github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
829 Commits 33 Branches 149 Tags
ec0e105c5201b2ab41fc1fc4944504a271f0647f
Commit Graph

356 Commits

Author SHA1 Message Date
Martin Davidsson
ec0e105c52 Incorporate feedback from carlosantoniodasilva and update rememberable 
tests
 2010-09-24 11:08:59 +08:00
Thibaud Guillaume-Gentil
c121d8026e Avoid BCrypt::Errors::InvalidSalt: invalid salt 
when password_salt is nil.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 12:09:07 +02:00
José Valim
5429f940e7 Refactor code related with authentication keys on password recovery and account unlocking, closes #396. 2010-09-21 12:05:17 +02:00
RStankov
850afec96e make User#send_reset_password_instructions to require all authentication_keys 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 11:47:07 +02:00
RStankov
fb86f772e7 make User#send_unlock_instructions to require all authentication_keys 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 11:46:57 +02:00
José Valim
b2066cc229 Add request_keys support. Closes #401. 2010-09-21 11:45:44 +02:00
José Valim
7c630fdb5e Do not execute Warden::Callbacks on Devise::TestHelpers. Closes #414. 2010-09-21 10:50:01 +02:00
Sam Grönblom
57ab87a1b6 Added four tests related to Warden callbacks 
Two tests are to ensure that the callbacks are called at all. The other
two test ensure that the user parameter provided to the callback is not
nil.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 10:31:09 +02:00
José Valim
ff0b4deb1a Add reply-to to e-mail headers by default. Closes #474 2010-09-21 10:07:02 +02:00
takahashim
a9f7b3258a fix TypeError in test_sign_in_with_script_name(AuthenticationOthersTest) 2010-09-16 23:02:49 +08:00
Pelle Braendgaard
7b069e641b Improved test thanks to Jose Valim. 2010-09-14 03:55:10 +08:00
Pelle Braendgaard
2fdb71716f The http authentication code was not checking for the type of authentication in the Authentication header. 
This caused issues with OAuth header authentication.
Please note I have added a test but I'm not sure it works right as it doesn't fails without the change :-)
But it does fix failures in the oauth-plugin provider specs using devise.
 2010-09-14 03:55:09 +08:00
José Valim
31d7020637 Reorganize tests for failure app and add entries to CHANGELOG. 2010-08-31 23:55:25 +02:00
Santiago Pastorino
e582112369 set WWW-Authenticate header on http_auth if request is not xhr 2010-09-01 05:35:40 +08:00
Santiago Pastorino
5fb5efbd42 Returning WWW-authenticate on ajaxs calls depends only on Devise.http_authenticatable_on_xhr config 2010-08-31 23:51:58 +08:00
José Valim
b8ab9a835b Disable HTTP Authentication by default. You can turn it on in the initializer. 2010-08-23 10:22:31 -03:00
José Valim
617b95fdcd sign_out_all_scopes is true by default. 2010-08-23 09:18:39 -03:00
José Valim
731650a0f1 after_sign_in_path_for always receives a resource 2010-08-23 08:56:10 -03:00
Carlos Antonio da Silva
81c49c69df Fix failing helper test and test descriptions 2010-08-13 09:02:51 -03:00
Martin Rehfeld
f3385e96ab use :sign_out_via to control the method(s) for the destroy_*_session_path route 2010-08-13 19:16:59 +08:00
Martin Rehfeld
f04e633542 provide :sign_out_via option for Devise::Mapping 2010-08-13 19:16:58 +08:00
Carlos Antonio da Silva
01c272c692 Add some tests to helper creation using namespaces, to better show how it works. 2010-08-02 08:52:12 -03:00
José Valim
c31b1f2146 Remove skipped handling from OAuth in favor of exceptions and rescue_from syntax. 2010-07-28 21:51:26 +02:00
José Valim
fefbf51c79 scope_signed_in? helpers now simply delegate to current_scope to improve performance. 2010-07-26 20:33:23 +02:00
José Valim
4ac6b6e407 Unit tests for OAuth. 2010-07-26 20:33:23 +02:00
José Valim
4bfa98eb7c More and more tests to DeviseOauth. 2010-07-26 20:33:23 +02:00
José Valim
00c6f583e2 More OAuth tests. 2010-07-26 20:33:22 +02:00
José Valim
adba4e2262 Register cancel route so a shortcut is created. 2010-07-26 20:33:22 +02:00
José Valim
ac8221aca7 Add cancel to registrations controller as a way to delete information from session. 2010-07-26 20:33:22 +02:00
José Valim
bd8d11e291 More minor tweaks to README> 2010-07-26 20:33:22 +02:00
José Valim
0d6f303735 Add a small connection stubbing API. 2010-07-26 20:33:22 +02:00
José Valim
ef841ca17d Start to add helpers for OAuth tests. 2010-07-26 20:33:22 +02:00
José Valim
17ec0c08ed Expire all /_oauth_token$/ keys in session after sign in, so if two users create accounts in the same session, the facebook account will be linked just to the first one. 2010-07-26 20:32:06 +02:00
José Valim
bd8294aecf More OAuth setup. 2010-07-26 20:32:04 +02:00
José Valim
6c5be8dfd5 Initial routes and module setup. 2010-07-26 20:32:04 +02:00
José Valim
c5999c8f61 Tests green on mongoid as well. 2010-07-26 20:25:02 +02:00
José Valim
81620fecab More about extend remember period feature. 2010-07-23 23:57:31 +02:00
Trevor Turk
2939a61a49 documentation tweaks for extend_remember_period 2010-07-24 01:06:10 +08:00
José Valim
058d433f28 Add extend_remember_period, closes #340. 2010-07-23 16:32:22 +02:00
Stefan Huber
5aeb8cf1cf small documentation fix 2010-07-23 01:33:08 +08:00
José Valim
b4794e041b Save confirmation token to the database, if one does not exist but was requested, closes #377 2010-07-14 18:03:34 +02:00
José Valim
e567c00dd8 Store classes as string in session, to avoid serialization and stale data issues, closes #356 2010-07-12 07:48:19 +02:00
José Valim
2602ef41cf Do not add unlock routes unless unlock strategy is email or both, closes #373 2010-07-12 07:24:21 +02:00
José Valim
a87bc4a861 Also pass stretches to salt generation. 2010-07-12 06:59:49 +02:00
José Valim
9c5ff02ff1 Update CHANGELOG and tidy up tests. 2010-07-07 21:32:13 +02:00
James Pellow
b9df42c350 Add tests for http_authenticatable_on_xhr option 2010-07-08 03:21:13 +08:00
José Valim
bd0e2a3180 devise_for now accepts a block. All routes inside the block uses the scope defined by devise_for. 
You are now allowed to do:

  devise_for :users do
    # Non conventional sign_in route
    get "/sign_in" => "devise/sessions#new"
  end

And it should work as expected.
 2010-07-07 10:51:14 +02:00
José Valim
750560ae87 Ensure method is always POST on new.html.erb forms, closes #365. Also, start to remove usage of assert_template. 2010-07-06 16:01:22 +02:00
Carlos Antonio da Silva
77b7692b57 Regenerate devise initializar and get rid of some deprecation warnings from Devise and Rails. 2010-07-06 08:40:32 -03:00
José Valim
ae6322efb5 No longer retrieve the user from paths, but use the env hash. This change deprecates use_default_scope. 
If you have non conventional routes and want to specify the scope for a controller, you can do that at the router level:

  as :user do
    get "/sign_in", :to => "devise/session#new"
  end

This is saying: when accessing "/sign_in", devise should use the user scope. Meaning that users signed through that form will be signed to the user scope.
 2010-07-06 01:33:32 +02:00