github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,922 Commits 33 Branches 149 Tags
79c6f47ad3471e4ec652801fae2ecd91998e400c
Commit Graph

2922 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Carlos Antonio da Silva
79c6f47ad3 Bundle update 2015-03-24 09:00:38 -03:00
José Valim
885597025a Merge pull request #3520 from ianks/valid_password 
Valid password
 2015-03-17 22:54:40 +01:00
Ian Ker-Seymer
8743ce6cf8 Clearly comment on the functionality of valid_password? 2015-03-17 15:21:59 -06:00
Ian Ker-Seymer
70ab38839f Use password.present? in DatabaseAuthenticatable strategy 
In order to be more clear about the expectations of for authenticating, we use
`password.present?` so there is no confusion about the role of the `valid_password?`
method.

More info: https://github.com/plataformatec/devise/issues/3519
 2015-03-17 15:19:23 -06:00
Vasiliy Ermolovich
9aa72db365 Remove extra space. 
[ci skip]
 2015-03-15 02:09:46 +03:00
Carlos Antonio da Silva
18b6064d74 Merge branch 'ca-rm-spaces' 
Closes #3480.
 2015-03-13 14:00:07 -03:00
Carlos Antonio da Silva
868d3d82a0 Do a final pass removing spaces around square brackets 
Keep plataformatec guidelines and review tools happy.
Related to #3480.
 2015-03-13 13:59:19 -03:00
Kosmas Chatzimichalis
1ab2d51308 removed spaces inside square brackets 2015-03-13 13:59:19 -03:00
Carlos Antonio da Silva
d1d5996b6b Remove deprecated methods related to token authentication 
These methods have no effect since Devise 3.2.0, released in Nov 2013.
 2015-03-13 13:54:32 -03:00
José Valim
ef28bf2814 Merge pull request #3504 from scottjacobsen/devise_scope_override 
Allow objects to specify their devise scope
 2015-03-04 09:27:07 +01:00
Scott Jacobsen
4837bb0a4e Allow objects to specify their devise scope. 
Introspecting the scope of an object can make it difficult to use
wrapper patterns. See issue plataformatec/devise#3307 for an example.

Allow objects to specify their scope explicitly by implementing
`devise_scope`.
 2015-03-03 22:37:25 -07:00
Carlos Antonio da Silva
b02cd547e2 Merge pull request #3503 from arnvald/remove-redundant-condition 
Remove redundant `remember_created_at.nil?`
 2015-03-03 13:42:31 -03:00
Grzegorz Witek
8d5c2c4fd9 Remove redundant remember_created_at.nil? 
`remember_expired?` already calls this method
 2015-03-03 23:51:10 +08:00
José Valim
0a0b4e00ea Merge pull request #3502 from davetron5000/remove-hide-action 
remove use of hide_action in favor of protected
 2015-03-01 21:48:57 +01:00
Dave Copeland
e1b9dc860f remove use of hide_action in favor of protected 
Rails 5 will [not have `hide_action` any longer](https://github.com/rails/rails/pull/18371/files), as the Rails convention is to not expose private or protected methods as actions, thus obviating the need for `hide_action`.

Presumably, there is code inheriting from `DeviseController` that is
calling these helpers, so they cannot be private, so protected seems to
be the only way to get Devise working with Rails 5.
 2015-03-01 15:05:20 -05:00
Lauro Caetano
5802a57c76 Merge pull request #3478 from killthekitten/patch-1 
Update message after rails g devise:controllers
 2015-03-01 16:03:14 -03:00
Lucas Mazza
f038c36161 Use SVG badges in the README. 2015-02-27 14:16:54 -03:00
Rafael Mendonça França
4bb457ff6d Merge pull request #3493 from betesh/master 
allow Devise::Models::Authenticatable to be loaded before Rails
 2015-02-25 11:46:37 -03:00
Isaac Betesh
ac79f1e114 allow Devise::Models::Authenticatable to be loaded before Rails 2015-02-24 16:29:06 -05:00
José Valim
61ec44b76e Rollback mongoid fix as 4.0.2 will be out soon 2015-02-19 12:13:57 +01:00
Nikolay Shebanov
5e12508b96 Update message after rails g devise:controllers 2015-02-16 19:46:01 +03:00
José Valim
737ae3632a Merge pull request #3473 from georgemillo/test-yield 
adding test for RegistrationsController#new yielding the resource
 2015-02-14 18:49:59 +01:00
George Millo
a6a1524146 adding test for RegistrationsController#new yielding the resource 2015-02-14 15:37:21 +01:00
José Valim
2992b411a2 Update authenticatable.rb 2015-02-14 11:02:13 +01:00
José Valim
d2658c6e35 Merge pull request #2882 from hauleth/fix-mongoid-10068 
Devise + Mongoid store wrong data in session
 2015-02-14 11:00:48 +01:00
José Valim
893a0222ef Update new.html.erb 2015-02-14 10:59:01 +01:00
José Valim
fbb7a21abc Merge pull request #3468 from redbar0n/patch-2 
Fix potential security leak in email reconfirmation flow
 2015-02-14 10:58:25 +01:00
redbar0n
ee8c13435f Fix potential security leak in email reconfirmation flow 
Ref. bug/issue: https://github.com/plataformatec/devise/issues/3457
 2015-02-13 21:43:06 +01:00
José Valim
c19f1f27ce Merge pull request #3467 from borski/feature/recoverable_autologin_option 
Added an option to not automatically sign in a user after a password res...
 2015-02-13 13:32:35 +01:00
Michael Borohovski
f0992e4a96 Added an option to not automatically sign in a user after a password reset. This is useful for cases where additional strategies might be needed (such as two-factor authentication, e.g.), or generally if it is considered a security risk to automatically log in a user after a password is reset. 2015-02-13 02:29:11 -08:00
José Valim
baef67cee7 Merge pull request #3452 from jaume-prat/master 
workaround for mountable Engines with Rails 4.2
 2015-02-13 09:50:30 +01:00
José Valim
00dc3932c6 Merge pull request #3465 from mattbrictson/logging-leaks-readme 
Add warning about logged tokens to the README
 2015-02-13 09:20:59 +01:00
Matt Brictson
7acc7a6659 Add warning about logged tokens to the README 2015-02-12 16:05:58 -08:00
José Valim
fea2b95c5f Merge pull request #3463 from LunarLogic/master 
Extracted route to separate method to be able to override in child class
 2015-02-12 13:13:26 +01:00
Ania Slimak
8461234483 Extracted route to separate method to be able to override in child class 2015-02-12 13:07:57 +01:00
Jaume Prat
af8d38e45b do not set :script_name option with nil 2015-02-05 14:33:09 +01:00
Lucas Mazza
a2e0e9c187 Merge pull request #3449 from gaganawhad/patch-1 
Add comments re: secret_key on Rails 4+ apps
 2015-02-04 19:39:48 -02:00
Gagan Awhad
90f1d4d37a Add helpful comments re: 'secret_key' in devise initializer template 
Adding a couple comments that explain that Devise will use
'secret_key_base' on Rails 4+ applications as its 'secret_key' by default.
 2015-02-04 14:48:25 -06:00
Lucas Mazza
51c621ef51 Merge pull request #3447 from nitis-intelligence/warning/rails5 
removing deprecation warning from rails 5
 2015-02-03 19:03:37 -02:00
Luciano Sousa
9177bd70cf removing optional commas 2015-02-02 23:02:52 -03:00
Luciano Sousa
252a57d9b3 removing deprecation warning from rails 5 2015-02-02 22:54:46 -03:00
Lucas Mazza
394d69d958 Merge pull request #3407 from rosenfeld/inherited-controllers-translations 
Use Devise translations when inheriting from core controllers
 2015-01-26 20:03:11 -02:00
José Valim
65700b22ba Merge pull request #3440 from davestevens/pepper-password 
Only add pepper if needed
 2015-01-26 19:46:32 +01:00
Dave Stevens
8d48bcd594 Only add pepper if needed 
Due to bug in Ruby 2.2.0; The bug has been acknowledged and fixed in trunk.

When password comes in FormEncoded the result of `gsub` breaks when
peppered with `nil`.
This only adds pepper if defined on the model and works around this
bug.

See: 622f3f14b6
 2015-01-26 18:06:11 +00:00
José Valim
6dd4444582 Merge pull request #3432 from ronalchn/remember.used.tokens 
Keep used confirmation tokens for more user friendly error message (issue #3429)
 2015-01-19 13:04:30 +01:00
Ronald Chan
3f95ac8fec Keep used confirmation tokens for more user friendly error message (fixes #3429) 2015-01-19 22:30:13 +13:00
José Valim
c9fb1ebbfe Merge pull request #3428 from erdostom/master 
updating copyrights to 2015
 2015-01-18 22:38:29 +01:00
Tamas Erdos
bf2b37a39c updating copyrights to 2015 2015-01-18 16:21:59 -05:00
José Valim
8d3e0fddd3 Merge pull request #3425 from kbullaughey/master 
get rid of config.serve_static_assets deprecation warning from production.rb
 2015-01-16 21:31:38 +01:00
Kevin Bullaughey
1118762ce7 apply the same change to production.rb that was put into test.rb to get rid of the depracation warning related to the config.serve_static_assets -> config.serve_static_files in Rails 4.2.0 2015-01-16 15:29:08 -05:00