github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
611 Commits 33 Branches 149 Tags
e9057626111bcc185da0f1d8d8ca93c32fe5a996
Commit Graph

270 Commits

Author SHA1 Message Date
José Valim
e905762611 Clean up the whole loading mess and closes #247. This commit depends on latest Rails. 2010-05-16 00:38:40 +02:00
José Valim
d38421dde8 Green tests on Rails master, closes #261 2010-05-15 10:39:11 +02:00
José Valim
708fe78d86 Ensure password confirmation is always required, closes #228 2010-04-25 09:38:56 +02:00
José Valim
41311eb38d Move mailer configuration to the app. 2010-04-25 09:26:51 +02:00
José Valim
4da63c5395 Ensure routes are loaded before application classes are eager loaded, closes #212. 2010-04-22 19:59:52 +02:00
José Valim
b9c0676a01 Get rid of deprecation warnings. 2010-04-15 08:43:39 +02:00
José Valim
731f156f50 Do not show unlock link unless strategy is e-mail. Closes #204. 2010-04-15 08:40:15 +02:00
José Valim
b2a50db1df Fix a bug with STI. Closes #195. 2010-04-15 08:34:57 +02:00
José Valim
6bd0c7fc2b :as and :scope in routes is deprecated. Use :path and :singular instead. Closes #199. 2010-04-15 08:21:13 +02:00
José Valim
8db559148c All tests green on latest Rails beta. 2010-04-13 23:28:13 +02:00
José Valim
fd934f1434 Revert "Only triggers http in failure app if devise.authentication_method is :http." 
It has not fixed the problem it was supposed to fix.
This reverts commit 9d1a52978c.
 2010-04-06 22:36:41 +02:00
José Valim
c07b5ae858 :activatable is included by default in your models. If you are building a strategy for devise, you now need to call validate(resource), since Devise has now a default API to validate resources before and after signing them in. You can still use other Warden::Strategies with Devise, but they won't work with a few modules like unlockable (they never did, but now we have a single point to make it work). 2010-04-06 16:34:22 +02:00
José Valim
9d1a52978c Only triggers http in failure app if devise.authentication_method is :http. 2010-04-06 13:40:39 +02:00
José Valim
0d3c6b9d99 Small changes to token_authenticatable. 2010-04-06 13:26:56 +02:00
José Valim
1591294b7a Compatibility with Rails beta 3. 2010-04-05 11:46:26 +02:00
José Valim
b974b7bc78 Move failure messages from devise.sessions to devise.failure. 2010-04-03 13:11:45 +02:00
José Valim
23e608e27b No need to append ?unauthenticated=true in URLs anymore since Flash was moved to a middleware in Rails 3. 2010-04-03 11:43:31 +02:00
José Valim
f5d01c217d TokenAuthenticatable now works with HTTP Basic Auth by default (take a look at Highrise API for a good example). This basically allows you to pass the authentication token as HTTP Basic Auth username. 2010-04-01 19:09:33 +02:00
José Valim
2b5a068246 Move part of the logic in SessionsController#create to the FailureApp. Whenever Warden is invoked with a :recall, the failure app will recall the chosen controller and the action given to recall. 2010-04-01 17:30:55 +02:00
José Valim
13b8ddf54c Ensure customs pass through sessions_controller. 2010-04-01 14:00:21 +02:00
José Valim
16666b7587 Get rid of flash hook and clean up passwords after registration. 2010-04-01 13:23:49 +02:00
José Valim
dac7887d7c Allow the dummy application in test/rails_app to boot. 2010-04-01 12:49:11 +02:00
José Valim
3d1a04fd83 Fix warden configuration. 2010-03-31 22:04:48 +02:00
José Valim
015c74e734 Use message verifier in cookies. Previous implementation allowed brute force attacks by cookies. Even though it is impossible for the brute force attack to succeed, the current implementation blocks the attacker even before hitting the database. 2010-03-31 13:31:45 +02:00
José Valim
6cc32db2dd Add lock_strategy. 2010-03-31 11:54:11 +02:00
José Valim
597a930c74 We do not use t() helpers in views, so there is no reason why this particular one should use them. 2010-03-30 20:06:56 +02:00
José Valim
22e1fa0cb9 Small cleanup. 2010-03-30 00:29:57 +02:00
Josh Kalderimis
a6a018253e minor change to content type checking to make it more flexible when utf8 is returned 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-03-30 00:23:46 +02:00
José Valim
7d14f0bbb9 Allow several authentications to share a common path. 2010-03-29 23:44:47 +02:00
José Valim
65b8908960 Create authenticatable base model and strategy. 2010-03-29 20:52:48 +02:00
José Valim
1c5d4771ff Initial work on making the authentication stack more flexible. 2010-03-29 16:13:19 +02:00
José Valim
604b7ef61c Move http authenticatable response to failure app. 2010-03-29 15:16:14 +02:00
Jacques Crocker
1c39590e20 Devise / DataMapper updates 
allows devise to work with the upcoming dm-validation changes
 2010-03-28 20:53:22 -07:00
Jacques Crocker
6d31e368bf Use persisted? instead of new_record? 
In order to be more ActiveModel compliant, lets use persisted? whereever we can. Particularly for datamapper, new_record? causes api warnings. Better to stick to the ActiveModel api I think.
 2010-03-28 20:53:13 -07:00
José Valim
2a082f3e4c Fix some unlockable bugs. 2010-03-28 23:09:28 +02:00
José Valim
033db1ca7c Do not depend on silence_missing_strategies! anymore. This speeds up strategies matching because we don't need to check if the model duck types to the strategy and it doesn't trigger uneeded strategies. 2010-03-28 14:55:05 +02:00
José Valim
ea71be8d2a More compatibility with Rails master. 2010-03-28 07:15:52 +02:00
Jacques Crocker
6bcf18b04f Mongoid support cleanup 
moving test specific == override part of the test models and not part of the Compatibility module included in all Mongoid docs. Made sure that nothing in devise itself uses this == between 2 different models, its purely for assert_equal
 2010-03-27 16:16:36 -07:00
Jacques Crocker
bb504e08aa Initial Datamapper test suite 
Test suite runs, however there's still some failing tests. This allows us to at least have a working test suite so they can fix these datamapper spec failures individually.
 2010-03-27 16:15:23 -07:00
Jacques Crocker
e127463ac8 Adding Mongoid 2.0 Support, Removing MongoMapper for now 2010-03-26 13:37:38 -07:00
José Valim
bd4b29c0fd sign_in_count shoud default to zero. 2010-03-26 12:56:24 +01:00
Carlos Antonio da Silva
a5ba2ac1a8 Use prepend_before_filter in require_no_authentication. 
We need to be sure require_no_authentication runs before other user filters that may call some Devise helper (ie current_xxx).

Conflicts:

	app/controllers/devise/passwords_controller.rb
	app/controllers/devise/registrations_controller.rb
	app/controllers/devise/sessions_controller.rb
	app/controllers/devise/unlocks_controller.rb
	lib/devise/controllers/internal_helpers.rb
	test/rails_app/app/controllers/application_controller.rb
 2010-03-26 08:26:51 -03:00
José Valim
ca4e09390e Compatibility with Ruby 1.9.1 and 1.9.2. 2010-03-26 11:27:19 +01:00
Andreas Haller
5c19605d6f Fixed test: calling Mail::Body#encoded to get a String (Rails 3) 
From Rails' CHANGELOG
… Mail.body returns a Mail::Body class object, need to call #encoded or #decoded to get the string you want.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-03-26 11:00:46 +01:00
José Valim
ae729aedc3 Allow devise to work with association proxies. 2010-03-26 10:19:31 +01:00
José Valim
12b64c691f Add support to multipart e-mails (just put them in your mailers folder) and headers customization by simply defining headers_for in your model. 2010-03-26 10:01:24 +01:00
Josh Kalderimis
4d3a3ceb43 added test to confirm order in ALL is being adhered to when adding and including module in model 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-03-26 09:31:25 +01:00
José Valim
28a6be456a Require files before monkey patching them. 2010-03-23 16:28:17 +01:00
José Valim
3f0bae1968 Allow to give :skip in devise_for to skip routes for an specific controller. 2010-03-12 09:54:57 +01:00
José Valim
ac742e3271 Clean up lockable and class methods API. 2010-03-10 16:13:54 +01:00