github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,131 Commits 33 Branches 149 Tags
d20fdf87b6cc618306e92c66e11ef54e7eb1edce
Commit Graph

1253 Commits

Author SHA1 Message Date
Drew Ulmer
d20fdf87b6 Introduce BaseSanitizer null sanitizer and controller-specific callbacks 
This updates Devise's StrongParameter support to feature:

- A Null base sanitizer to support existing Rails 3.x installations that
  don't want to use StrongParameters yet
- A new, simpler API for ParameterSanitizer: #permit, #permit!, and #forbid
- Overrideable callbacks on a controller-basis, e.g. #create_sessions_params
  for passing the current scope's parameters through StrongParameters and
  a helper method, whitelisted_params, for rolling your own implementations
  of #create_x_params in your own controllers.
- Lots of tests!
 2013-04-10 10:33:50 -05:00
Drew Ulmer
78f137368c Add support for Rails 4 strong_parameters 
This brings support for Rails 4 StrongParameters changes.

- Parameter sanitizing is setup for Devise controllers via
  resource_params except Omniauth Callbacks which doesn't use
  resource_params.

- Change #build_resource to not call resource_params for get requests.
  Parameter sanitizing is only needed when params are posted to the
  server so there's no need to try to construct resource params on get
  requests (new, edit).
 2013-03-31 21:31:48 -05:00
Drew Ulmer
2f88f7c0ed Remove protected_attributes gem and all whitelisting 2013-03-31 15:21:49 -05:00
Scott Jacobsen
4549d8c65f Update recoverable.rb 
Fix type-o.
 2013-03-21 18:49:19 -06:00
José Valim
d90e365636 Merge pull request #2315 from neo/http_auth_key 
Allow explicit configuration of http auth key
 2013-03-07 09:43:08 -08:00
Lucas Mazza
22442907af Fix send_devise_notification arity in the documentation. 
[ci skip]
 2013-03-05 15:55:19 -03:00
Matt Jones + Tony Schneider
f4ceecece4 Allow explicit configuration of http auth key 
- Fix basic auth case in which authorized_keys is configured as hash
- Duplicate existing functionality when http_auth_key is not explicitly
  set
 2013-03-04 12:23:05 -05:00
Andrew White
c6578250d2 Improve documentation on sending delayed emails 
There are a couple of gotchas in the existing documentation
about the `send_devise_notification` hook.

1.  The `after_commit` callback can be called multiple times
    so you should clear the array otherwise any additional
    invocations will trigger extra copies of the email.

2.  The `after_commit` callback is only called when a record
    is created or updated so you need to check for `new_record?`
    or `changed?` before adding it to `pending_notifications`
    otherwise it's okay to send it immediately.

The `new_record? || changed?` condition is necessary because
the latter isn't always true for new records, e.g:

    >> User.new.changed?
    => false

[ci skip]
 2013-03-01 14:32:15 +00:00
Lucas Mazza
198bfff2de Merge pull request #2300 from fphilipe/scoped-serialization 
Make use of warden's scoped serialization
 2013-02-25 15:32:43 -08:00
José Valim
b388aae473 Merge pull request #2302 from islandr/master 
Mention devise-encryptable requirement in initializer template
 2013-02-25 14:05:15 -08:00
Ryan Mohr
f3928d8462 Mention devise-encryptable requirement for anything but bcrypt. 2013-02-25 10:42:06 -10:00
Philipe Fatio
c22d755cf4 Make use of warden's scoped serialization 2013-02-25 07:38:42 +01:00
Greg Gates
72cfaad618 Add #skip_confirmation_notification to Confirmable 2013-02-22 12:43:01 -05:00
Vasiliy Ermolovich
395a69b4ef allow_unconfirmed_access_for set to nil means unconfirmed access for unlimited time 
closes #2275
 2013-02-13 21:17:38 +03:00
Vasiliy Ermolovich
1b2460171e Merge pull request #2261 from plataformatec/issue-2253 
use scoped path to shared views if scope is present
 2013-02-08 15:43:39 -08:00
Vasiliy Ermolovich
f822f92321 use scoped path to shared views if scope is present 
closes #2253
 2013-02-09 02:35:06 +03:00
Stefan Boesen
3458e12274 Update lib/generators/templates/devise.rb 
Typo in template comment.
 2013-02-06 16:30:00 -08:00
Waldyr Guimarães Araújo de Souza
5ee07390b7 correcting tiny typo 2013-01-29 22:45:23 -02:00
Carlos Antonio da Silva
83ad67bd51 Fix inheriting mailer templates from Devise::Mailer 
Previously inheriting from Devise::Mailer would not render default views
from devise when the inheriting mailer didn't have the view. Now it'll
correctly pick the default one from Devise::Mailer.
 2013-01-29 00:08:26 -02:00
Carlos Antonio da Silva
af37800c1d Change match routes to get / post 
match without a verb is deprecated in Rails master.
 2013-01-28 20:23:13 -02:00
Rafael Mendonça França
bfa65dde70 Use the Ruby 1.8 hash syntax. 
Yes we still support Ruby 1.8 😢
 2013-01-28 13:21:44 -02:00
José Valim
d099d8f0ac Release v2.2.3 2013-01-26 11:43:17 -07:00
José Valim
5190f52857 Require string conversion for all values 2013-01-26 11:42:42 -07:00
Vasiliy Ermolovich
d3f8bd6cae add key option to rememberable_options 
closes #2218
 2013-01-20 23:16:25 +03:00
Jay Shepherd
cc017b1f0d Allow parent_mailer to be customizable via Devise.parent_mailer, useful for engines 2013-01-18 02:26:41 -06:00
José Valim
6c2f51e35e Release 2.2.2 2013-01-15 21:03:15 +01:00
Lucas Mazza
47db984f52 Apply the changes on 0c4615e33 to the simple_form template too. 2013-01-14 18:53:34 -02:00
José Valim
872ef2b97f Release 2.2.1 with fixes for 2.2.0 regressions 2013-01-11 19:15:54 +01:00
José Valim
33fb89340a Revert "update_with_password doesn't change encrypted password when it is invalid" 
This reverts commit 10235f9d72.
 2013-01-11 19:12:53 +01:00
José Valim
bd9bf326c0 Merge pull request #2206 from tigris/mailer_subject_rename 
Rename Devise::Mailer.translate() to something more inline with what it does
 2013-01-10 04:19:57 -08:00
Danial Pearce
d48414b0a5 Rename Devise::Mailer.translate() to something more inline with what it does. 2013-01-10 15:26:06 +11:00
José Valim
b6a7d11e5a Merge pull request #2205 from latortuga/2204-regression-with-db-authenticatable 
2204 regression with db authenticatable
 2013-01-09 09:52:14 -08:00
Drew Ulmer
75ce916be9 Call respond_to?(attr) before applying strip or downcase 
This avoids calling strip and downcase on globally configured keys that may
not exist on all devise models. Fixes #2204, a regression introduced by
PR #2135. Also included a note about the intentional use of respond_to.
 2013-01-09 11:42:54 -06:00
José Valim
b2b8b5bf9a Release v2.2.0 2013-01-08 21:30:43 +01:00
José Valim
19b5bcbe0f Accept mail options in Devise::Mailer and deprecate headers_for 2013-01-04 18:52:49 +01:00
José Valim
86f0bff332 Apparently Rails 3.1 does not like @headers as ivar 2012-12-13 09:59:36 +01:00
José Valim
30ab6f923d Release 2.2.0.rc 2012-12-13 09:20:46 +01:00
José Valim
839e8fc8ac Show if there is an e-mail waiting for confirmation, closes #2060 2012-12-13 09:13:33 +01:00
José Valim
4c83743263 unconfirmed_email now uses the proper e-mail on salutation, related to #2060 2012-12-13 09:02:59 +01:00
José Valim
e1fde192f2 Update CHANGELOG 2012-12-13 08:43:43 +01:00
Carlos Antonio da Silva
2261005ed5 Refactor a bit to avoid two model attributes lookup 
Tidy up tests a bit.
 2012-12-04 17:37:12 -02:00
Drew Ulmer
79e9d6e564 Allow validation callbacks to apply to virtual attributes 2012-12-01 21:06:33 -06:00
Aditya Sanghi
88dba417ef reverting part of #2164 which was a mistake 2012-12-02 00:24:09 +05:30
Aditya Sanghi
c026b5a3f6 minor documentation grammar update 2012-11-30 16:42:18 +05:30
José Valim
3696cbf33e Merge pull request #2148 from kukula/master 
Fix default email_regexp config to not allow spaces
 2012-11-21 02:58:30 -08:00
José Valim
cbfdcbeaed Merge pull request #2147 from gabetax/signin_nonexistent_error 
Support alternate sign in error message when email record does not exist
 2012-11-19 15:56:18 -08:00
Gabe Martin-Dempesy
130d684198 Change failure key for missing database resource to :invalid_email 2012-11-19 15:49:21 -08:00
Anatoliy Kukul
adc9a45f05 Used other regxp 2012-11-19 13:58:19 +02:00
Anatoliy Kukul
50186474d4 Fix default email_regexp config to not allow spaces 
Default email_regexp config accepted emails with spaces. e.g.: "test user@test server.com" http://rubular.com/r/jXGS8pmumd
Changed regexp to not allow spaces in email. e.g.:  http://rubular.com/r/tTD9PytGEp
 2012-11-19 13:40:54 +02:00
Gabe Martin-Dempesy
ffab77c35e Fix typo on nonexistent error 2012-11-18 15:19:15 -08:00