github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-10 23:38:10 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,930 Commits 28 Branches 145 Tags
a8769933d1842e8dff1a625d202f693403663e12
Commit Graph

2930 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Magnus von Koeller
a8769933d1 Split out BCrypt hashing to make it reusable 
This logic is generic and reusable -- hash a secret; and take an
unhashed secret and compare it to a hashed secret. This breaks this out
to make it reusable in other places. Specifically, we use this in our
own token auth at Bonobos that we plan to split out as a Devise
extension. This will make that possible without copy & pasting this
code.
 2015-05-06 12:11:09 -07:00
José Valim
a29fee1644 Merge pull request #3575 from alex88/failure_flashes 
Conditionally use flashes in failure_app
 2015-04-21 19:50:43 +02:00
Alessandro Tagliapietra
eac6c743fd Conditionally use flashes in failure_app 
Fixes #3574
 2015-04-21 16:27:44 +02:00
José Valim
bc38b044a4 Merge pull request #3573 from kroky/master 
improve error message when using omniauth callbacks under a dynamic segment
 2015-04-21 12:46:31 +02:00
Victor Emanouilov
85d75702ed improve error message when using omniauth callbacks under a dynamic segment 2015-04-21 13:02:28 +03:00
José Valim
7ca70a47ce Merge pull request #3570 from nviennot/no_more_bang 
Removes the bang in confirm! and reset_password!
 2015-04-21 10:30:44 +02:00
Nicolas Viennot
c22e7133b6 Removes the bang in confirm! and reset_password! 
Closes #3412 and #3570.
 2015-04-19 11:47:44 -04:00
Carlos Antonio da Silva
2f0002a449 Simplify serializable_hash implementation 
Now that Rails 3.1 is not supported anymore, we don't need to implement
to_xml, since it does the right thing by calling serializable_hash.

This removes the class_eval need that existed to simplify the
implementation of both to_xml and serializable_hash.
 2015-03-31 14:11:13 -03:00
Carlos Antonio da Silva
79c6f47ad3 Bundle update 2015-03-24 09:00:38 -03:00
José Valim
885597025a Merge pull request #3520 from ianks/valid_password 
Valid password
 2015-03-17 22:54:40 +01:00
Ian Ker-Seymer
8743ce6cf8 Clearly comment on the functionality of valid_password? 2015-03-17 15:21:59 -06:00
Ian Ker-Seymer
70ab38839f Use password.present? in DatabaseAuthenticatable strategy 
In order to be more clear about the expectations of for authenticating, we use
`password.present?` so there is no confusion about the role of the `valid_password?`
method.

More info: https://github.com/plataformatec/devise/issues/3519
 2015-03-17 15:19:23 -06:00
Vasiliy Ermolovich
9aa72db365 Remove extra space. 
[ci skip]
 2015-03-15 02:09:46 +03:00
Carlos Antonio da Silva
18b6064d74 Merge branch 'ca-rm-spaces' 
Closes #3480.
 2015-03-13 14:00:07 -03:00
Carlos Antonio da Silva
868d3d82a0 Do a final pass removing spaces around square brackets 
Keep plataformatec guidelines and review tools happy.
Related to #3480.
 2015-03-13 13:59:19 -03:00
Kosmas Chatzimichalis
1ab2d51308 removed spaces inside square brackets 2015-03-13 13:59:19 -03:00
Carlos Antonio da Silva
d1d5996b6b Remove deprecated methods related to token authentication 
These methods have no effect since Devise 3.2.0, released in Nov 2013.
 2015-03-13 13:54:32 -03:00
José Valim
ef28bf2814 Merge pull request #3504 from scottjacobsen/devise_scope_override 
Allow objects to specify their devise scope
 2015-03-04 09:27:07 +01:00
Scott Jacobsen
4837bb0a4e Allow objects to specify their devise scope. 
Introspecting the scope of an object can make it difficult to use
wrapper patterns. See issue plataformatec/devise#3307 for an example.

Allow objects to specify their scope explicitly by implementing
`devise_scope`.
 2015-03-03 22:37:25 -07:00
Carlos Antonio da Silva
b02cd547e2 Merge pull request #3503 from arnvald/remove-redundant-condition 
Remove redundant `remember_created_at.nil?`
 2015-03-03 13:42:31 -03:00
Grzegorz Witek
8d5c2c4fd9 Remove redundant remember_created_at.nil? 
`remember_expired?` already calls this method
 2015-03-03 23:51:10 +08:00
José Valim
0a0b4e00ea Merge pull request #3502 from davetron5000/remove-hide-action 
remove use of hide_action in favor of protected
 2015-03-01 21:48:57 +01:00
Dave Copeland
e1b9dc860f remove use of hide_action in favor of protected 
Rails 5 will [not have `hide_action` any longer](https://github.com/rails/rails/pull/18371/files), as the Rails convention is to not expose private or protected methods as actions, thus obviating the need for `hide_action`.

Presumably, there is code inheriting from `DeviseController` that is
calling these helpers, so they cannot be private, so protected seems to
be the only way to get Devise working with Rails 5.
 2015-03-01 15:05:20 -05:00
Lauro Caetano
5802a57c76 Merge pull request #3478 from killthekitten/patch-1 
Update message after rails g devise:controllers
 2015-03-01 16:03:14 -03:00
Lucas Mazza
f038c36161 Use SVG badges in the README. 2015-02-27 14:16:54 -03:00
Rafael Mendonça França
4bb457ff6d Merge pull request #3493 from betesh/master 
allow Devise::Models::Authenticatable to be loaded before Rails
 2015-02-25 11:46:37 -03:00
Isaac Betesh
ac79f1e114 allow Devise::Models::Authenticatable to be loaded before Rails 2015-02-24 16:29:06 -05:00
José Valim
61ec44b76e Rollback mongoid fix as 4.0.2 will be out soon 2015-02-19 12:13:57 +01:00
Nikolay Shebanov
5e12508b96 Update message after rails g devise:controllers 2015-02-16 19:46:01 +03:00
José Valim
737ae3632a Merge pull request #3473 from georgemillo/test-yield 
adding test for RegistrationsController#new yielding the resource
 2015-02-14 18:49:59 +01:00
George Millo
a6a1524146 adding test for RegistrationsController#new yielding the resource 2015-02-14 15:37:21 +01:00
José Valim
2992b411a2 Update authenticatable.rb 2015-02-14 11:02:13 +01:00
José Valim
d2658c6e35 Merge pull request #2882 from hauleth/fix-mongoid-10068 
Devise + Mongoid store wrong data in session
 2015-02-14 11:00:48 +01:00
José Valim
893a0222ef Update new.html.erb 2015-02-14 10:59:01 +01:00
José Valim
fbb7a21abc Merge pull request #3468 from redbar0n/patch-2 
Fix potential security leak in email reconfirmation flow
 2015-02-14 10:58:25 +01:00
redbar0n
ee8c13435f Fix potential security leak in email reconfirmation flow 
Ref. bug/issue: https://github.com/plataformatec/devise/issues/3457
 2015-02-13 21:43:06 +01:00
José Valim
c19f1f27ce Merge pull request #3467 from borski/feature/recoverable_autologin_option 
Added an option to not automatically sign in a user after a password res...
 2015-02-13 13:32:35 +01:00
Michael Borohovski
f0992e4a96 Added an option to not automatically sign in a user after a password reset. This is useful for cases where additional strategies might be needed (such as two-factor authentication, e.g.), or generally if it is considered a security risk to automatically log in a user after a password is reset. 2015-02-13 02:29:11 -08:00
José Valim
baef67cee7 Merge pull request #3452 from jaume-prat/master 
workaround for mountable Engines with Rails 4.2
 2015-02-13 09:50:30 +01:00
José Valim
00dc3932c6 Merge pull request #3465 from mattbrictson/logging-leaks-readme 
Add warning about logged tokens to the README
 2015-02-13 09:20:59 +01:00
Matt Brictson
7acc7a6659 Add warning about logged tokens to the README 2015-02-12 16:05:58 -08:00
José Valim
fea2b95c5f Merge pull request #3463 from LunarLogic/master 
Extracted route to separate method to be able to override in child class
 2015-02-12 13:13:26 +01:00
Ania Slimak
8461234483 Extracted route to separate method to be able to override in child class 2015-02-12 13:07:57 +01:00
Jaume Prat
af8d38e45b do not set :script_name option with nil 2015-02-05 14:33:09 +01:00
Lucas Mazza
a2e0e9c187 Merge pull request #3449 from gaganawhad/patch-1 
Add comments re: secret_key on Rails 4+ apps
 2015-02-04 19:39:48 -02:00
Gagan Awhad
90f1d4d37a Add helpful comments re: 'secret_key' in devise initializer template 
Adding a couple comments that explain that Devise will use
'secret_key_base' on Rails 4+ applications as its 'secret_key' by default.
 2015-02-04 14:48:25 -06:00
Lucas Mazza
51c621ef51 Merge pull request #3447 from nitis-intelligence/warning/rails5 
removing deprecation warning from rails 5
 2015-02-03 19:03:37 -02:00
Luciano Sousa
9177bd70cf removing optional commas 2015-02-02 23:02:52 -03:00
Luciano Sousa
252a57d9b3 removing deprecation warning from rails 5 2015-02-02 22:54:46 -03:00
Lucas Mazza
394d69d958 Merge pull request #3407 from rosenfeld/inherited-controllers-translations 
Use Devise translations when inheriting from core controllers
 2015-01-26 20:03:11 -02:00