github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-13 16:57:57 -05:00
Code Issues Packages Projects Releases Wiki Activity
1,072 Commits 28 Branches 145 Tags
v1.2
Commit Graph

460 Commits

Author SHA1 Message Date
José Valim
edee511cd1 Rename active? to active_for_authentication? 2011-03-25 15:40:46 +01:00
José Valim
d58a72ee32 Remove stuff deprecated on .rc2 2011-03-14 11:22:09 +01:00
Vinicius Baggio
15d195d2f0 Fixing OmniAuth integration tests since now it has support for failure scenarios 2011-03-12 13:58:19 -03:00
José Valim
3f4fb1a769 Improve previous patch. 2011-03-11 20:46:08 +01:00
gilles
1982ad9f57 fix for possible injection with mongo 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-11 20:24:24 +01:00
Guilherme Silveira
e4cae200f4 simplifying comparisons (avoind too much negatives) and adding unit test cases 2011-02-27 15:14:02 +08:00
Vinicius Baggio
aa81df261c Warn about an incompatibility between Devise and Mongoid 2011-02-25 18:17:14 -03:00
Vinicius Baggio
0cc900e7cf Reset lock attempts count when lock is expired. Closes #825 2011-02-25 17:59:27 -03:00
Vinicius Baggio
9bff1cf658 Fixing assertion in integration test 2011-02-25 14:57:49 -03:00
Vinicius Baggio
305059f573 Consider SCRIPT_NAME on omniauth url helper. Closes #876 2011-02-25 14:20:12 -03:00
José Valim
43a3431c3e Add a test to ensure user.remember_me = true followed by a sign in sends the cookie, closes #776 2011-02-24 22:24:21 +01:00
José Valim
2e43944567 Move rememberable back to a hook. 2011-02-24 21:55:52 +01:00
Vinicius Baggio
352edc024b Cleaning up test helpers related to OmniAuth. 
Developers should rely on OmniAuth's new testing API. Check
https://github.com/intridea/omniauth/wiki/Integration-Testing
for more details.
 2011-02-24 16:50:22 -03:00
Vinicius Baggio
42d002702c Considering namespaces while generating the routes. Closes #682 2011-02-23 14:24:47 -03:00
Vinicius Baggio
6bd65209d5 Added a test case for Devise Generator 2011-02-23 14:24:47 -03:00
Vinicius Baggio
970457f2c2 Fixing test error when dealing with multiple time zones 2011-02-23 14:24:42 -03:00
Joey Aghion
fdf6a48a7e Custom failure apps no longer ignored in test mode. 2011-02-18 15:53:04 +08:00
José Valim
dd721f1857 Use secure compare as well. 2011-02-15 11:33:54 +01:00
José Valim
ca293d17ba Implement Rails' handle unverified request. 2011-02-15 10:58:38 +01:00
José Valim
add8f8a203 Works on 3.0.4. 2011-02-15 10:27:34 +01:00
José Valim
6a6ed6702e Improve tests and update CHANGELOG. 2011-02-15 10:07:08 +01:00
Nate Todd
2d0f887ba7 Preventing timeoutable from interfering with stateless tokens. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-02-15 09:54:13 +01:00
José Valim
aac9c40cba Ensure after hooks are called on registrations controller, closes #852 2011-02-15 09:41:35 +01:00
Jo Liss
f964ea526b Skip test that fails with Mongoid. 
The test suite passes now.
 2011-02-10 23:00:14 +08:00
Jo Liss
8440ed0101 Make Devise::friendly_token 20 characters long. 
This makes the tokens better suited for URLs in plain-text emails, and
is still secure for all practical purposes.
 2011-02-10 21:42:58 +08:00
Jeffrey Jones
cb5e0c4a7b Simplified logic for checking if the email is present and moved the Mongoid classes out of eval statements 2011-02-10 16:16:33 +08:00
Jeffrey Jones
0287d8cc80 When using database_authenticatable Devise will now only create an email field when appropriate. 
(If using default authentication_keys or custom authentication_keys with email included)

Test written for Mongoid, not sure how to test for active_record yet.
 2011-02-10 16:16:33 +08:00
José Valim
f332d7e932 Add a test to show recoverable works as expected if password is blank. 2011-02-09 10:11:48 +01:00
Carlos Antonio da Silva
c9fe8885f9 Spaces 2011-02-06 19:23:36 -02:00
Nico Ritsche
f06bed279a corrected 'an user' to 'a user' in comments and docs 2011-02-06 23:46:49 +08:00
John Plummer
7a1852e9f5 Allow send confirmation to change keys used 2011-02-05 16:19:01 +08:00
José Valim
68f699bfd4 Do not change default behavior of previous apps. 2011-01-21 10:55:40 +01:00
José Valim
0615c0a0a4 Fix infinite redirect issues. Closes #787 and closes #795. 2011-01-20 09:22:41 +01:00
José Valim
c78bb68c66 Revert "Fix an issue causing infinite redirects in production, closes #720" 
This reverts commit a156576ce9.

Conflicts:

	lib/devise/controllers/internal_helpers.rb
 2011-01-20 09:16:44 +01:00
Jo Liss
4207c2321f Fix the module sorting in devise method. 2011-01-15 07:38:06 +08:00
Jo Liss
fa239b984a Do not silently ignore invalid modules passed to devise method in model. 
The & operator seemed to be only used to force sorting, but as a
side effect we got suboptimal error handling.
 2011-01-15 06:42:29 +08:00
Jo Liss
692f7b27ff typos (remaining instances of authenticable -> authenticatable) 2011-01-13 13:02:17 +08:00
siong1987
6e91edd5e3 failure_app redirects to the correct format if it is a non-html request. This is to ensure that firefox redirects the correct format since firefox doesn't inherit accept info. also fix issue 675 that is resurrected by issue 754. 2011-01-11 18:27:14 +08:00
Richard Aday
88d4aca2c4 Adding tests for reset_password_keys and unlock_keys 2010-12-30 03:11:03 +08:00
Richard Aday
038eb321d4 Allowing reset_password_keys and unlock_keys to be set through the config 2010-12-30 03:10:56 +08:00
José Valim
c8c84c77c6 Respond to all formats if none is specified. 2010-12-29 16:01:11 +01:00
José Valim
8f20b13f84 By default, just require e-mail on recover and lockable. 2010-12-28 23:00:23 +01:00
José Valim
af1295284c rememberable cookie now is httponly by default 2010-12-25 12:04:04 +01:00
JamesFerguson
1b43cb5203 Added assertion testing that remember_user_token cookie is flagged as HttpOnly. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-12-25 11:49:40 +01:00
José Valim
b34f456096 Invoke callbacks using the correct API 2010-12-25 11:41:14 +01:00
Josh Starcher
e95eb93eb7 added failing test for Warden before_failure hooks 2010-12-25 18:21:20 +08:00
José Valim
27051cb2fe responder formats should be inherited from ApplicationController 2010-12-25 11:04:39 +01:00
Prem Sichanugrist
e8e3df3891 Add support for non-navigational format response to SessionsController 
This will make Devise::SessionsController return the authenticated object in the requested format instead of redirect the client to another page upon success authentication.
 2010-12-25 17:57:15 +08:00
siong1987
379d8c69a5 Issue 675: recall option is now passed for not confirmed email and inactive account. 2010-12-23 02:24:26 +08:00
José Valim
13e8bc22e3 Move duplicate sign_in logic to sign_in(). 2010-12-20 10:02:27 +01:00