github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-22 21:28:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
841 Commits 28 Branches 145 Tags
617e142e3408efe17a50de041a1605f2eceeb2bd
Commit Graph

841 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
José Valim
617e142e34 Store the salt in session and expire the session if the user changes his password 2010-09-25 17:24:56 +02:00
José Valim
6613653df0 Update CHANGELOG. 2010-09-25 16:10:59 +02:00
José Valim
09088706bb Extract encryptors into their own module for better bcrypt support. 2010-09-25 16:08:46 +02:00
José Valim
31d821c2e0 Allow to Rememberable to work without remember_token relying on salt if possible. 
This comes with the benefit that if you change your password, all remember tokens expires, and it also requires one field less in the database.

The downside is that if you want remember_me_across_browser to be false, it won't work unless you use the token. It also requires you to be using database_authenticable.

Using salt is now the default in Devise.
 2010-09-25 13:07:24 +02:00
José Valim
1ed674afa8 Use Admin in old rememberable tests. 2010-09-25 12:04:38 +02:00
José Valim
2aa1d2f3b7 Increase the size of the friendly token. 
The chance of someone to successfully guess a random token in the website is:

(number_of_users / 2388636399360109977557402041718133080829429159844757507642063199359529632522467783435119230976)
 2010-09-25 11:51:57 +02:00
José Valim
c12d75eecf Do not rely on controller being available in params. 2010-09-25 11:22:18 +02:00
José Valim
b6089145c1 Warden 1.0! :mantears: 2010-09-25 11:22:17 +02:00
Carlos Antonio da Silva
d02ea3153b Small doc fix 2010-09-24 08:59:39 -03:00
José Valim
dd11f43014 All tests green on latest mongoid. 2010-09-24 11:30:08 +02:00
José Valim
f96061b350 Update docs and CHANGELOG based on the 1.1.3 release from v1.1 branch. 2010-09-24 09:43:40 +02:00
Carlos Antonio da Silva
aaeb053c1d Update CHANGELOG 2010-09-24 00:15:00 -03:00
Martin Davidsson
ec0e105c52 Incorporate feedback from carlosantoniodasilva and update rememberable 
tests
 2010-09-24 11:08:59 +08:00
Martin Davidsson
f3e348f6f4 Merge options hash instead of overwriting it 
The forgetable hook will delete cookies based on the :scope in an
options hash but it was overwriting the options and setting them to
either an empty hash or a hash with a single :domain key. Because the
:scope was lost, the hook was trying to delete the 'remember__token'
instead of the more typical 'remember_user_token' cookie.
 2010-09-24 11:08:58 +08:00
José Valim
589de27bcd Stop using inject({}) to build hashes. It is harder to read and slower. 2010-09-22 23:29:17 +02:00
Trevor Turk
fdb4cd5b38 Major update to README - encourage use of the Wiki 2010-09-22 07:31:31 +08:00
José Valim
d6084ab1f7 Improve CHANGELOG. 2010-09-21 12:09:53 +02:00
Thibaud Guillaume-Gentil
c121d8026e Avoid BCrypt::Errors::InvalidSalt: invalid salt 
when password_salt is nil.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 12:09:07 +02:00
José Valim
5429f940e7 Refactor code related with authentication keys on password recovery and account unlocking, closes #396. 2010-09-21 12:05:17 +02:00
RStankov
850afec96e make User#send_reset_password_instructions to require all authentication_keys 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 11:47:07 +02:00
RStankov
fb86f772e7 make User#send_unlock_instructions to require all authentication_keys 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 11:46:57 +02:00
José Valim
b2066cc229 Add request_keys support. Closes #401. 2010-09-21 11:45:44 +02:00
José Valim
fc37436a24 Update CHANGELOG. 2010-09-21 10:52:24 +02:00
José Valim
7c630fdb5e Do not execute Warden::Callbacks on Devise::TestHelpers. Closes #414. 2010-09-21 10:50:01 +02:00
Sam Grönblom
57ab87a1b6 Added four tests related to Warden callbacks 
Two tests are to ensure that the callbacks are called at all. The other
two test ensure that the user parameter provided to the callback is not
nil.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 10:31:09 +02:00
José Valim
ff0b4deb1a Add reply-to to e-mail headers by default. Closes #474 2010-09-21 10:07:02 +02:00
Pat Allan
29e9be92b0 Reworking the internals of Devise::Mailer - mainly so headers can be tweaked without overwriting/rewriting #setup_mail. (I'm using a custom mailer which is a subclass of Devise::Mailer, and want to change headers/templates in some situations - but perhaps this is useful generally). 2010-09-20 21:02:28 +08:00
Carlos Antonio da Silva
0388380614 Small comment fix 2010-09-17 20:58:32 -03:00
takahashim
a9f7b3258a fix TypeError in test_sign_in_with_script_name(AuthenticationOthersTest) 2010-09-16 23:02:49 +08:00
Pelle Braendgaard
7b069e641b Improved test thanks to Jose Valim. 2010-09-14 03:55:10 +08:00
Pelle Braendgaard
2fdb71716f The http authentication code was not checking for the type of authentication in the Authentication header. 
This caused issues with OAuth header authentication.
Please note I have added a test but I'm not sure it works right as it doesn't fails without the change :-)
But it does fix failures in the oauth-plugin provider specs using devise.
 2010-09-14 03:55:09 +08:00
Carlos Antonio da Silva
5c928df66b Strip some whitespaces 2010-09-09 21:11:23 -03:00
James Miller
0f0eb4e8ce Fix for failed first-ever logins on PostgreSQL where column default is nil 2010-09-02 05:46:56 +08:00
Vinicius Baggio
006f48232f Fixing typo in documentation 2010-09-01 17:50:52 -03:00
Hugo Baraúna
6e71eca2dd Updates the docs link from rdoc.info to rubydoc.info 
RubyDoc.info is a new guy in the ruby community that was built to replace Rdoc.info. Actually, RubyDoc.info is a result of the merge betwenn yardoc.org/docs and rdoc.info.
 2010-08-31 16:17:17 -07:00
José Valim
31d7020637 Reorganize tests for failure app and add entries to CHANGELOG. 2010-08-31 23:55:25 +02:00
José Valim
c8bd965462 Depend on Rails 3 gem in Gemfile. 2010-08-31 23:47:16 +02:00
Santiago Pastorino
e582112369 set WWW-Authenticate header on http_auth if request is not xhr 2010-09-01 05:35:40 +08:00
Daniel Lopes
736654e1bc adding docs for the namespace behavior 2010-08-31 23:59:50 +08:00
Santiago Pastorino
5fb5efbd42 Returning WWW-authenticate on ajaxs calls depends only on Devise.http_authenticatable_on_xhr config 2010-08-31 23:51:58 +08:00
Brian Rose
bf122d8fea Remove inaccurate documentation regarding confirmable and changing emails. 2010-08-27 20:11:03 +08:00
José Valim
daf4b35f85 Update Gemfile lock. 2010-08-26 11:54:45 -03:00
José Valim
ee49077072 :default options is used, closes #452 2010-08-26 08:30:43 -03:00
Fred Wu
c6002bb9bd Corrected the mongoid git repo. 2010-08-25 23:01:52 +08:00
José Valim
5701542adc Update CHANGELOG. 2010-08-25 08:52:04 -03:00
José Valim
c96e17dd8d Ensure routes works for all rails 3 versions. 2010-08-25 08:51:17 -03:00
George Guimarães
1e17b6a5ec Typo in initializer 2010-08-25 00:41:26 -03:00
José Valim
219c05ce49 Small fix in the README. 2010-08-23 14:02:15 -07:00
José Valim
08da923276 Add more docs to the cancel action. 2010-08-23 13:51:37 -07:00
George Guimarães
a9aab6bd27 Changes the comments in devise initializer to reflect the default options. 2010-08-23 16:50:42 -03:00