54 Commits

Author	SHA1	Message	Date
tabakazu	8acbdd6d93	Replace matcher refute to assert_not	2023-03-02 18:38:04 -03:00
mune	eed641d2be	Add spaces around method arguments when setting default values ... Closes #5288	2020-08-31 18:15:45 -03:00
Leonardo Tegon	c000b58c56	Add Rails 6 to CI (#5009)	2019-01-22 12:43:31 -02:00
Justin Coyne	a45bbe1783	Test on Rails 5.2.0.rc1 (#4711)	2018-02-22 10:05:19 -03:00
Pat Allan	f39c6fd927	Add the frozen_string_literal pragma comment to all Ruby files. (#4725)	2017-12-21 15:36:29 -02:00
Dan Schultzer	be2e17841e	Separate Devise test methods from Devise	2017-04-29 10:24:22 -07:00
Matthew Rudy Jacobs	7c4e8c8d17	Rails 5.1 requires ActionController::TestRequest to have a controller class ... Pass it in as an anonymous class	2017-04-28 10:51:27 -05:00
Lucas Mazza	536279b05b	Replace homemade assert_not matcher in favor of refute.	2016-05-03 13:57:10 -03:00
Lucas Mazza	13285d7ef3	Remove a few Ruby syntax warnings from the test suite.	2016-05-02 10:47:05 -03:00
Ulisses Almeida	1ddca80cee	Set the new default of sign_out_via config	2016-05-01 12:44:40 -03:00
Ulisses Almeida	4a4b5ba196	Fix remember me always extending the period ... Now the config `extend_remember_period` is used to: `true` - Every time the user authentication is validated, the cookie expiration is updated. `false` - Does not updates the cookie expiration. Closes #3994	2016-04-15 20:28:46 -03:00
José Valim	4ec7dc0f27	Store creation timestamp on remember cookies ... Signed-off-by: José Valim <jose.valim@plataformatec.com.br>	2016-01-18 15:17:25 +01:00
Thomas Walpole	2024fca4df	Rails 5 compatability. Remove rails < 4.1 and Ruby < 2.1	2015-12-11 09:47:30 -08:00
BM5k	b5713a8ddf	add Rememerable#after_remembered callback	2014-11-08 16:39:24 -07:00
Anshul Sharma	dc1b399a8b	Updated ruby 1.9 hash syntax	2014-02-25 22:12:55 +05:30
Erik Michaels-Ober	26e85c44e2	Removed use of gendered pronouns	2013-12-02 10:02:17 +01:00
Vipul A M	ae6a37f796	Cleanup tests for unused variables	2013-09-15 01:52:53 +05:30
José Valim	f5a77ac598	Skip storage for cookies on unverified requests	2013-08-05 10:24:11 +02:00
Vipul A M	2e6457006e	Remove unused variables and fix typos	2013-04-18 10:24:38 +05:30
Carlos Antonio da Silva	86eecc6606	Change "ActionController::IntegrationTest" to "ActionDispatch::IntegrationTest"	2013-01-28 19:58:21 -02:00
Carlos Antonio da Silva	0061f113db	Fix indent [ci skip]	2013-01-20 21:49:45 -02:00
Vasiliy Ermolovich	d3f8bd6cae	add key option to rememberable_options ... closes #2218	2013-01-20 23:16:25 +03:00
José Valim	df8ac1cfe6	Clean up remember token related config.	2012-02-16 12:30:04 +01:00
José Valim	bd27bf7677	Deprecate and disable old behavior accumulated with time.	2011-12-04 23:58:19 +01:00
José Valim	767a7a7c21	Ensure handle_unverified_request clean up any cached signed-in user	2011-06-29 20:18:10 -03:00
José Valim	2e61e52520	Fix failing test.	2011-05-23 18:22:32 +02:00
José Valim	4fd866d113	User cannot access sign up and similar pages if he is already signed in through a cookie or token, closes #1036.	2011-04-29 08:56:57 +02:00
José Valim	2e43944567	Move rememberable back to a hook.	2011-02-24 21:55:52 +01:00
Vinicius Baggio	970457f2c2	Fixing test error when dealing with multiple time zones	2011-02-23 14:24:42 -03:00
José Valim	ca293d17ba	Implement Rails' handle unverified request.	2011-02-15 10:58:38 +01:00
José Valim	af1295284c	rememberable cookie now is httponly by default	2010-12-25 12:04:04 +01:00
JamesFerguson	1b43cb5203	Added assertion testing that remember_user_token cookie is flagged as HttpOnly. ... Signed-off-by: José Valim <jose.valim@gmail.com>	2010-12-25 11:49:40 +01:00
José Valim	38f3f6318a	cookie_domain is deprecated in favor of cookie_options which uses session_options by default.	2010-09-25 21:13:54 +02:00
José Valim	31d821c2e0	Allow to Rememberable to work without remember_token relying on salt if possible. ... This comes with the benefit that if you change your password, all remember tokens expires, and it also requires one field less in the database. The downside is that if you want remember_me_across_browser to be false, it won't work unless you use the token. It also requires you to be using database_authenticable. Using salt is now the default in Devise.	2010-09-25 13:07:24 +02:00
Martin Davidsson	ec0e105c52	Incorporate feedback from carlosantoniodasilva and update rememberable ... tests	2010-09-24 11:08:59 +08:00
José Valim	c5999c8f61	Tests green on mongoid as well.	2010-07-26 20:25:02 +02:00
José Valim	81620fecab	More about extend remember period feature.	2010-07-23 23:57:31 +02:00
José Valim	058d433f28	Add extend_remember_period, closes #340.	2010-07-23 16:32:22 +02:00
José Valim	59bee679ca	Add tests to cookie domain, closes #254.	2010-05-16 14:13:56 +02:00
José Valim	1591294b7a	Compatibility with Rails beta 3.	2010-04-05 11:46:26 +02:00
José Valim	23e608e27b	No need to append ?unauthenticated=true in URLs anymore since Flash was moved to a middleware in Rails 3.	2010-04-03 11:43:31 +02:00
José Valim	015c74e734	Use message verifier in cookies. Previous implementation allowed brute force attacks by cookies. Even though it is impossible for the brute force attack to succeed, the current implementation blocks the attacker even before hitting the database.	2010-03-31 13:31:45 +02:00
José Valim	ca4e09390e	Compatibility with Ruby 1.9.1 and 1.9.2.	2010-03-26 11:27:19 +01:00
José Valim	e03e137c35	Update warden which fixes a security issue.	2010-02-23 19:47:45 +01:00
José Valim	33941d1f62	All tests passing (except two which are errors in Rails). Now generators and initialization process.	2010-02-16 21:23:58 +01:00
José Valim	2afad49a96	Bring rememberable back.	2010-01-14 15:47:14 +01:00
José Valim	f46d1b1d81	Add support to Warden 0.9.0.pre	2010-01-14 13:38:02 +01:00
José Valim	7ffd0900c1	Rely on Warden new serializers.	2009-11-15 00:13:43 -02:00
José Valim	0be7426847	Use a Rack Middleware to sign in users.	2009-11-13 19:26:33 -02:00
José Valim	4894059828	Remember token is now properly stored and specified one for each user.	2009-11-13 17:23:32 -02:00