github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-21 12:48:09 -05:00
Code Issues Packages Projects Releases Wiki Activity
943 Commits 28 Branches 145 Tags
v1.2.rc
Commit Graph

664 Commits

Author SHA1 Message Date
José Valim
4977bd1222 Fix indifferent access on session issue. 2010-11-25 00:06:39 +01:00
José Valim
71450998c5 Avoid session fixation attacks. 2010-11-20 23:18:41 +01:00
José Valim
6f205fe4c4 Tidy up. 2010-11-20 21:44:53 +01:00
Steve Ross
4a8f9a9ba8 set_flash_message: Added conditional to make certain flash entries are not set if message is blank. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-11-20 21:42:25 +01:00
José Valim
d8016ea3fd Ensure namespaces has proper scoped views, closes #654 2010-11-20 21:41:26 +01:00
José Valim
6bfcbeffdd Tidy up and update CHANGELOG. 2010-11-20 21:19:12 +01:00
Andrew Dahl
8d1e23c67d add unit and integration tests for case insensitive keys 2010-11-20 15:54:01 +01:00
Andrew Dahl
e911abf13b changed case_insensitive_keys config setting to an array and added downcasing of keys as a before filter on database authentication module 2010-11-18 23:29:53 +01:00
Andrew Dahl
94c666e439 first attempt 2010-11-18 21:24:42 +01:00
Andrés Mejía
020f919dcd Tpyo. 2010-11-15 18:35:15 +08:00
José Valim
b70b72b6b0 Rollback to use the regexp result. 2010-11-15 10:01:45 +01:00
Denis Hennessy
19219cbe0f Fix for HTTP Basic Auth when base64 encoded string wraps 
When using a token longer than approximately 45 characters, the base64 encoded string passed in
the HTTP_AUTHORIZATION header will contain newline characters. The existing implementation used
a regex which didn't handle this case correctly.
 2010-11-15 16:40:39 +08:00
Robert Peters
32c6f7b00b For #646 - modify the configuration text that is output for confirm_within so that it matches the actual default value. If you use nil as a value, it crashes trying to call nil.ago 2010-11-13 15:50:33 +08:00
José Valim
67a49f3b75 Ensure authenticatable_salt can be nil. 2010-11-11 22:51:39 +01:00
José Valim
14d772972d No need to set a pepper in a bcrypt world. 2010-11-11 12:54:09 -08:00
José Valim
b2496d1bc1 Smallish updates. 2010-11-11 13:53:52 +01:00
José Valim
c7efb68a77 Devise does not intercept 401 returned from applications anymore 2010-11-09 23:42:14 +01:00
José Valim
505bd39700 failure_app now properly handles nil request.format 2010-11-09 23:30:53 +01:00
José Valim
931b902583 Fix failing tests. 2010-11-09 22:27:46 +01:00
José Valim
835d1044ae Fix a problem with IE7 headers. 2010-11-08 22:45:42 +01:00
José Valim
1f44c61d08 Improve error messages, closes #574 2010-11-06 08:54:03 +01:00
Mike Gehard
9b468816dd Add in some instructions for getting routes to a custom action on a Devise override controller 2010-11-06 15:52:29 +08:00
bUg
ab033ea986 fix for omniauth 0.2.0 2010-11-04 08:21:34 +08:00
David A. Cuadrado
09a46695f2 omniauth route should not add a ? if no param is given 2010-10-31 03:06:53 +08:00
David A. Cuadrado
bf19b15914 added open id support via omniauth 2010-10-31 03:06:52 +08:00
bUg
c429fe8d1c fixed bug 'Could not find a valid mapping for path /users/auth/:provider/callback' when devise_for called inside scope 2010-10-30 08:57:13 +08:00
bUg
d8f33b8925 omniauth routes fix, see devise issue #600 2010-10-29 20:48:40 +08:00
José Valim
e30c0f3319 Do not automatically set filter_parameters. 2010-10-26 18:07:06 -02:00
bUg
6b04312be5 get -> match for omniauth callbacks 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-10-26 17:55:18 -02:00
José Valim
31edd76369 Remove crazy controllers handling code. 2010-10-18 15:01:38 +02:00
José Valim
3e38043085 Properly handle failure. 2010-10-18 15:00:34 +02:00
José Valim
611261c64e More tests for Omniauth. 2010-10-18 15:00:34 +02:00
José Valim
2f360bf201 Remove OAuth2 in favor of OmniAuth. 2010-10-18 15:00:34 +02:00
José Valim
5d4e4fbb88 Automatically set OmniAuth path prefix 2010-10-18 15:00:34 +02:00
José Valim
21d5e50054 Basic omniauth support. 2010-10-18 15:00:34 +02:00
George Guimarães
bca72ddf59 fixing typo and whitespaces 2010-10-16 20:17:39 -03:00
Jared Morgan
0aa21dca4c Use to_adapter.get in Warden::SessionSerializer#deserialize 2010-10-17 04:22:22 +08:00
Jared Morgan
31170b9100 Use to_adapter in two more methods 
Authenticatable.generate_token and Warden::SessionSerializer#deserialize
 2010-10-17 04:22:22 +08:00
José Valim
cdbd03c45a Simplify I18n lookup. 2010-10-14 14:43:41 +02:00
José Valim
8a8ba6c70c Depend on ORM Adapter. 2010-10-10 17:51:32 +02:00
José Valim
e4c5158851 Sign out by default will destroy the existing session. 2010-10-10 17:51:32 +02:00
José Valim
7bc37e5237 Provide a better encryptor message and update Gemfile.lock. 2010-10-10 17:51:32 +02:00
Sean Cribbs
9f032350e3 Use ActiveModel's to_key instead of id. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-10-10 17:51:32 +02:00
José Valim
94ccfc5322 Remove deprecation warnings on Rails 3.1. 2010-10-10 17:51:31 +02:00
Sebastián Gamboa
721843c841 Allow to conditionally skip email validation. 2010-10-05 05:42:20 +08:00
José Valim
db1ce8eeb2 Sign up now check if the user is active or not and redirect him accordingly setting the inactive_signed_up message. This commit also moves after_update_path_for to inside RegistrationsController, not allowing it to be overriden inside ApplicationController anymore. 2010-09-30 09:12:00 +02:00
Pat Allan
16c39a9f17 Making sure timeoutable respects rememberable if both are loaded. 2010-09-29 15:27:54 +08:00
José Valim
fbb77a6edd Ensure bcrypt also uses pepper for backward compatibility. 2010-09-28 17:45:34 +02:00
Carlos Antonio da Silva
98e69cfd71 Remove unused options param for token_auth schema, and avoid creating a new hash 2010-09-26 14:08:25 -03:00
Carlos Antonio da Silva
6a09daf570 Don't need to extend ActiveSupport::Concern anymore in oauth helpers 2010-09-26 11:47:56 -03:00