github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,188 Commits 33 Branches 149 Tags
e242ca09379b462888ea75ea1d7ea7247ec562b3
Commit Graph

190 Commits

Author SHA1 Message Date
José Valim
e242ca0937 Fix failing tests. 2011-06-10 11:10:56 +02:00
Stefan Wrobel
8e87a2d80d Add strip_whitespace_keys which works like case_insensitive_keys but strips whitespace from emails 2011-06-10 01:37:43 -07:00
José Valim
2e61e52520 Fix failing test. 2011-05-23 18:22:32 +02:00
José Valim
e763f843c4 Tests pass on 3.0.7 2011-05-04 19:24:11 +02:00
fabian
56f7fbf2d1 use 'devise.skip_trackable' instead of DNT headers 2011-05-04 15:21:12 +02:00
fabian
89b53ea39c respect do not track headers in trackable 2011-05-04 14:44:37 +02:00
José Valim
4fd866d113 User cannot access sign up and similar pages if he is already signed in through a cookie or token, closes #1036. 2011-04-29 08:56:57 +02:00
José Valim
29afe2d21c Other minor improvements in the REST code. 2011-04-19 08:36:52 +02:00
José Valim
a722c6236c to_json does not guarantee the order. 2011-04-18 13:03:31 +02:00
SixArm
2a5669967f Change test email addresses to ues RFC 2606 reserved domain example.com 2011-04-18 15:59:13 +08:00
José Valim
4a4dcb30ef sessions/new also responds to xml and json now 2011-04-18 09:56:24 +02:00
José Valim
0d74c1b4f0 Move it to the junk drawer. :) 2011-04-16 13:18:28 +02:00
Jack Dempsey
cb622e99d8 create new integration test file for flash related tests 2011-04-16 19:16:34 +08:00
Prem Sichanugrist
97f0bacfa0 Add support for non-navigational formats in PasswordsController 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-30 13:39:08 +02:00
Prem Sichanugrist
210bc6aa66 Add support for non-navigational formats in UnlocksController 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-30 13:38:16 +02:00
Prem Sichanugrist
8170d5e340 Add support for non-navigational formats in ConfirmationsController 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-30 13:38:00 +02:00
Prem Sichanugrist
6225902034 Add support for non-navigational formats in RegistrationsController 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-30 13:37:41 +02:00
Prem Sichanugrist
0487e9eafe Add support for destory_user_session_path in another non-navigational formats such as JSON and XML 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-30 13:36:50 +02:00
Vinicius Baggio
15d195d2f0 Fixing OmniAuth integration tests since now it has support for failure scenarios 2011-03-12 13:58:19 -03:00
José Valim
3f4fb1a769 Improve previous patch. 2011-03-11 20:46:08 +01:00
gilles
1982ad9f57 fix for possible injection with mongo 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-03-11 20:24:24 +01:00
Vinicius Baggio
9bff1cf658 Fixing assertion in integration test 2011-02-25 14:57:49 -03:00
Vinicius Baggio
305059f573 Consider SCRIPT_NAME on omniauth url helper. Closes #876 2011-02-25 14:20:12 -03:00
José Valim
43a3431c3e Add a test to ensure user.remember_me = true followed by a sign in sends the cookie, closes #776 2011-02-24 22:24:21 +01:00
José Valim
2e43944567 Move rememberable back to a hook. 2011-02-24 21:55:52 +01:00
Vinicius Baggio
352edc024b Cleaning up test helpers related to OmniAuth. 
Developers should rely on OmniAuth's new testing API. Check
https://github.com/intridea/omniauth/wiki/Integration-Testing
for more details.
 2011-02-24 16:50:22 -03:00
Vinicius Baggio
970457f2c2 Fixing test error when dealing with multiple time zones 2011-02-23 14:24:42 -03:00
José Valim
ca293d17ba Implement Rails' handle unverified request. 2011-02-15 10:58:38 +01:00
José Valim
6a6ed6702e Improve tests and update CHANGELOG. 2011-02-15 10:07:08 +01:00
Nate Todd
2d0f887ba7 Preventing timeoutable from interfering with stateless tokens. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-02-15 09:54:13 +01:00
José Valim
aac9c40cba Ensure after hooks are called on registrations controller, closes #852 2011-02-15 09:41:35 +01:00
José Valim
af1295284c rememberable cookie now is httponly by default 2010-12-25 12:04:04 +01:00
JamesFerguson
1b43cb5203 Added assertion testing that remember_user_token cookie is flagged as HttpOnly. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-12-25 11:49:40 +01:00
Prem Sichanugrist
e8e3df3891 Add support for non-navigational format response to SessionsController 
This will make Devise::SessionsController return the authenticated object in the requested format instead of redirect the client to another page upon success authentication.
 2010-12-25 17:57:15 +08:00
Carlos Antonio da Silva
268eae1013 Add update_attribute method to Mongoid Shim for devise tests, to fix failing test 
Mongoid does not have this method in the current beta version (2.0.0.beta.20).
 2010-11-26 01:14:27 -02:00
José Valim
71450998c5 Avoid session fixation attacks. 2010-11-20 23:18:41 +01:00
Andrew Dahl
8d1e23c67d add unit and integration tests for case insensitive keys 2010-11-20 15:54:01 +01:00
Denis Hennessy
19219cbe0f Fix for HTTP Basic Auth when base64 encoded string wraps 
When using a token longer than approximately 45 characters, the base64 encoded string passed in
the HTTP_AUTHORIZATION header will contain newline characters. The existing implementation used
a regex which didn't handle this case correctly.
 2010-11-15 16:40:39 +08:00
José Valim
c7efb68a77 Devise does not intercept 401 returned from applications anymore 2010-11-09 23:42:14 +01:00
José Valim
3e38043085 Properly handle failure. 2010-10-18 15:00:34 +02:00
José Valim
611261c64e More tests for Omniauth. 2010-10-18 15:00:34 +02:00
José Valim
cdbd03c45a Simplify I18n lookup. 2010-10-14 14:43:41 +02:00
takahashim
a1c80b6211 use I18n'ed header on error messages block 2010-10-04 15:38:07 +08:00
José Valim
db1ce8eeb2 Sign up now check if the user is active or not and redirect him accordingly setting the inactive_signed_up message. This commit also moves after_update_path_for to inside RegistrationsController, not allowing it to be overriden inside ApplicationController anymore. 2010-09-30 09:12:00 +02:00
José Valim
e01dccaefb Fix recoverable tests. 2010-09-30 09:05:11 +02:00
Pat Allan
16c39a9f17 Making sure timeoutable respects rememberable if both are loaded. 2010-09-29 15:27:54 +08:00
José Valim
ef3480004c Ensure we are pointing to the proper sessions controller on failure. 2010-09-26 21:12:05 +02:00
José Valim
38f3f6318a cookie_domain is deprecated in favor of cookie_options which uses session_options by default. 2010-09-25 21:13:54 +02:00
José Valim
531f221be7 Allow :stateless_token to be set to true avoiding users to be stored in session through token authentication 2010-09-25 20:28:14 +02:00
José Valim
617e142e34 Store the salt in session and expire the session if the user changes his password 2010-09-25 17:24:56 +02:00