app/views/#{scope}/shared/_error_messages.html.erb"
assert_file "app/views/#{scope}/unlocks/new.html.erb"
end
@@ -102,4 +106,16 @@ class ViewsGeneratorTest < Rails::Generators::TestCase
assert_file "app/views/#{scope}/sessions/new.html.erb", link
assert_file "app/views/#{scope}/unlocks/new.html.erb", link
end
def assert_error_messages(scope = nil)
scope = "devise" if scope.nil?
link = /<%= render \"#{scope}\/shared\/error_messages\", resource: resource %>/
assert_file "app/views/#{scope}/passwords/edit.html.erb", link
assert_file "app/views/#{scope}/passwords/new.html.erb", link
assert_file "app/views/#{scope}/confirmations/new.html.erb", link
assert_file "app/views/#{scope}/registrations/new.html.erb", link
assert_file "app/views/#{scope}/registrations/edit.html.erb", link
assert_file "app/views/#{scope}/unlocks/new.html.erb", link
end
end

43
test/integration/authenticatable_test.rb
View File

@@ -321,7 +321,15 @@ class AuthenticationRedirectTest < Devise::IntegrationTest
test 'require_no_authentication should set the already_authenticated flash message' do
sign_in_as_user
visit new_user_session_path
assert_equal flash[:alert], I18n.t("devise.failure.already_authenticated")
assert_equal I18n.t("devise.failure.already_authenticated"), flash[:alert]
end
test 'require_no_authentication should set the already_authenticated flash message as admin' do
store_translations :en, devise: { failure: { admin: { already_authenticated: 'You are already signed in as admin.' } } } do
sign_in_as_admin
visit new_admin_session_path
assert_equal "You are already signed in as admin.", flash[:alert]
end
end
end
@@ -454,14 +462,6 @@ class AuthenticationOthersTest < Devise::IntegrationTest
end
end
test 'sign in stub in xml format' do
get new_user_session_path(format: 'xml')
assert_match '<?xml version="1.0" encoding="UTF-8"?>', response.body
assert_match %r{<user>.*</user>}m, response.body
assert_match '<email></email>', response.body
assert_match '<password nil="true"', response.body
end
test 'sign in stub in json format' do
get new_user_session_path(format: 'json')
assert_match '{"user":{', response.body
@@ -484,27 +484,27 @@ class AuthenticationOthersTest < Devise::IntegrationTest
refute warden.authenticated?(:admin)
end
test 'sign in with xml format returns xml response' do
test 'sign in with json format returns json response' do
create_user
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} }
post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
end
test 'sign in with xml format is idempotent' do
get new_user_session_path(format: 'xml')
test 'sign in with json format is idempotent' do
get new_user_session_path(format: 'json')
assert_response :success
create_user
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} }
post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success
get new_user_session_path(format: 'xml')
get new_user_session_path(format: 'json')
assert_response :success
post user_session_path(format: 'xml'), params: { user: {email: "user@test.com", password: '12345678'} }
post user_session_path(format: 'json'), params: { user: {email: "user@test.com", password: '12345678'} }
assert_response :success
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
end
test 'sign out with html redirects' do
@@ -519,13 +519,6 @@ class AuthenticationOthersTest < Devise::IntegrationTest
assert_current_url '/'
end
test 'sign out with xml format returns no content' do
sign_in_as_user
delete destroy_user_session_path(format: 'xml')
assert_response :no_content
refute warden.authenticated?(:user)
end
test 'sign out with json format returns no content' do
sign_in_as_user
delete destroy_user_session_path(format: 'json')

34
test/integration/confirmable_test.rb
View File

@@ -214,40 +214,32 @@ class ConfirmationTest < Devise::IntegrationTest
end
end
test 'resent confirmation token with valid E-Mail in XML format should return valid response' do
test 'resent confirmation token with valid e-mail in JSON format should return empty and valid response' do
user = create_user(confirm: false)
post user_confirmation_path(format: 'xml'), params: { user: { email: user.email } }
post user_confirmation_path(format: 'json'), params: { user: { email: user.email } }
assert_response :success
assert_equal response.body, {}.to_xml
assert_equal({}.to_json, response.body)
end
test 'resent confirmation token with invalid E-Mail in XML format should return invalid response' do
test 'resent confirmation token with invalid e-mail in JSON format should return invalid response' do
create_user(confirm: false)
post user_confirmation_path(format: 'xml'), params: { user: { email: 'invalid.test@test.com' } }
post user_confirmation_path(format: 'json'), params: { user: { email: 'invalid.test@test.com' } }
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
end
test 'confirm account with valid confirmation token in XML format should return valid response' do
test 'confirm account with valid confirmation token in JSON format should return valid response' do
user = create_user(confirm: false)
get user_confirmation_path(confirmation_token: user.raw_confirmation_token, format: 'xml')
get user_confirmation_path(confirmation_token: user.raw_confirmation_token, format: 'json')
assert_response :success
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
end
test 'confirm account with invalid confirmation token in XML format should return invalid response' do
test 'confirm account with invalid confirmation token in JSON format should return invalid response' do
create_user(confirm: false)
get user_confirmation_path(confirmation_token: 'invalid_confirmation', format: 'xml')
get user_confirmation_path(confirmation_token: 'invalid_confirmation', format: 'json')
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test 'request an account confirmation account with JSON, should return an empty JSON' do
user = create_user(confirm: false)
post user_confirmation_path, params: { user: { email: user.email }, format: :json }
assert_response :success
assert_equal response.body, {}.to_json
assert_includes response.body, '{"confirmation_token":['
end
test "when in paranoid mode and with a valid e-mail, should not say that the e-mail is valid" do
@@ -282,7 +274,7 @@ class ConfirmationTest < Devise::IntegrationTest
end
class ConfirmationOnChangeTest < Devise::IntegrationTest
def create_second_admin(options={})
def create_second_admin(options = {})
@admin = nil
create_admin(options)
end

4
test/integration/database_authenticatable_test.rb
View File

@@ -65,7 +65,7 @@ class DatabaseAuthenticationTest < Devise::IntegrationTest
end
end
test 'sign in with invalid pasword should return to sign in form with error message' do
test 'sign in with invalid password should return to sign in form with error message' do
sign_in_as_admin do
fill_in 'password', with: 'abcdef'
end
@@ -80,7 +80,7 @@ class DatabaseAuthenticationTest < Devise::IntegrationTest
sign_in_as_user do
fill_in 'email', with: 'wrongemail@test.com'
end
assert_not_contain 'Not found in database'
assert_contain 'Invalid Email or password.'
end

25
test/integration/http_authenticatable_test.rb
View File

@@ -22,10 +22,10 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, skip_session_storage: [] do
sign_in_as_new_user_with_http
assert_response 200
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
get users_path(format: :xml)
get users_path(format: :json)
assert_response 200
end
end
@@ -34,10 +34,10 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, skip_session_storage: [:http_auth] do
sign_in_as_new_user_with_http
assert_response 200
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
get users_path(format: :xml)
get users_path(format: :json)
assert_response 401
end
end
@@ -51,8 +51,8 @@ class HttpAuthenticationTest < Devise::IntegrationTest
test 'uses the request format as response content type' do
sign_in_as_new_user_with_http("unknown")
assert_equal 401, status
assert_equal "application/xml; charset=utf-8", headers["Content-Type"]
assert_match "<error>Invalid Email or password.</error>", response.body
assert_equal "application/json; charset=utf-8", headers["Content-Type"]
assert_match '"error":"Invalid Email or password."', response.body
end
test 'returns a custom response with www-authenticate and chosen realm' do
@@ -67,7 +67,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: [:username] do
sign_in_as_new_user_with_http("usertest")
assert_response :success
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
end
end
@@ -76,7 +76,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: { username: false, email: false } do
sign_in_as_new_user_with_http("usertest")
assert_response :success
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
end
end
@@ -85,7 +85,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
swap Devise, authentication_keys: { email: false, username: false }, http_authentication_key: :username do
sign_in_as_new_user_with_http("usertest")
assert_response :success
assert_match '<email>user@test.com</email>', response.body
assert_match '"email":"user@test.com"', response.body
assert warden.authenticated?(:user)
end
end
@@ -99,16 +99,15 @@ class HttpAuthenticationTest < Devise::IntegrationTest
end
private
def sign_in_as_new_user_with_http(username="user@test.com", password="12345678")
def sign_in_as_new_user_with_http(username = "user@test.com", password = "12345678")
user = create_user
get users_path(format: :xml), headers: { "HTTP_AUTHORIZATION" => "Basic #{Base64.encode64("#{username}:#{password}")}" }
get users_path(format: :json), headers: { "HTTP_AUTHORIZATION" => "Basic #{Base64.encode64("#{username}:#{password}")}" }
user
end
# Sign in with oauth2 token. This is just to test that it isn't misinterpreted as basic authentication
def add_oauth2_header
user = create_user
get users_path(format: :xml), headers: { "HTTP_AUTHORIZATION" => "OAuth #{Base64.encode64("#{user.email}:12345678")}" }
get users_path(format: :json), headers: { "HTTP_AUTHORIZATION" => "OAuth #{Base64.encode64("#{user.email}:12345678")}" }
end
end

35
test/integration/lockable_test.rb
View File

@@ -99,7 +99,7 @@ class LockTest < Devise::IntegrationTest
sign_in_as_user(password: "invalid")
assert_contain 'Your account is locked.'
assert ActionMailer::Base.deliveries.empty?
assert_empty ActionMailer::Base.deliveries
end
test 'error message is configurable by resource name' do
@@ -130,48 +130,39 @@ class LockTest < Devise::IntegrationTest
end
end
test 'user should be able to request a new unlock token via XML request' do
test 'user should be able to request a new unlock token via JSON request and should return empty and valid response' do
user = create_user(locked: true)
ActionMailer::Base.deliveries.clear
post user_unlock_path(format: 'xml'), params: { user: {email: user.email} }
post user_unlock_path(format: 'json'), params: { user: {email: user.email} }
assert_response :success
assert_equal response.body, {}.to_xml
assert_equal({}.to_json, response.body)
assert_equal 1, ActionMailer::Base.deliveries.size
end
test 'unlocked user should not be able to request a unlock token via XML request' do
test 'unlocked user should not be able to request a unlock token via JSON request' do
user = create_user(locked: false)
ActionMailer::Base.deliveries.clear
post user_unlock_path(format: 'xml'), params: { user: {email: user.email} }
post user_unlock_path(format: 'json'), params: { user: {email: user.email} }
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
assert_equal 0, ActionMailer::Base.deliveries.size
end
test 'user with valid unlock token should be able to unlock account via XML request' do
test 'user with valid unlock token should be able to unlock account via JSON request' do
user = create_user()
raw = user.lock_access!
assert user.access_locked?
get user_unlock_path(format: 'xml', unlock_token: raw)
get user_unlock_path(format: 'json', unlock_token: raw)
assert_response :success
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
end
test 'user with invalid unlock token should not be able to unlock the account via XML request' do
get user_unlock_path(format: 'xml', unlock_token: 'invalid_token')
test 'user with invalid unlock token should not be able to unlock the account via JSON request' do
get user_unlock_path(format: 'json', unlock_token: 'invalid_token')
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test "when using json to ask a unlock request, should not return the user" do
user = create_user(locked: true)
post user_unlock_path(format: "json", user: {email: user.email})
assert_response :success
assert_equal response.body, {}.to_json
assert_includes response.body, '{"unlock_token":['
end
test "in paranoid mode, when trying to unlock a user that exists it should not say that it exists if it is locked" do

44
test/integration/omniauthable_test.rb
View File

@@ -23,6 +23,9 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
"extra" => {"user_hash" => FACEBOOK_INFO}
}
OmniAuth.config.add_camelization 'facebook', 'FaceBook'
if OmniAuth.config.respond_to?(:request_validation_phase)
OmniAuth.config.request_validation_phase = ->(env) {}
end
end
teardown do
@@ -45,8 +48,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "omniauth sign in should not run model validations" do
stub_action!(:sign_in_facebook) do
create_user
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
assert warden.authenticated?(:user)
refute User.validations_performed
@@ -54,8 +57,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
end
test "can access omniauth.auth in the env hash" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
json = ActiveSupport::JSON.decode(response.body)
@@ -68,8 +71,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "cleans up session on sign up" do
assert_no_difference "User.count" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
end
assert session["devise.facebook_data"]
@@ -89,8 +92,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "cleans up session on cancel" do
assert_no_difference "User.count" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
end
assert session["devise.facebook_data"]
@@ -100,8 +103,8 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "cleans up session on sign in" do
assert_no_difference "User.count" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
end
assert session["devise.facebook_data"]
@@ -110,23 +113,28 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
end
test "sign in and send remember token if configured" do
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
assert_nil warden.cookies["remember_user_token"]
stub_action!(:sign_in_facebook) do
create_user
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
assert warden.authenticated?(:user)
assert warden.cookies["remember_user_token"]
end
end
test "generates a link to authenticate with provider" do
visit "/users/sign_in"
assert_select "a[href=?][data-method='post']", "/users/auth/facebook", text: "Sign in with FaceBook"
end
test "generates a proper link when SCRIPT_NAME is set" do
header 'SCRIPT_NAME', '/q'
visit "/users/sign_in"
assert_select "a", href: "/q/users/auth/facebook"
assert_select "a[href=?][data-method='post']", "/q/users/auth/facebook", text: "Sign in with FaceBook"
end
test "handles callback error parameter according to the specification" do
@@ -139,10 +147,10 @@ class OmniauthableIntegrationTest < Devise::IntegrationTest
test "handles other exceptions from OmniAuth" do
OmniAuth.config.mock_auth[:facebook] = :invalid_credentials
visit "/users/sign_in"
click_link "Sign in with FaceBook"
post "/users/auth/facebook"
follow_redirect!
follow_redirect!
assert_current_url "/users/sign_in"
assert_contain 'Could not authenticate you from FaceBook because "Invalid credentials".'
end
end

59
test/integration/recoverable_test.rb
View File

@@ -21,7 +21,7 @@ class PasswordTest < Devise::IntegrationTest
click_button 'Send me reset password instructions'
end
def reset_password(options={}, &block)
def reset_password(options = {}, &block)
unless options[:visit] == false
visit edit_user_password_path(reset_password_token: options[:reset_password_token] || "abcdef")
assert_response :success
@@ -33,6 +33,17 @@ class PasswordTest < Devise::IntegrationTest
click_button 'Change my password'
end
test 'reset password should send to user record email and avoid case mapping collisions' do
create_user(email: 'user@github.com')
request_forgot_password do
fill_in 'email', with: 'user@gıthub.com'
end
mail = ActionMailer::Base.deliveries.last
assert_equal ['user@github.com'], mail.to
end
test 'reset password with email of different case should succeed when email is in the list of case insensitive keys' do
create_user(email: 'Foo@Bar.com')
@@ -250,63 +261,53 @@ class PasswordTest < Devise::IntegrationTest
end
end
test 'reset password request with valid E-Mail in XML format should return valid response' do
test 'reset password request with valid e-mail in JSON format should return empty and valid response' do
create_user
post user_password_path(format: 'xml'), params: { user: {email: "user@test.com"} }
post user_password_path(format: 'json'), params: { user: {email: "user@test.com"} }
assert_response :success
assert_equal response.body, { }.to_xml
assert_equal({}.to_json, response.body)
end
test 'reset password request with invalid E-Mail in XML format should return valid response' do
test 'reset password request with invalid e-mail in JSON format should return valid response' do
create_user
post user_password_path(format: 'xml'), params: { user: {email: "invalid.test@test.com"} }
post user_password_path(format: 'json'), params: { user: {email: "invalid.test@test.com"} }
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
end
test 'reset password request with invalid E-Mail in XML format should return empty and valid response' do
test 'reset password request with invalid e-mail in JSON format should return empty and valid response in paranoid mode' do
swap Devise, paranoid: true do
create_user
post user_password_path(format: 'xml'), params: { user: {email: "invalid@test.com"} }
post user_password_path(format: 'json'), params: { user: {email: "invalid@test.com"} }
assert_response :success
assert_equal response.body, { }.to_xml
assert_equal({}.to_json, response.body)
end
end
test 'change password with valid parameters in XML format should return valid response' do
test 'change password with valid parameters in JSON format should return valid response' do
create_user
request_forgot_password
put user_password_path(format: 'xml'), params: { user: {
put user_password_path(format: 'json'), params: { user: {
reset_password_token: 'abcdef', password: '987654321', password_confirmation: '987654321'
}
}
} }
assert_response :success
assert warden.authenticated?(:user)
end
test 'change password with invalid token in XML format should return invalid response' do
test 'change password with invalid token in JSON format should return invalid response' do
create_user
request_forgot_password
put user_password_path(format: 'xml'), params: { user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'} }
put user_password_path(format: 'json'), params: { user: {reset_password_token: 'invalid.token', password: '987654321', password_confirmation: '987654321'} }
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
end
test 'change password with invalid new password in XML format should return invalid response' do
test 'change password with invalid new password in JSON format should return invalid response' do
user = create_user
request_forgot_password
put user_password_path(format: 'xml'), params: { user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'} }
put user_password_path(format: 'json'), params: { user: {reset_password_token: user.reload.reset_password_token, password: '', password_confirmation: '987654321'} }
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
end
test "when using json requests to ask a confirmable request, should not return the object" do
user = create_user(confirm: false)
post user_password_path(format: :json), params: { user: { email: user.email } }
assert_response :success
assert_equal response.body, "{}"
assert_includes response.body, '{"errors":{'
end
test "when in paranoid mode and with an invalid e-mail, asking to reset a password should display a message that does not indicates that the e-mail does not exists in the database" do

57
test/integration/registerable_test.rb
View File

@@ -20,7 +20,7 @@ class RegistrationTest < Devise::IntegrationTest
assert_current_url "/admin_area/home"
admin = Admin.to_adapter.find_first(order: [:id, :desc])
assert_equal admin.email, 'new_user@test.com'
assert_equal 'new_user@test.com', admin.email
end
test 'a guest admin should be able to sign in and be redirected to a custom location' do
@@ -69,7 +69,7 @@ class RegistrationTest < Devise::IntegrationTest
refute warden.authenticated?(:user)
user = User.to_adapter.find_first(order: [:id, :desc])
assert_equal user.email, 'new_user@test.com'
assert_equal 'new_user@test.com', user.email
refute user.confirmed?
end
@@ -189,7 +189,7 @@ class RegistrationTest < Devise::IntegrationTest
fill_in 'current password', with: '12345678'
click_button 'Update'
assert_contain 'Your account has been updated successfully, but since your password was changed, you need to sign in again'
assert_contain 'Your account has been updated successfully, but since your password was changed, you need to sign in again.'
assert_equal new_user_session_path, @request.path
refute warden.authenticated?(:user)
end
@@ -254,7 +254,7 @@ class RegistrationTest < Devise::IntegrationTest
assert_contain "Password confirmation doesn't match Password"
refute User.to_adapter.find_first.valid_password?('pas123')
end
test 'a signed in user should see a warning about minimum password length' do
sign_in_as_user
get edit_user_registration_path
@@ -268,7 +268,7 @@ class RegistrationTest < Devise::IntegrationTest
click_button "Cancel my account"
assert_contain "Bye! Your account has been successfully cancelled. We hope to see you again soon."
assert User.to_adapter.find_all.empty?
assert_empty User.to_adapter.find_all
end
test 'a user should be able to cancel sign up by deleting data in the session' do
@@ -283,13 +283,6 @@ class RegistrationTest < Devise::IntegrationTest
assert_redirected_to new_user_registration_path
end
test 'a user with XML sign up stub' do
get new_user_registration_path(format: 'xml')
assert_response :success
assert_match %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>), response.body
assert_no_match(/<confirmation-token/, response.body)
end
test 'a user with JSON sign up stub' do
get new_user_registration_path(format: 'json')
assert_response :success
@@ -297,49 +290,49 @@ class RegistrationTest < Devise::IntegrationTest
assert_no_match(/"confirmation_token"/, response.body)
end
test 'an admin sign up with valid information in XML format should return valid response' do
post admin_registration_path(format: 'xml'), params: { admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
test 'an admin sign up with valid information in JSON format should return valid response' do
post admin_registration_path(format: 'json'), params: { admin: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
assert_response :success
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<admin>)
assert_includes response.body, '{"admin":{'
admin = Admin.to_adapter.find_first(order: [:id, :desc])
assert_equal admin.email, 'new_user@test.com'
assert_equal 'new_user@test.com', admin.email
end
test 'a user sign up with valid information in XML format should return valid response' do
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
test 'a user sign up with valid information in JSON format should return valid response' do
post user_registration_path(format: 'json'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'new_user123' } }
assert_response :success
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
assert_includes response.body, '{"user":{'
user = User.to_adapter.find_first(order: [:id, :desc])
assert_equal user.email, 'new_user@test.com'
assert_equal 'new_user@test.com', user.email
end
test 'a user sign up with invalid information in XML format should return invalid response' do
post user_registration_path(format: 'xml'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' } }
test 'a user sign up with invalid information in JSON format should return invalid response' do
post user_registration_path(format: 'json'), params: { user: { email: 'new_user@test.com', password: 'new_user123', password_confirmation: 'invalid' } }
assert_response :unprocessable_entity
assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
assert_includes response.body, '{"errors":{'
end
test 'a user update information with valid data in XML format should return valid response' do
test 'a user update information with valid data in JSON format should return valid response' do
user = sign_in_as_user
put user_registration_path(format: 'xml'), params: { user: { current_password: '12345678', email: 'user.new@test.com' } }
put user_registration_path(format: 'json'), params: { user: { current_password: '12345678', email: 'user.new@test.com' } }
assert_response :success
assert_equal user.reload.email, 'user.new@test.com'
assert_equal 'user.new@test.com', user.reload.email
end
test 'a user update information with invalid data in XML format should return invalid response' do
test 'a user update information with invalid data in JSON format should return invalid response' do
user = sign_in_as_user
put user_registration_path(format: 'xml'), params: { user: { current_password: 'invalid', email: 'user.new@test.com' } }
put user_registration_path(format: 'json'), params: { user: { current_password: 'invalid', email: 'user.new@test.com' } }
assert_response :unprocessable_entity
assert_equal user.reload.email, 'user@test.com'
assert_equal 'user@test.com', user.reload.email
end
test 'a user cancel their account in XML format should return valid response' do
test 'a user cancel their account in JSON format should return valid response' do
sign_in_as_user
delete user_registration_path(format: 'xml')
delete user_registration_path(format: 'json')
assert_response :success
assert_equal User.to_adapter.find_all.size, 0
assert_equal 0, User.to_adapter.find_all.size
end
end

2
test/integration/rememberable_test.rb
View File

@@ -3,7 +3,7 @@
require 'test_helper'
class RememberMeTest < Devise::IntegrationTest
def create_user_and_remember(add_to_token='')
def create_user_and_remember(add_to_token = '')
user = create_user
user.remember_me!
raw_cookie = User.serialize_into_cookie(user).tap { |a| a[1] << add_to_token }

2
test/integration/timeoutable_test.rb
View File

@@ -77,7 +77,7 @@ class SessionTimeoutTest < Devise::IntegrationTest
end
end
test 'time out user session after deault limit time and redirect to latest get request' do
test 'time out user session after default limit time and redirect to latest get request' do
user = sign_in_as_user
visit edit_form_user_path(user)

3
test/integration/trackable_test.rb
View File

@@ -44,7 +44,7 @@ class TrackableHooksTest < Devise::IntegrationTest
assert_equal "127.0.0.1", user.last_sign_in_ip
end
test "current remote ip returns original ip behind a non transparent proxy" do
test "current and last sign in remote ip returns original ip behind a non transparent proxy" do
user = create_user
arbitrary_ip = '200.121.1.69'
@@ -53,6 +53,7 @@ class TrackableHooksTest < Devise::IntegrationTest
end
user.reload
assert_equal arbitrary_ip, user.current_sign_in_ip
assert_equal arbitrary_ip, user.last_sign_in_ip
end
test "increase sign in count" do

4
test/mailers/confirmation_instructions_test.rb
View File

@@ -31,7 +31,7 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
end
test 'content type should be set to html' do
assert mail.content_type.include?('text/html')
assert_includes mail.content_type, 'text/html'
end
test 'send confirmation instructions to the user email' do
@@ -88,7 +88,7 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
host, port = ActionMailer::Base.default_url_options.values_at :host, :port
if mail.body.encoded =~ %r{<a href=\"http://#{host}:#{port}/users/confirmation\?confirmation_token=([^"]+)">}
assert_equal $1, user.confirmation_token
assert_equal user.confirmation_token, $1
else
flunk "expected confirmation url regex to match"
end

2
test/mailers/email_changed_test.rb
View File

@@ -35,7 +35,7 @@ class EmailChangedTest < ActionMailer::TestCase
end
test 'content type should be set to html' do
assert mail.content_type.include?('text/html')
assert_includes mail.content_type, 'text/html'
end
test 'send email changed to the original user email' do

6
test/mailers/reset_password_instructions_test.rb
View File

@@ -29,12 +29,12 @@ class ResetPasswordInstructionsTest < ActionMailer::TestCase
end
end
test 'email sent after reseting the user password' do
test 'email sent after resetting the user password' do
assert_not_nil mail
end
test 'content type should be set to html' do
assert mail.content_type.include?('text/html')
assert_includes mail.content_type, 'text/html'
end
test 'send confirmation instructions to the user email' do
@@ -84,7 +84,7 @@ class ResetPasswordInstructionsTest < ActionMailer::TestCase
host, port = ActionMailer::Base.default_url_options.values_at :host, :port
if mail.body.encoded =~ %r{<a href=\"http://#{host}:#{port}/users/password/edit\?reset_password_token=([^"]+)">}
assert_equal Devise.token_generator.digest(user.class, :reset_password_token, $1), user.reset_password_token
assert_equal user.reset_password_token, Devise.token_generator.digest(user.class, :reset_password_token, $1)
else
flunk "expected reset password url regex to match"
end

4
test/mailers/unlock_instructions_test.rb
View File

@@ -35,7 +35,7 @@ class UnlockInstructionsTest < ActionMailer::TestCase
end
test 'content type should be set to html' do
assert mail.content_type.include?('text/html')
assert_includes mail.content_type, 'text/html'
end
test 'send unlock instructions to the user email' do
@@ -85,7 +85,7 @@ class UnlockInstructionsTest < ActionMailer::TestCase
host, port = ActionMailer::Base.default_url_options.values_at :host, :port
if mail.body.encoded =~ %r{<a href=\"http://#{host}:#{port}/users/unlock\?unlock_token=([^"]+)">}
assert_equal Devise.token_generator.digest(user.class, :unlock_token, $1), user.unlock_token
assert_equal user.unlock_token, Devise.token_generator.digest(user.class, :unlock_token, $1)
else
flunk "expected unlock url regex to match"
end

2
test/mapping_test.rb
View File

@@ -6,7 +6,7 @@ class FakeRequest < Struct.new(:path_info, :params)
end
class MappingTest < ActiveSupport::TestCase
def fake_request(path, params={})
def fake_request(path, params = {})
FakeRequest.new(path, params)
end

12
test/models/authenticatable_test.rb
View File

@@ -4,12 +4,12 @@ require 'test_helper'
class AuthenticatableTest < ActiveSupport::TestCase
test 'required_fields should be an empty array' do
assert_equal Devise::Models::Validatable.required_fields(User), []
assert_equal [], Devise::Models::Validatable.required_fields(User)
end
test 'find_first_by_auth_conditions allows custom filtering parameters' do
user = User.create!(email: "example@example.com", password: "1234567")
assert_equal User.find_first_by_auth_conditions({ email: "example@example.com" }), user
assert_equal user, User.find_first_by_auth_conditions({ email: "example@example.com" })
assert_nil User.find_first_by_auth_conditions({ email: "example@example.com" }, id: user.id.to_s.next)
end
@@ -18,24 +18,24 @@ class AuthenticatableTest < ActiveSupport::TestCase
# config.strip_whitespace_keys = [:email]
test 'find_or_initialize_with_errors uses parameter filter on find' do
user = User.create!(email: "example@example.com", password: "1234567")
assert_equal User.find_or_initialize_with_errors([:email], { email: " EXAMPLE@example.com " }), user
assert_equal user, User.find_or_initialize_with_errors([:email], { email: " EXAMPLE@example.com " })
end
# assumes default configuration of
# config.case_insensitive_keys = [:email]
# config.strip_whitespace_keys = [:email]
test 'find_or_initialize_with_errors uses parameter filter on initialize' do
assert_equal User.find_or_initialize_with_errors([:email], { email: " EXAMPLE@example.com " }).email, "example@example.com"
assert_equal "example@example.com", User.find_or_initialize_with_errors([:email], { email: " EXAMPLE@example.com " }).email
end
test 'find_or_initialize_with_errors adds blank error' do
user_with_error = User.find_or_initialize_with_errors([:email], { email: "" })
assert_equal [:email, "can't be blank"], user_with_error.errors.first
assert_equal ["Email can't be blank"], user_with_error.errors.full_messages_for(:email)
end
test 'find_or_initialize_with_errors adds invalid error' do
user_with_error = User.find_or_initialize_with_errors([:email], { email: "example@example.com" })
assert_equal [:email, "is invalid"], user_with_error.errors.first
assert_equal ["Email is invalid"], user_with_error.errors.full_messages_for(:email)
end
if defined?(ActionController::Parameters)

20
test/models/confirmable_test.rb
View File

@@ -28,7 +28,7 @@ class ConfirmableTest < ActiveSupport::TestCase
confirmation_tokens = []
3.times do
token = create_user.confirmation_token
assert !confirmation_tokens.include?(token)
refute_includes confirmation_tokens, token
confirmation_tokens << token
end
end
@@ -61,7 +61,7 @@ class ConfirmableTest < ActiveSupport::TestCase
user = create_user
raw = user.raw_confirmation_token
confirmed_user = User.confirm_by_token(raw)
assert_equal confirmed_user, user
assert_equal user, confirmed_user
assert user.reload.confirmed?
end
@@ -160,7 +160,7 @@ class ConfirmableTest < ActiveSupport::TestCase
test 'should find a user to send confirmation instructions' do
user = create_user
confirmation_user = User.send_confirmation_instructions(email: user.email)
assert_equal confirmation_user, user
assert_equal user, confirmation_user
end
test 'should return a new user if no email was found' do
@@ -305,7 +305,7 @@ class ConfirmableTest < ActiveSupport::TestCase
swap Devise, authentication_keys: [:username, :email] do
user = create_user
confirm_user = User.send_confirmation_instructions(email: user.email, username: user.username)
assert_equal confirm_user, user
assert_equal user, confirm_user
end
end
@@ -322,7 +322,7 @@ class ConfirmableTest < ActiveSupport::TestCase
user = create_user
user.update_attribute(:confirmation_sent_at, confirmation_sent_at)
confirmed_user = User.confirm_by_token(user.raw_confirmation_token)
assert_equal confirmed_user, user
assert_equal user, confirmed_user
user.reload.confirmed?
end
@@ -497,7 +497,7 @@ class ReconfirmableTest < ActiveSupport::TestCase
assert admin.confirm
assert admin.update(email: 'new_test@example.com')
confirmation_admin = Admin.send_confirmation_instructions(email: admin.unconfirmed_email)
assert_equal confirmation_admin, admin
assert_equal admin, confirmation_admin
end
test 'should return a new admin if no email or unconfirmed_email was found' do
@@ -520,20 +520,20 @@ class ReconfirmableTest < ActiveSupport::TestCase
end
test 'required_fields should contain the fields that Devise uses' do
assert_equal Devise::Models::Confirmable.required_fields(User), [
assert_equal [
:confirmation_token,
:confirmed_at,
:confirmation_sent_at
]
], Devise::Models::Confirmable.required_fields(User)
end
test 'required_fields should also contain unconfirmable when reconfirmable_email is true' do
assert_equal Devise::Models::Confirmable.required_fields(Admin), [
assert_equal [
:confirmation_token,
:confirmed_at,
:confirmation_sent_at,
:unconfirmed_email
]
], Devise::Models::Confirmable.required_fields(Admin)
end
test 'should not require reconfirmation after creating a record' do

16
test/models/database_authenticatable_test.rb
View File

@@ -97,8 +97,8 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
test 'should respond to password and password confirmation' do
user = new_user
assert user.respond_to?(:password)
assert user.respond_to?(:password_confirmation)
assert_respond_to user, :password
assert_respond_to user, :password_confirmation
end
test 'should generate a hashed password while setting password' do
@@ -108,7 +108,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
test 'should support custom hashing methods' do
user = UserWithCustomHashing.new(password: '654321')
assert_equal user.encrypted_password, '123456'
assert_equal '123456', user.encrypted_password
end
test 'allow authenticatable_salt to work even with nil hashed password' do
@@ -149,7 +149,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
end
test 'should respond to current password' do
assert new_user.respond_to?(:current_password)
assert_respond_to new_user, :current_password
end
test 'should update password with valid current password' do
@@ -293,18 +293,18 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
end
test 'required_fields should be encryptable_password and the email field by default' do
assert_equal Devise::Models::DatabaseAuthenticatable.required_fields(User), [
assert_equal [
:encrypted_password,
:email
]
], Devise::Models::DatabaseAuthenticatable.required_fields(User)
end
test 'required_fields should be encryptable_password and the login when the login is on authentication_keys' do
swap Devise, authentication_keys: [:login] do
assert_equal Devise::Models::DatabaseAuthenticatable.required_fields(User), [
assert_equal [
:encrypted_password,
:login
]
], Devise::Models::DatabaseAuthenticatable.required_fields(User)
end
end
end

60
test/models/lockable_test.rb
View File

@@ -50,6 +50,32 @@ class LockableTest < ActiveSupport::TestCase
assert_equal initial_failed_attempts + 2, user.reload.failed_attempts
end
test "reset_failed_attempts! updates the failed attempts counter back to 0" do
user = create_user(failed_attempts: 3)
assert_equal 3, user.failed_attempts
user.reset_failed_attempts!
assert_equal 0, user.failed_attempts
user.reset_failed_attempts!
assert_equal 0, user.failed_attempts
end
test "reset_failed_attempts! does not run model validations" do
user = create_user(failed_attempts: 1)
user.expects(:after_validation_callback).never
assert user.reset_failed_attempts!
assert_equal 0, user.failed_attempts
end
test "reset_failed_attempts! does not try to reset if not using failed attempts strategy" do
admin = create_admin
refute_respond_to admin, :failed_attempts
refute admin.reset_failed_attempts!
end
test 'should be valid for authentication with a unlocked user' do
user = create_user
user.lock_access!
@@ -121,7 +147,7 @@ class LockableTest < ActiveSupport::TestCase
user = create_user
user.lock_access!
token = user.unlock_token
assert !unlock_tokens.include?(token)
refute_includes unlock_tokens, token
unlock_tokens << token
end
end
@@ -174,7 +200,7 @@ class LockableTest < ActiveSupport::TestCase
user = create_user
raw = user.send_unlock_instructions
locked_user = User.unlock_access_by_token(raw)
assert_equal locked_user, user
assert_equal user, locked_user
refute user.reload.access_locked?
end
@@ -194,7 +220,7 @@ class LockableTest < ActiveSupport::TestCase
user = create_user
user.lock_access!
unlock_user = User.send_unlock_instructions(email: user.email)
assert_equal unlock_user, user
assert_equal user, unlock_user
end
test 'should return a new user if no email was found' do
@@ -211,7 +237,7 @@ class LockableTest < ActiveSupport::TestCase
swap Devise, authentication_keys: [:username, :email] do
user = create_user
unlock_user = User.send_unlock_instructions(email: user.email, username: user.username)
assert_equal unlock_user, user
assert_equal user, unlock_user
end
end
@@ -270,11 +296,11 @@ class LockableTest < ActiveSupport::TestCase
test 'required_fields should contain the all the fields when all the strategies are enabled' do
swap Devise, unlock_strategy: :both do
swap Devise, lock_strategy: :failed_attempts do
assert_equal Devise::Models::Lockable.required_fields(User), [
:failed_attempts,
:locked_at,
:unlock_token
]
assert_equal [
:failed_attempts,
:locked_at,
:unlock_token
], Devise::Models::Lockable.required_fields(User)
end
end
end
@@ -282,10 +308,10 @@ class LockableTest < ActiveSupport::TestCase
test 'required_fields should contain only failed_attempts and locked_at when the strategies are time and failed_attempts are enabled' do
swap Devise, unlock_strategy: :time do
swap Devise, lock_strategy: :failed_attempts do
assert_equal Devise::Models::Lockable.required_fields(User), [
:failed_attempts,
:locked_at
]
assert_equal [
:failed_attempts,
:locked_at
], Devise::Models::Lockable.required_fields(User)
end
end
end
@@ -293,10 +319,10 @@ class LockableTest < ActiveSupport::TestCase
test 'required_fields should contain only failed_attempts and unlock_token when the strategies are token and failed_attempts are enabled' do
swap Devise, unlock_strategy: :email do
swap Devise, lock_strategy: :failed_attempts do
assert_equal Devise::Models::Lockable.required_fields(User), [
:failed_attempts,
:unlock_token
]
assert_equal [
:failed_attempts,
:unlock_token
], Devise::Models::Lockable.required_fields(User)
end
end
end

2
test/models/omniauthable_test.rb
View File

@@ -4,6 +4,6 @@ require 'test_helper'
class OmniauthableTest < ActiveSupport::TestCase
test 'required_fields should contain the fields that Devise uses' do
assert_equal Devise::Models::Omniauthable.required_fields(User), []
assert_equal [], Devise::Models::Omniauthable.required_fields(User)
end
end

18
test/models/recoverable_test.rb
View File

@@ -18,7 +18,7 @@ class RecoverableTest < ActiveSupport::TestCase
user = create_user
user.send_reset_password_instructions
token = user.reset_password_token
assert !reset_password_tokens.include?(token)
refute_includes reset_password_tokens, token
reset_password_tokens << token
end
end
@@ -34,7 +34,7 @@ class RecoverableTest < ActiveSupport::TestCase
assert create_user.reset_password('123456789', '123456789')
end
test 'should clear reset password token while reseting the password' do
test 'should clear reset password token while resetting the password' do
user = create_user
assert_nil user.reset_password_token
@@ -116,7 +116,7 @@ class RecoverableTest < ActiveSupport::TestCase
test 'should find a user to send instructions by email' do
user = create_user
reset_password_user = User.send_reset_password_instructions(email: user.email)
assert_equal reset_password_user, user
assert_equal user, reset_password_user
end
test 'should return a new record with errors if user was not found by e-mail' do
@@ -129,7 +129,7 @@ class RecoverableTest < ActiveSupport::TestCase
swap Devise, authentication_keys: [:username, :email] do
user = create_user
reset_password_user = User.send_reset_password_instructions(email: user.email, username: user.username)
assert_equal reset_password_user, user
assert_equal user, reset_password_user
end
end
@@ -161,7 +161,7 @@ class RecoverableTest < ActiveSupport::TestCase
raw = user.send_reset_password_instructions
reset_password_user = User.reset_password_by_token(reset_password_token: raw)
assert_equal reset_password_user, user
assert_equal user, reset_password_user
end
test 'should return a new record with errors if no reset_password_token is found' do
@@ -237,23 +237,23 @@ class RecoverableTest < ActiveSupport::TestCase
end
test 'required_fields should contain the fields that Devise uses' do
assert_equal Devise::Models::Recoverable.required_fields(User), [
assert_equal [
:reset_password_sent_at,
:reset_password_token
]
], Devise::Models::Recoverable.required_fields(User)
end
test 'should return a user based on the raw token' do
user = create_user
raw = user.send_reset_password_instructions
assert_equal User.with_reset_password_token(raw), user
assert_equal user, User.with_reset_password_token(raw)
end
test 'should return the same reset password token as generated' do
user = create_user
raw = user.send_reset_password_instructions
assert_equal Devise.token_generator.digest(self.class, :reset_password_token, raw), user.reset_password_token
assert_equal user.reset_password_token, Devise.token_generator.digest(self.class, :reset_password_token, raw)
end
test 'should return nil if a user based on the raw token is not found' do

2
test/models/registerable_test.rb
View File

@@ -4,6 +4,6 @@ require 'test_helper'
class RegisterableTest < ActiveSupport::TestCase
test 'required_fields should contain the fields that Devise uses' do
assert_equal Devise::Models::Registerable.required_fields(User), []
assert_equal [], Devise::Models::Registerable.required_fields(User)
end
end

8
test/models/rememberable_test.rb
View File

@@ -129,8 +129,8 @@ class RememberableTest < ActiveSupport::TestCase
end
test 'should respond to remember_me attribute' do
assert resource_class.new.respond_to?(:remember_me)
assert resource_class.new.respond_to?(:remember_me=)
assert_respond_to resource_class.new, :remember_me
assert_respond_to resource_class.new, :remember_me=
end
test 'forget_me should clear remember_created_at if expire_all_remember_me_on_sign_out is true' do
@@ -177,8 +177,8 @@ class RememberableTest < ActiveSupport::TestCase
end
test 'should have the required_fields array' do
assert_equal Devise::Models::Rememberable.required_fields(User), [
assert_equal [
:remember_created_at
]
], Devise::Models::Rememberable.required_fields(User)
end
end

23
test/models/serializable_test.rb
View File

@@ -7,21 +7,6 @@ class SerializableTest < ActiveSupport::TestCase
@user = create_user
end
test 'should not include unsafe keys on XML' do
assert_match(/email/, @user.to_xml)
assert_no_match(/confirmation-token/, @user.to_xml)
end
test 'should not include unsafe keys on XML even if a new except is provided' do
assert_no_match(/email/, @user.to_xml(except: :email))
assert_no_match(/confirmation-token/, @user.to_xml(except: :email))
end
test 'should include unsafe keys on XML if a force_except is provided' do
assert_no_match(/<email/, @user.to_xml(force_except: :email))
assert_match(/confirmation-token/, @user.to_xml(force_except: :email))
end
test 'should not include unsafe keys on JSON' do
keys = from_json().keys.select{ |key| !key.include?("id") }
assert_equal %w(created_at email facebook_token updated_at username), keys.sort
@@ -43,7 +28,11 @@ class SerializableTest < ActiveSupport::TestCase
end
test 'should accept frozen options' do
assert_key "username", @user.as_json({only: :username}.freeze)["user"]
assert_key "username", @user.as_json({ only: :username, except: [:email].freeze }.freeze)["user"]
end
test 'constant `BLACKLIST_FOR_SERIALIZATION` is deprecated' do
assert_deprecated { Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION }
end
def assert_key(key, subject)
@@ -54,7 +43,7 @@ class SerializableTest < ActiveSupport::TestCase
assert !subject.key?(key), "Expected #{subject.inspect} to not have key #{key.inspect}"
end
def from_json(options=nil)
def from_json(options = nil)
ActiveSupport::JSON.decode(@user.to_json(options))["user"]
end
end

2
test/models/timeoutable_test.rb
View File

@@ -43,7 +43,7 @@ class TimeoutableTest < ActiveSupport::TestCase
end
test 'required_fields should contain the fields that Devise uses' do
assert_equal Devise::Models::Timeoutable.required_fields(User), []
assert_equal [], Devise::Models::Timeoutable.required_fields(User)
end
test 'should not raise error if remember_created_at is not empty and rememberable is disabled' do

4
test/models/trackable_test.rb
View File

@@ -4,13 +4,13 @@ require 'test_helper'
class TrackableTest < ActiveSupport::TestCase
test 'required_fields should contain the fields that Devise uses' do
assert_equal Devise::Models::Trackable.required_fields(User), [
assert_equal [
:current_sign_in_at,
:current_sign_in_ip,
:last_sign_in_at,
:last_sign_in_ip,
:sign_in_count
]
], Devise::Models::Trackable.required_fields(User)
end
test 'update_tracked_fields should only set attributes but not save the record' do

2
test/models/validatable_test.rb
View File

@@ -116,6 +116,6 @@ class ValidatableTest < ActiveSupport::TestCase
end
test 'required_fields should be an empty array' do
assert_equal Devise::Models::Validatable.required_fields(User), []
assert_equal [], Devise::Models::Validatable.required_fields(User)
end
end

2
test/omniauth/url_helpers_test.rb
View File

@@ -5,7 +5,7 @@ require 'test_helper'
class OmniAuthRoutesTest < ActionController::TestCase
tests ApplicationController
def assert_path(action, provider, with_param=true)
def assert_path(action, provider, with_param = true)
# Resource param
assert_equal @controller.send(action, :user, provider),
@controller.send("user_#{provider}_#{action}")

1
test/rails_app/app/active_record/user.rb
View File

@@ -5,7 +5,6 @@ require 'shared_user'
class User < ActiveRecord::Base
include Shim
include SharedUser
include ActiveModel::Serializers::Xml if Devise::Test.rails5_and_up?
validates :sign_in_count, presence: true

23
test/rails_app/app/controllers/streaming_controller.rb Normal file
View File

@@ -0,0 +1,23 @@
# frozen_string_literal: true
class StreamingController < ApplicationController
include ActionController::Live
before_action :authenticate_user!
def index
render (Devise::Test.rails5_and_up? ? :body : :text) => 'Index'
end
# Work around https://github.com/heartcombo/devise/issues/2332, which affects
# tests in Rails 4.x (and affects production in Rails >= 5)
def process(name)
super(name)
rescue ArgumentError => e
if e.message == 'uncaught throw :warden'
throw :warden
else
raise e
end
end
end

3
test/rails_app/app/controllers/users_controller.rb
View File

@@ -3,7 +3,8 @@
class UsersController < ApplicationController
prepend_before_action :current_user, only: :exhibit
before_action :authenticate_user!, except: [:accept, :exhibit]
respond_to :html, :xml
clear_respond_to
respond_to :html, :json
def index
user_session[:cart] = "Cart"

6
test/rails_app/config/initializers/devise.rb
View File

@@ -3,6 +3,12 @@
require "omniauth-facebook"
require "omniauth-openid"
# Assuming you have not yet modified this file, each configuration option below
# is set to its default value. Note that some are commented out while others
# are not: uncommented lines are intended to protect your configuration from
# breaking changes in upgrades (i.e., in the event that future versions of
# Devise change the default values for those options).
#
# Use this hook to configure devise mailer, warden hooks and so forth. The first
# four configuration values can also be set straight in your models.
Devise.setup do |config|

2
test/rails_app/config/routes.rb
View File

@@ -17,6 +17,8 @@ Rails.application.routes.draw do
resources :admins, only: [:index]
resources :streaming, only: [:index]
# Users scope
devise_for :users, controllers: { omniauth_callbacks: "users/omniauth_callbacks" }

2
test/rails_app/lib/shared_user_without_email.rb
View File

@@ -21,7 +21,7 @@ module SharedUserWithoutEmail
raise NoMethodError
end
def respond_to?(method_name, include_all=false)
def respond_to?(method_name, include_all = false)
return false if method_name.to_sym == :email_changed?
super(method_name, include_all)
end

12
test/routes_test.rb
View File

@@ -209,7 +209,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_in.json', method: :get})
end
end
@@ -219,7 +219,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/password', method: :post})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/password.xml', method: :post})
assert_recognizes(expected_params, {path: '/htmlonly_admin/password.json', method: :post})
end
end
@@ -229,7 +229,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_admin/sign_up.json', method: :get})
end
end
@@ -239,7 +239,7 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_users/confirmation.json', method: :get})
end
end
@@ -249,12 +249,12 @@ class CustomizedRoutingTest < ActionController::TestCase
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock', method: :get})
assert_raise ExpectedRoutingError do
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock.xml', method: :get})
assert_recognizes(expected_params, {path: '/htmlonly_users/unlock.json', method: :get})
end
end
test 'map with format false is not permanent' do
assert_equal "/set.xml", @routes.url_helpers.set_path(:xml)
assert_equal "/set.json", @routes.url_helpers.set_path(:json)
end
test 'checks if mapping has proper configuration for omniauth callback' do

12
test/support/helpers.rb
View File

@@ -27,32 +27,32 @@ class ActiveSupport::TestCase
"test#{@@email_count}@example.com"
end
def valid_attributes(attributes={})
def valid_attributes(attributes = {})
{ username: "usertest",
email: generate_unique_email,
password: '12345678',
password_confirmation: '12345678' }.update(attributes)
end
def new_user(attributes={})
def new_user(attributes = {})
User.new(valid_attributes(attributes))
end
def create_user(attributes={})
def create_user(attributes = {})
User.create!(valid_attributes(attributes))
end
def create_admin(attributes={})
def create_admin(attributes = {})
valid_attributes = valid_attributes(attributes)
valid_attributes.delete(:username)
Admin.create!(valid_attributes)
end
def create_user_without_email(attributes={})
def create_user_without_email(attributes = {})
UserWithoutEmail.create!(valid_attributes(attributes))
end
def create_user_with_validations(attributes={})
def create_user_with_validations(attributes = {})
UserWithValidations.create!(valid_attributes(attributes))
end

36
test/support/http_method_compatibility.rb
View File

@@ -5,19 +5,11 @@ module Devise
# %w( get post patch put head delete xml_http_request
# xhr get_via_redirect post_via_redirect
# ).each do |method|
%w( get post put ).each do |method|
if Devise::Test.rails5_and_up?
define_method(method) do |url, options={}|
if options.empty?
super url
else
super url, options
end
end
else
define_method(method) do |url, options={}|
if options[:xhr]==true
xml_http_request __method__, url, options[:params] || {}, options[:headers]
unless Devise::Test.rails5_and_up?
%w( get post put ).each do |method|
define_method(method) do |url, options = {}|
if options[:xhr] == true
xml_http_request __method__, url, options[:params] || {}, options[:headers]
else
super url, options[:params] || {}, options[:headers]
end
@@ -30,19 +22,11 @@ module Devise
# %w( get post patch put head delete xml_http_request
# xhr get_via_redirect post_via_redirect
# ).each do |method|
%w( get post put ).each do |method|
if Devise::Test.rails5_and_up?
define_method(method) do |action, options={}|
if options.empty?
super action
else
super action, options
end
end
else
define_method(method) do |action, options={}|
if options[:xhr]==true
xml_http_request __method__, action, options[:params] || {}, options[:headers]
unless Devise::Test.rails5_and_up?
%w( get post put ).each do |method|
define_method(method) do |action, options = {}|
if options[:xhr] == true
xml_http_request __method__, action, options[:params] || {}, options[:headers]
else
super action, options[:params] || {}, options[:headers]
end

Some files were not shown because too many files have changed in this diff Show More