github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,518 Commits 33 Branches 149 Tags
v3.2
Commit Graph

88 Commits

Author SHA1 Message Date
Peter Vandenabeele
7e6dd5022b Clarify that this stretch behavior is for bcrypt 
* other encryptors show a different behavior regarding the
  number of stretches
 2014-03-02 20:23:57 +01:00
Peter Vandenabeele
286eefa9b4 Note that the cost of bcrypt grows dramatically with number of stretches 
* this will avoid people (like me) loosing an hour trying to understand
  why doing it "a little bit safer" with 20 stretches suddenly takes
  60 seconds to do sign_up or sign_in. An example of such discussion is:
  http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/399627
 2014-03-02 18:57:32 +01:00
Peter Vandenabeele
a89af190e2 Fix typo in initializer template comment 2014-03-02 15:22:59 +01:00
Anshul Sharma
dc1b399a8b Updated ruby 1.9 hash syntax 2014-02-25 22:12:55 +05:30
Ryan McGeary
5f9838950a Remove password_length default docs in config template 
The default specified in the docs does not match up with the default
specified in the config.

See
cc8636cfed/lib/devise.rb (L127)

Changing the docs to read 6..128 with the config setting to 8..128 is
feared to cause confusion, so removing the default clause instead.
 2014-02-16 08:19:47 -05:00
Lucas Mazza
eba91e6580 Read the secret_key value from Rails secret_key_base. 
It is possible to override this by setting the `secret_key` manually
on the `devise.rb` initializer on your application.
 2014-01-22 11:13:25 -02:00
Erik Michaels-Ober
26e85c44e2 Removed use of gendered pronouns 2013-12-02 10:02:17 +01:00
José Valim
69d28f9b0e Add config.last_attempt_warning to default config 2013-10-26 11:56:31 +02:00
José Valim
dff7891b97 Get rid of token authentication 2013-09-02 19:15:47 -03:00
Pavel Pravosud
91f2bce08e Consistent single quotes in devise.rb generator 2013-08-30 22:21:12 +07:00
José Valim
32648027e2 Add Devise::KeyGenerator 2013-08-05 11:47:36 +02:00
José Valim
747751a20f Protect against CSRF token fixation attacks 2013-08-02 23:13:15 +02:00
José Valim
5bf4f57fcf Tidy up devise configuration 2013-04-13 22:07:54 -07:00
José Valim
1b8fd7c2ff Merge pull request #2271 from robhurring/master 
Allowing http token auth to set the token_authentication_key if missing from params
 2013-04-13 21:39:36 -07:00
robhurring
10f58b636f update devise config template with new allow_token_authenticatable_via_headers options 2013-03-04 17:38:36 -05:00
Ryan Mohr
f3928d8462 Mention devise-encryptable requirement for anything but bcrypt. 2013-02-25 10:42:06 -10:00
Stefan Boesen
3458e12274 Update lib/generators/templates/devise.rb 
Typo in template comment.
 2013-02-06 16:30:00 -08:00
José Valim
bdf0bc7b1e Revert "Revert "New password default minimum length is now 8"" 
This reverts commit b1f490a2f8.
Actually, the implementation was good!
 2012-07-24 23:41:17 +02:00
José Valim
b1f490a2f8 Revert "New password default minimum length is now 8" 
This reverts commit 2950434ed3.
It is backwards incompatible, we need a better migration plan.
 2012-07-24 22:41:13 +02:00
José Valim
f4db03d31c Do not add ActionView::Helpers::DateHelper to all models 2012-07-23 15:59:17 +02:00
Nils Landt
dcada8fe75 Refactor according to line notes from josevalim 
- rename reset_password_within to confirm_within
- confirmation_period_valid? is back and memoized
- fix hash syntax to hashrocket
 2012-07-22 14:02:27 +02:00
Nils Landt
42a0c30139 Refactored according to line notes by rodrigoflores 2012-07-11 15:49:41 +02:00
Nils Landt
87f2fa9767 Add options to expire confirmation tokens 
With this patch, functionality is added to expire the confirmation
tokens that are being sent by email.
For example, if a token is valid for 3 days only, it cannot be used for
confirmation on the 4th day.
 2012-07-09 14:43:12 +02:00
Rodrigo Flores
2950434ed3 New password default minimum length is now 8 2012-07-06 13:41:28 -03:00
Carlos Galdino
c179cef365 Change the minimum password length to 8 2012-07-06 11:46:46 -03:00
José Valim
ba2e44c6a4 Release 2.1.1 2012-06-16 15:57:17 +02:00
José Valim
6dd7ccee68 Add more docs, remove 3.0 related code, update CHANGELOG 2012-06-08 19:22:14 +02:00
Andrey Voronkov
b1b6e53d6f In addition to #1722. expire_auth_token_on_timeout added to Timeoutable configuration block. 2012-06-07 09:32:44 +04:00
José Valim
32f20dddd6 Get rid of deprecated code 2012-05-06 13:13:53 +02:00
José Valim
b59ce51760 Wording. 2012-03-30 09:05:52 +02:00
Rodrigo Rosenfeld Rosas
076f4b4db1 config.use_salt_as_remember_token is no longer supported 2012-03-28 19:29:41 -03:00
Rodrigo Rosenfeld Rosas
ac7b1b3c1f Fix minor typo on settings template 2012-03-28 16:58:21 -03:00
RogerE
de24170a79 Use rememberable_options instead of deprecated cookie_options in initializer 2012-02-21 08:01:17 +01:00
Claudio Poli
97c0339f66 Fix typos in devise.rb 2012-01-17 23:14:26 +01:00
José Valim
0b55ebb150 Remove 3.0 related code. 2012-01-02 21:04:54 +01:00
José Valim
8b3e0e52f1 Generate routes again for token, closes #1526. 2012-01-02 19:27:05 +01:00
José Valim
8ff080fb99 Improve docs for params/http authenticatable. 2012-01-02 19:24:48 +01:00
José Valim
5a11c6597c Usage of Devise.stateless_token= is deprecated in favor of appending :token_auth to Devise.skip_session_storage 2011-12-11 20:39:41 +01:00
José Valim
930b324c15 Usage of confirm_within was deprecated in favor allow_unconfirmed_access_for 2011-12-11 20:18:02 +01:00
José Valim
035e56215d Enable reconfirmable by default and disable apply_schema. 2011-12-05 00:03:53 +01:00
José Valim
bd27bf7677 Deprecate and disable old behavior accumulated with time. 2011-12-04 23:58:19 +01:00
José Valim
6d681c5b8a Merge remote-tracking branch 'heimidal/updates' into reconfirm 
Conflicts:
	lib/devise/models/confirmable.rb
	test/support/helpers.rb
 2011-12-04 20:58:41 +01:00
José Valim
9c3d5705b5 Update lib/generators/templates/devise.rb 2011-11-23 08:42:45 +00:00
José Valim
24b26026ef Delegator now checks the mapping for the proper failure app. 2011-11-07 09:20:09 -02:00
Brian Rose
7f754caba3 Merge branch 'master' into updates 2011-10-12 10:56:08 -06:00
José Valim
dd1d128333 Edited lib/generators/templates/devise.rb via GitHub 2011-09-21 12:58:10 -07:00
mandaryn
6469cbc62a renamed confirmation_on_email_change property to reconfirmable and added reconfirmable explanations 2011-08-30 22:19:17 -06:00
José Valim
a8d9695324 Simplify regexp and ensure it runs against UTF8 chars, closes #1235 2011-08-29 13:15:40 +02:00
Szymon Przybył
7665cbf21d Allow to set default 'from' header of Devise mails in custom mailer class 2011-08-20 22:35:47 +02:00
José Valim
6448490de5 Edited lib/generators/templates/devise.rb via GitHub 2011-08-05 20:45:39 +03:00