github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,394 Commits 33 Branches 149 Tags
c87809a0f5656fa6e944cc6ecbbb11e9020347af
Commit Graph

1361 Commits

Author SHA1 Message Date
Kaworu
c87809a0f5 Separate redirects and flash messages in navigational_formats and flashing_formats 2013-11-01 21:47:40 +01:00
José Valim
9eb0768cb9 Add Rails 4 related todo 2013-10-31 14:40:44 +01:00
José Valim
e445039716 Merge pull request #2717 from memberful/2716-splat-sanitize-params 
Splat the arguments to strong_parameters#permit, fixes #2716
 2013-10-31 14:40:28 +01:00
José Valim
69d28f9b0e Add config.last_attempt_warning to default config 2013-10-26 11:56:31 +02:00
Benoit Bénézech
04e47687b2 remove respond_to in favor of an implementation that returns options 2013-10-24 17:29:53 +02:00
Benoit Bénézech
d5514bf916 Add options for FailureApp's i18n_message. Similar #1633 2013-10-24 16:49:13 +02:00
Dave Tong
8bef8b87f1 Add documentation to the 'after_database_authentication' method. 2013-10-24 08:25:00 +11:00
Vitaly Bezkrovny
bb810cfb8f * show message for last attempt, not for one-before-last one; 
* update test to check the message :invalid, :last_attempt, :locked
 2013-10-22 00:43:56 +03:00
José Valim
a8069be4c8 Improve devise_for docs to be make routes integration more explicit 2013-10-21 13:28:20 +02:00
Jay Hayes
21583cbf95 Update code comment to keep it up to date 
[#2691]
[ci skip]
 2013-10-21 13:21:11 +02:00
Jay Hayes
4861436298 Prevent mutation of orig values during case and wspace sanitizations 2013-10-21 13:21:05 +02:00
Vitaly Bezkrovny
e20e446cf4 + last_attempt 
+ @@last_attempt_warning

+ last_attempt? method;
* send :last_attempt key if it is the last attempt

+ test for last attempt

* update test to make two asserts

* update message
 2013-10-15 01:53:56 +03:00
Jessy Bernal
fa06b33dd3 Fix #2673 email templates generated with the good @token 2013-10-08 11:25:04 +02:00
Aaron Patterson
5300bdabc8 add a class method so you can encrypt passwords from fixtures 2013-10-06 13:53:12 +03:00
Ivan Zhidkov
2351d0215a Fix expire_session_data_after_sign_in! 2013-10-03 18:34:39 +04:00
José Valim
eaad61b2da Make it clear a restart is required when setting the secret key 2013-10-01 17:12:08 +02:00
Vasiliy Ermolovich
d75fd56f15 remove unused reset_password_token method 
closes #2621
 2013-09-14 12:30:23 +03:00
José Valim
6b3b0c5e8c Remove deprecated token lookups 2013-09-02 19:23:15 -03:00
José Valim
dff7891b97 Get rid of token authentication 2013-09-02 19:15:47 -03:00
José Valim
08edcc10fe Release 3.1.0 2013-09-02 19:02:48 -03:00
Alexander Zubkov
095572b6fd Add nulls to migration generator 2013-09-02 15:00:12 +04:00
Alexander Zubkov
b9112d4308 Handle nil failed_attempts 2013-09-02 14:48:19 +04:00
Pavel Pravosud
91f2bce08e Consistent single quotes in devise.rb generator 2013-08-30 22:21:12 +07:00
José Valim
3232d14b20 token authenticatable mentions 2013-08-21 17:33:38 +02:00
José Valim
72c3472fe1 Generate remember token 2013-08-19 20:33:21 +02:00
José Valim
1437ae2ce3 Release v3.1.0.rc2 2013-08-18 10:13:53 +02:00
Andri Möll
052cbef205 Don't confirm email after password reset. 
Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2013-08-18 10:13:35 +02:00
José Valim
b1754074e5 Only raise on missing secret key after a route is defined 2013-08-18 09:55:05 +02:00
José Valim
e8b70bb04d Include registration on docs 2013-08-17 09:19:28 +02:00
José Valim
5ecbbdf260 Update version.rb 2013-08-13 18:22:19 +02:00
José Valim
efe34219a9 Fix the build on Rails 3.2 2013-08-12 15:36:41 +02:00
José Valim
4e318b5167 Simplify parameter sanitization proposal 2013-08-11 22:20:59 +02:00
Alex Peattie
5e7caffc9e Extend params sanitizer, to make it easier to add/remove permitted params 
- Move the default permitted parameters into ParameterSanitizer::PermittedParameters
- Add devise_permitted_parameters helper
- devise_permitted_parameters.add to add permitted parameters
- devise_permitted_parameters.remove to remove Devise's defaults
- devise_permitted_parameters.for to access the parameters for a given action
- Update 'Strong Parameters' section of README

Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2013-08-11 22:20:59 +02:00
Gleb Mazovetskiy
e7de0d4c4c fix doc typo 2013-08-10 04:43:25 +02:00
José Valim
2a8d0f9bee Update CHANGELOG 2013-08-09 10:30:29 +02:00
José Valim
4681f81ce6 Document the :store option for sign in 2013-08-09 08:37:27 +02:00
José Valim
20cf73facf Merge pull request #2549 from joaomilho/master 
Using urlsafe_base64 cause it already handle url sensitive chars, keepin...
 2013-08-08 13:38:05 -07:00
José Valim
3dccf3c6ff Do not sign in after confirmation 2013-08-08 22:33:58 +02:00
José Valim
d56641f514 Move to SHA256 2013-08-06 12:14:51 +02:00
José Valim
354e5022bf Only allow insecure token lookup if a flag is given 2013-08-06 11:55:13 +02:00
José Valim
143794d701 Use HMAC on tokens stored in the DB 2013-08-05 18:56:07 +02:00
Juan Lulkin
4048545151 Using urlsafe_base64 cause it already handle url sensitive chars, keeping the replacement of the confusing chars, though 2013-08-05 14:54:56 +03:00
José Valim
32648027e2 Add Devise::KeyGenerator 2013-08-05 11:47:36 +02:00
José Valim
7e96bac6a4 Get rid of deprecated code 2013-08-05 11:24:04 +02:00
José Valim
f5a77ac598 Skip storage for cookies on unverified requests 2013-08-05 10:24:11 +02:00
José Valim
7c8c0f8dba Release 3.0.1 2013-08-02 23:25:11 +02:00
José Valim
747751a20f Protect against CSRF token fixation attacks 2013-08-02 23:13:15 +02:00
Paul Chobert
d88b3cedfb Remove trailing whitespaces 2013-07-28 23:15:42 +02:00
José Valim
11a77055f1 Merge pull request #2525 from jetthoughts/timeoutable-without-rememberable 
Fixed checking for rememberable in timeoutable
 2013-07-26 00:58:09 -07:00
José Valim
cd1bc53947 Do not generate attr_accessible for any Rails 4 app 2013-07-26 09:22:03 +02:00