github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-13 08:48:00 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,293 Commits 28 Branches 145 Tags
v3.0
Commit Graph

1320 Commits

Author SHA1 Message Date
José Valim
d401147f68 Release v3.0.4 2013-11-13 14:10:16 +01:00
José Valim
d559a32646 Release 3.0.3 2013-08-18 10:26:26 +02:00
José Valim
6b95b96547 Release v3.0.2 2013-08-09 10:24:23 +02:00
José Valim
df8e6cf225 Skip storage for cookies on unverified requests 2013-08-08 23:32:18 +02:00
José Valim
7c8c0f8dba Release 3.0.1 2013-08-02 23:25:11 +02:00
José Valim
747751a20f Protect against CSRF token fixation attacks 2013-08-02 23:13:15 +02:00
Paul Chobert
d88b3cedfb Remove trailing whitespaces 2013-07-28 23:15:42 +02:00
José Valim
11a77055f1 Merge pull request #2525 from jetthoughts/timeoutable-without-rememberable 
Fixed checking for rememberable in timeoutable
 2013-07-26 00:58:09 -07:00
José Valim
cd1bc53947 Do not generate attr_accessible for any Rails 4 app 2013-07-26 09:22:03 +02:00
Michael Nikitochkin
fffbeb5cc7 Fixed bug when user has field remember_created_at but the module rememberable is not enabled for the user 2013-07-26 10:20:29 +03:00
José Valim
78fedd6c10 Merge pull request #2523 from Neschur/add_method_after_confrimation 
Added method after_confrimation
 2013-07-25 23:59:50 -07:00
Justin Coyne
b7e67115fc When using rails 3.2, the generator adds 'attr_accessible' to the model. Fixes #2515 2013-07-23 22:49:05 -05:00
Siarhei Hanchuk
b7bc8dec12 Added method after_confrimation 2013-07-23 14:19:58 +03:00
José Valim
b46b7e3736 Release v3.0.0 2013-07-14 20:40:56 +02:00
Vasiliy Ermolovich
2c1ca126f4 add remember_me to the permitted sign_in params 2013-07-12 22:14:32 +03:00
José Valim
bc598b9da3 Merge pull request #2452 from latortuga/bad-strong-params-on-failed-login 
Add failing test case for bad parameter sanitizing when failing to login
 2013-07-08 23:53:41 -07:00
José Valim
da0323e591 Merge pull request #2419 from plataformatec/issue-2418 
set error to the field specified in unlock_keys config
 2013-07-08 23:52:19 -07:00
José Valim
061e9d7404 Merge pull request #2475 from tkhr/enable_skipping_reconfirmation_notification_but_regenerate_confirmation_token_2 
Enable to skip sending reconfirmation email when reconfirmable is on and skip_confirmation_notification! is invoked
 2013-07-08 23:51:42 -07:00
Drew Ulmer
e029ad7b0c Fix improper login param sanitization permit 
This includes a failing test case that hooks into ActiveSupport
Notifications to catch the param permit error.
 2013-06-25 13:44:39 -05:00
Martin Honermeyer
5926898cf4 Update code example for #update_without_password 2013-06-25 11:27:35 +02:00
Takehiro Adachi
df2995ce19 Enable to skip sending reconfirmation email when skip_confirmation_notification! is invoked 
We could always generate a confirmation token but not sending a
confirmation email by invoking the skip_confirmation_notification!
method when creating the account.
But there were no way to do that when we were turning on reconfirmable
and updating email.
 2013-06-20 08:21:54 +09:00
José Valim
5717c6f082 Splat args to be sanitized 2013-06-19 10:37:37 +02:00
José Valim
72cf2481b5 Rename ParamFilter to ParameterFilter for consistency 2013-06-19 09:17:54 +02:00
José Valim
5c39a0c6d1 Merge pull request #2458 from t-kot/fix_access_locked_return_value 
Fix access_locked? always return boolean
 2013-06-12 20:45:25 -07:00
Steve Slotnick
b194882b23 Renaming get_or_create_*_token to ensure_*_token to match API in token authenticatable 2013-06-12 15:10:14 -07:00
Steve Slotnick
b5909f9b93 changing name from *_token! to get_or_create_*_token 2013-06-11 14:14:17 -07:00
Steve Slotnick
3c9cfa50c0 Adding publicly available methods on Recoverable and Confirmable to retrieve tokens 2013-06-10 19:17:19 -07:00
t-kot
e632240aee Fix access_locked? always return boolean 2013-06-07 12:11:00 +09:00
José Valim
176158a309 Just for Rails 3.2 2013-06-06 00:45:02 +08:00
José Valim
fdd47d74db We are not duck typing here, so don't call the variable duck 2013-06-01 10:06:33 +09:00
julp
10aadee637 record is potentially unchanged here, if so, no needs to save it 2013-05-29 19:27:02 +02:00
julp
7670eb8e98 don't update failed_attempts attribute if already equal to 0 2013-05-29 19:24:51 +02:00
Kramer Campbell
17e85aa79d Avoid sending confirmations to blank emails. 
At times, validations may be skipped and no email address may be
provided. Such an instance comes when testing uniqueness validations of
specific attributes in a Devise model with confirmable, especially when
using Shoulda matchers.
 2013-05-22 19:48:06 -07:00
José Valim
10c9a492ab Merge pull request #2427 from plataformatec/issue-2421 
redirect user to the referrer if latest request was not GET after timeout
 2013-05-19 08:07:43 -07:00
Vasiliy Ermolovich
b7079c7cf2 redirect user to the referrer if latest request was not GET after timeout 
closes #2421
 2013-05-19 17:11:34 +03:00
Emil Soman
020341176c Update doc to mention http_authenticable is false by default 2013-05-18 01:50:06 +05:30
Vasiliy Ermolovich
dd7c3ee91f set error to the field specified in unlock_keys config 
closes #2418
 2013-05-14 17:41:47 +03:00
Carlos Antonio da Silva
39c1a2c7d0 Release 3.0.0.rc with Rails 4 support 2013-05-07 13:32:03 -03:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
Carlos Antonio da Silva
f5e33089a0 Release 2.2.4 2013-05-07 12:51:46 -03:00
José Valim
ef2a2280a3 Update examples to be compatible with Rails 4 2013-05-07 08:18:12 -06:00
José Valim
03f2a6a5e4 Merge pull request #2392 from michiel3/master 
Add destroy_with_password method
 2013-05-07 07:11:47 -07:00
Victor Cruz Dueñas
75fdd2944d Avoid hash mutation 2013-05-05 10:12:57 +02:00
Victor Cruz Dueñas
ae48fc8419 Refactor to avoid duplication on param filter 2013-05-05 01:19:37 +02:00
Rafael Mendonça França
63627d1439 Refactoring the code a little bit 
* Rename #get_constraints_given_method to #constraints_for to make the
  method clear.

* The method name now is required.

* Use symbols instead of strings.

* Make #constraints_for a protected method.
 2013-05-04 14:33:55 -03:00
DI2uNk
eadce2fef6 Refactored rails/routes.rb to avoid repeated code 2013-05-04 11:56:56 +02:00
Carlos Antonio da Silva
0fe0373144 Fix location of parameter sanitizer in docs [ci skip] 2013-05-03 22:52:26 -03:00
Michiel Prins
92218e9ecc Remove unnecessary code 2013-04-29 15:21:31 +02:00
Michiel Prins
60e933df73 Add destroy_with_password method 2013-04-29 15:06:13 +02:00
Scott M
2f28e48f54 Fix spelling error in doc block 2013-04-29 01:52:37 -03:00