github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-14 17:27:58 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,518 Commits 28 Branches 145 Tags
v3.2
Commit Graph

115 Commits

Author SHA1 Message Date
Anshul Sharma
dc1b399a8b Updated ruby 1.9 hash syntax 2014-02-25 22:12:55 +05:30
Vasiliy Ermolovich
6d51e67fac properly change devise config in specs 2014-01-04 19:19:13 +03:00
Lucas Mazza
7b66133861 Remove subscriber block so it won't leak across the test suite. 2014-01-04 19:01:05 +03:00
Christopher Sexton
7afc096fa4 Keep the query string and path in store_location_for 
Persist the URI's query when saving to the session.

Fixes #2742
 2013-11-20 15:47:20 -05:00
José Valim
f36efc0cc9 Ensure multiple leading / are also removed, thanks @homakov 2013-11-13 15:01:23 +01:00
José Valim
0582467032 Ensure we only store paths in store_location_for (thanks to @homakov for the tip) 2013-11-13 13:30:24 +01:00
Matthew Rudy Jacobs
268e486dbb Add store_location_for helper 
This is used as a complement to `stored_location_for`.

Example:

Before authorizing with Omniauth;

  store_location_for(:user, dashboard_path)
  redirect_to user_omniauth_authorize_path(:facebook)

In our Omniauth callback

  sign_in(user)
  redirect_to stored_location_for(:user) || root_path
 2013-11-09 00:59:00 +00:00
Vipul A M
ae6a37f796 Cleanup tests for unused variables 2013-09-15 01:52:53 +05:30
José Valim
dff7891b97 Get rid of token authentication 2013-09-02 19:15:47 -03:00
Andri Möll
052cbef205 Don't confirm email after password reset. 
Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2013-08-18 10:13:35 +02:00
José Valim
354e5022bf Only allow insecure token lookup if a flag is given 2013-08-06 11:55:13 +02:00
José Valim
f5a77ac598 Skip storage for cookies on unverified requests 2013-08-05 10:24:11 +02:00
Drew Ulmer
e029ad7b0c Fix improper login param sanitization permit 
This includes a failing test case that hooks into ActiveSupport
Notifications to catch the param permit error.
 2013-06-25 13:44:39 -05:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
Carlos Antonio da Silva
69f79ad446 Let Devise play with both Rails 3.2 and Rails 4 for now 2013-05-05 19:55:06 -03:00
Carlos Antonio da Silva
a0058d5fbf Add some spaces, remove comment 2013-05-03 21:52:00 -03:00
Tan Jun Rong
804fbdf6d5 Fix spelling error, 'reseting' to 'resetting' 2013-04-22 22:25:40 +08:00
Tan Jun Rong
9d5a9c8a61 Add ability to override the redirect path after user has reset their password 2013-04-22 20:22:53 +08:00
Drew Ulmer
e0ffe8f85f Fix internal helper test referencing resource_params 2013-03-31 21:31:54 -05:00
Vasiliy Ermolovich
61903b534a don't delete the return to url from session if the requested format is not navigational 
closes #2122
 2012-11-04 23:42:38 +03:00
José Valim
18c377e0d7 Merge pull request #2112 from latortuga/patch-1 
Make #set_flash_message respect i18n-set resource_name
 2012-10-26 02:05:42 -07:00
Drew Ulmer
d6449d014e Add test for #devise_i18n_options allowing resource_name override 2012-10-24 12:13:07 -05:00
mathieul
95f20587ef test that destroying a session doesn't set the flash if the requested format is not navigational 2012-06-23 14:43:35 -07:00
José Valim
4f07ed42e3 Lock warden on sign out 2012-06-16 15:21:48 +02:00
José Valim
2b7328535d Check for the request before checking for the mapping, closes #1859 2012-05-25 09:39:50 +02:00
Adam Meehan
7ec4c1424d Add resource_params internal helper to param filtering 
In light of recent discussions around mass assignment security and
the alternate solution of using the controller to filter params, not the model,
a hook/helper is needed to be able to override how the params are filtered
before they are used to build the resource.
 2012-05-15 18:07:02 +10:00
José Valim
5e845ee265 Do not reproduce warden behavior, simply rely on the controller calling it 2012-05-06 12:09:53 +02:00
Matt Connolly
a9b7a4a1de Reinstating tests for the controller test's response object. This does need to be set so the strategy's custom response can be tested. 2012-05-06 19:24:57 +10:00
Matt Connolly
2a3a8b8008 Changing test to not bother with saved response, since it wasn't set by the test. 2012-05-06 17:08:00 +10:00
Matt Connolly
90a63d4d89 Completing test and functionality for TestHelper to correctly return a custom response from a warden strategy. 2012-05-06 16:48:39 +10:00
Matt Connolly
66f74ed579 Adding a test for a warden strategy retuning a custom response. 2012-05-06 13:35:24 +10:00
Christopher Meiklejohn
eb4e23274d Ensure ActiveRecord is defined, which is not true when running Mongoid tests. 2012-04-07 15:54:00 -03:00
José Valim
b74f71fbed Fix build so it works with Rails 3.1. 2012-03-26 18:50:39 +03:00
David FRANCOIS
885d8836d1 Ability to use attr_protected attributes as sign-in keys without triggering ActiveModel::MassAssignmentSecurity::Error when ActiveRecord::Base.mass_assignment_sanitizer is set to :strict. Fixes #1729. 2012-03-21 11:48:00 +01:00
Rodrigo Flores
9e7ab38bce sign_out helper uses the new warden api 2012-02-16 14:53:10 -02:00
José Valim
fb8e093389 Accept devise_i18n_options to handle custom i18n values, closes #1633 2012-02-15 16:58:23 +01:00
José Valim
d9df632671 Get rid of InternalHelpers, refactor scoped views for more performant behavior. 2012-01-02 22:01:28 +01:00
José Valim
bd27bf7677 Deprecate and disable old behavior accumulated with time. 2011-12-04 23:58:19 +01:00
José Valim
1e37e42239 Do not use stored location for sign out. 2011-11-20 19:19:41 +00:00
Hinrik Örn Sigurðsson
9ea7249368 Allow specifying a resource_return_to for sign out 
It was impossible to accomplish this by providing a
custom #after_sign_out_path_for in ApplicationController because the
session gets destroyed before it is called. Furthermore,
resource_return_to is now used by default if it exists, so users won't
have to provide a custom #after_sign_out_path_for in that case.
 2011-11-13 20:27:08 +00:00
José Valim
16208f7ad7 Rework previous commit to clean up the instance variable dynamically. 2011-11-09 17:00:42 -02:00
artemk
c3880e52e4 #1432 current_user still returning user after sign_out 2011-11-09 20:35:19 +02:00
José Valim
1bace6df4e Be sure to expire cached devise data after sign in, closes #1411 2011-11-05 20:11:09 -02:00
José Valim
fac02b58bc Another attempt to fix the misterious loading helpers bug. 2011-10-18 08:35:50 +02:00
José Valim
990dcc8eef Try to fix the misterious case where some url helpers are not defined. 2011-10-09 11:50:48 +02:00
José Valim
59f2767345 Remove deprecated code and tests. 2011-09-29 13:11:12 +02:00
José Valim
98acc84111 Allow options to be passed to authenticate_user! 2011-09-14 16:52:28 -07:00
Aditya Sanghi
873e49ab66 sign_in should return true in case user is already signed in and assert that. 2011-08-02 14:35:46 +05:30
José Valim
77d6d1e8c2 Do not try to authenticate with no_input_strategies are empty. 2011-06-22 15:28:49 -03:00
José Valim
4fd866d113 User cannot access sign up and similar pages if he is already signed in through a cookie or token, closes #1036. 2011-04-29 08:56:57 +02:00