github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-14 01:08:12 -05:00
Code Issues Packages Projects Releases Wiki Activity
781 Commits 28 Branches 145 Tags
v1.1
Commit Graph

150 Commits

Author SHA1 Message Date
José Valim
4803d5d6b1 Use secure compare. 2011-02-16 20:32:38 +01:00
José Valim
c2feed6b3e Fix e-mail regexp. Closes #698 2010-12-01 17:23:41 +01:00
José Valim
5fc2c2e6f5 Change http_authenticatable default to false to cause less confusion. 2010-11-27 19:50:26 +01:00
José Valim
fb1e9bc8a7 Avoid session fixation attacks. 2010-11-20 23:51:09 +01:00
Trevor Turk
2939a61a49 documentation tweaks for extend_remember_period 2010-07-24 01:06:10 +08:00
José Valim
058d433f28 Add extend_remember_period, closes #340. 2010-07-23 16:32:22 +02:00
James Pellow
9f29ca480b Add http_authenticatable_on_xhr option 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-07-07 21:26:29 +02:00
José Valim
ae6322efb5 No longer retrieve the user from paths, but use the env hash. This change deprecates use_default_scope. 
If you have non conventional routes and want to specify the scope for a controller, you can do that at the router level:

  as :user do
    get "/sign_in", :to => "devise/session#new"
  end

This is saying: when accessing "/sign_in", devise should use the user scope. Meaning that users signed through that form will be signed to the user scope.
 2010-07-06 01:33:32 +02:00
Trevor Turk
8824b767f3 remember_across_browsers option for rememberable module 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-06-30 12:42:42 +02:00
José Valim
2103a673f0 Allow devise_for to be scoped with the scope method. This commit requires latest commits in Rails master. 2010-06-30 12:41:44 +02:00
Maxim Filatov
4db3ac820b sign_out_all_scopes is false by default 2010-06-25 02:29:52 +08:00
Denis Lifanov
819db39263 simplification (sign_out_everybody => sign_out_all_scopes) 2010-06-25 02:29:48 +08:00
Denis Lifanov
f10b747f7f Devise.sign_out_scoped option added 2010-06-25 02:29:43 +08:00
José Valim
5e1ef9319e Check if the user is already signing out before timing out his connection, closes #273. 2010-06-13 12:40:13 +02:00
José Valim
a2f84852af Allow the mailer class to be configured. 2010-06-12 20:56:55 +02:00
José Valim
0333caeb92 Make bcrypt the default encryptor and automatically add a pepper on generation. 2010-06-12 14:46:55 +02:00
José Valim
bff64a6291 Added navigational formats to specify when it should return a 302 and when a 401, closes #234 and #249. 2010-05-16 19:13:38 +02:00
Mantas Masalskis
21129ae38c custom domain cookie support 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-05-16 12:30:00 +02:00
José Valim
e905762611 Clean up the whole loading mess and closes #247. This commit depends on latest Rails. 2010-05-16 00:38:40 +02:00
José Valim
4da63c5395 Ensure routes are loaded before application classes are eager loaded, closes #212. 2010-04-22 19:59:52 +02:00
José Valim
b974b7bc78 Move failure messages from devise.sessions to devise.failure. 2010-04-03 13:11:45 +02:00
José Valim
0f7b311171 Add lockable to migration. 2010-04-02 20:36:27 +02:00
José Valim
f5d01c217d TokenAuthenticatable now works with HTTP Basic Auth by default (take a look at Highrise API for a good example). This basically allows you to pass the authentication token as HTTP Basic Auth username. 2010-04-01 19:09:33 +02:00
José Valim
3d1a04fd83 Fix warden configuration. 2010-03-31 22:04:48 +02:00
José Valim
1d65a76cf3 Move remember_me hook inside strategies. 2010-03-31 21:43:19 +02:00
José Valim
6cc32db2dd Add lock_strategy. 2010-03-31 11:54:11 +02:00
José Valim
65b8908960 Create authenticatable base model and strategy. 2010-03-29 20:52:48 +02:00
José Valim
1c5d4771ff Initial work on making the authentication stack more flexible. 2010-03-29 16:13:19 +02:00
José Valim
033db1ca7c Do not depend on silence_missing_strategies! anymore. This speeds up strategies matching because we don't need to check if the model duck types to the strategy and it doesn't trigger uneeded strategies. 2010-03-28 14:55:05 +02:00
José Valim
ea71be8d2a More compatibility with Rails master. 2010-03-28 07:15:52 +02:00
Jacques Crocker
fd035b841b Additional configuration for validatable 
Added the ability to customize password length (via Devise.password_length) and the regular expression used for validating email (via Devise.email_regex)
 2010-03-26 13:52:12 -07:00
Jacques Crocker
e127463ac8 Adding Mongoid 2.0 Support, Removing MongoMapper for now 2010-03-26 13:37:38 -07:00
José Valim
829c85631b Aim for Rails 3.0.0.beta1 compatibility. A few issues are still pending with Warden. 2010-03-10 15:00:12 +01:00
José Valim
038627574c Keep modules definition in a different file. 2010-03-03 12:03:43 +01:00
José Valim
1660831002 Give more flexibility when swapping controllers. 2010-03-03 12:03:42 +01:00
José Valim
1c6f18cb8b Since Devise::FailureApp is now a metal, we can get rid of this default_url_options stuff. 2010-02-19 10:13:53 +01:00
José Valim
f0eb4348f3 Deprecate Devise.orm. This allows you to use several ORMs with Devise and reduces the required API. 2010-02-19 09:26:17 +01:00
José Valim
1282fc03cf Add missing autoload. 2010-02-17 16:53:17 +01:00
José Valim
02e8c04cde Update views generator and now have scoped views. 2010-02-17 12:26:54 +01:00
José Valim
b3e11c5aca Got another bunch of tests passing on Rails 3. 369 tests, 731 assertions, 33 failures, 53 errors. 2010-02-16 14:57:10 +01:00
José Valim
766316b5e7 Got tests running on Rails 3: 369 tests, 486 assertions, 45 failures, 124 errors. 2010-02-16 14:31:49 +01:00
José Valim
bdacffab58 Make HttpAuthenticatable opt-in. 2010-02-15 14:11:33 +01:00
Carlos Antonio da Silva
3435c53725 Fix typo: autoload Clearance encryptor and not Authlogic one. 2010-02-12 13:02:11 -02:00
José Valim
2761a75437 Refactor on routes. 2010-02-08 20:25:20 +01:00
José Valim
8a15ac6e4a Stub out other views for Registerable. 2010-02-08 19:07:24 +01:00
José Valim
9798ad7455 Allow scoped views to be customized per controller/mailer class. 2010-02-08 17:33:22 +01:00
Carlos Antonio da Silva
445070f6ec Use sign_up instead of registration in routes. Fix issue with users being signed in while attempting to sign up with info from already existing user. Also fix signed up flash. 2010-02-08 11:03:15 -02:00
Carlos Antonio da Silva
9856646fac Merge with master 2010-02-06 09:24:00 -02:00
José Valim
1cf4dc798d Add Http Basic Authentication support. 2010-02-06 01:33:32 +01:00
José Valim
c146cad448 Ensure inactive user cannot sign in. 2010-02-05 21:36:19 +01:00