github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-21 04:38:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
943 Commits 28 Branches 145 Tags
v1.2.rc
Commit Graph

403 Commits

Author SHA1 Message Date
Carlos Antonio da Silva
268eae1013 Add update_attribute method to Mongoid Shim for devise tests, to fix failing test 
Mongoid does not have this method in the current beta version (2.0.0.beta.20).
 2010-11-26 01:14:27 -02:00
Carlos Antonio da Silva
eb7760b4b2 Make sure to load test gems only in Devise test env 2010-11-26 00:55:16 -02:00
Carlos Antonio da Silva
112f499937 Use UTC for Mongoid timestamps, so it conforms with AR. 2010-11-26 00:54:08 -02:00
Carlos Antonio da Silva
ed30114bd8 Fix changelog e cleanup white spaces 2010-11-21 11:25:37 -02:00
José Valim
71450998c5 Avoid session fixation attacks. 2010-11-20 23:18:41 +01:00
Steve Ross
4a8f9a9ba8 set_flash_message: Added conditional to make certain flash entries are not set if message is blank. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-11-20 21:42:25 +01:00
José Valim
d8016ea3fd Ensure namespaces has proper scoped views, closes #654 2010-11-20 21:41:26 +01:00
Andrew Dahl
8d1e23c67d add unit and integration tests for case insensitive keys 2010-11-20 15:54:01 +01:00
Denis Hennessy
19219cbe0f Fix for HTTP Basic Auth when base64 encoded string wraps 
When using a token longer than approximately 45 characters, the base64 encoded string passed in
the HTTP_AUTHORIZATION header will contain newline characters. The existing implementation used
a regex which didn't handle this case correctly.
 2010-11-15 16:40:39 +08:00
José Valim
67a49f3b75 Ensure authenticatable_salt can be nil. 2010-11-11 22:51:39 +01:00
José Valim
b2496d1bc1 Smallish updates. 2010-11-11 13:53:52 +01:00
José Valim
c7efb68a77 Devise does not intercept 401 returned from applications anymore 2010-11-09 23:42:14 +01:00
José Valim
505bd39700 failure_app now properly handles nil request.format 2010-11-09 23:30:53 +01:00
José Valim
835d1044ae Fix a problem with IE7 headers. 2010-11-08 22:45:42 +01:00
José Valim
ad8d2d7d99 Be more helpful in the already confirmed message, closes #613 2010-11-06 08:54:03 +01:00
stJhimy
e8dd48c824 Added test for Devise::Generators::ViewsGenerator with scope 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-11-06 08:54:03 +01:00
stJhimy
0948334393 Added test for Devise::Generators::ViewsGenerators with no params 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-11-06 08:54:03 +01:00
stJhimy
3b1f1ea719 Added test for Devise::Generators::InstallGenerator 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-11-06 08:54:03 +01:00
David A. Cuadrado
09a46695f2 omniauth route should not add a ? if no param is given 2010-10-31 03:06:53 +08:00
David A. Cuadrado
bf19b15914 added open id support via omniauth 2010-10-31 03:06:52 +08:00
bUg
94622054de tests for Devise::Mapping.find_by_path! 2010-10-30 08:57:14 +08:00
bUg
6b04312be5 get -> match for omniauth callbacks 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-10-26 17:55:18 -02:00
José Valim
3e38043085 Properly handle failure. 2010-10-18 15:00:34 +02:00
José Valim
611261c64e More tests for Omniauth. 2010-10-18 15:00:34 +02:00
José Valim
2f360bf201 Remove OAuth2 in favor of OmniAuth. 2010-10-18 15:00:34 +02:00
José Valim
cdbd03c45a Simplify I18n lookup. 2010-10-14 14:43:41 +02:00
José Valim
e4c5158851 Sign out by default will destroy the existing session. 2010-10-10 17:51:32 +02:00
Sean Cribbs
9f032350e3 Use ActiveModel's to_key instead of id. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-10-10 17:51:32 +02:00
takahashim
a1c80b6211 use I18n'ed header on error messages block 2010-10-04 15:38:07 +08:00
dewski
69ecbd1fa3 removed the occurances of =%> at the end of erb blocks and replaced them with -%> 2010-10-02 05:56:29 +08:00
José Valim
db1ce8eeb2 Sign up now check if the user is active or not and redirect him accordingly setting the inactive_signed_up message. This commit also moves after_update_path_for to inside RegistrationsController, not allowing it to be overriden inside ApplicationController anymore. 2010-09-30 09:12:00 +02:00
José Valim
e01dccaefb Fix recoverable tests. 2010-09-30 09:05:11 +02:00
Pat Allan
16c39a9f17 Making sure timeoutable respects rememberable if both are loaded. 2010-09-29 15:27:54 +08:00
José Valim
ef3480004c Ensure we are pointing to the proper sessions controller on failure. 2010-09-26 21:12:05 +02:00
Carlos Antonio da Silva
ffaba3f1d3 Avoid RAILS_DEFAULT_LOGGER deprecation warning from Webrat 
This must be fixed in Webrat.
 2010-09-26 14:53:36 -03:00
Carlos Antonio da Silva
f60123ce01 Bump webrat to 0.7.1 2010-09-26 14:45:00 -03:00
Carlos Antonio da Silva
a7cc3388b4 Regenerate devise config file for tests and get all tests green on mongoid 2010-09-26 14:31:08 -03:00
Carlos Antonio da Silva
98e69cfd71 Remove unused options param for token_auth schema, and avoid creating a new hash 2010-09-26 14:08:25 -03:00
José Valim
38f3f6318a cookie_domain is deprecated in favor of cookie_options which uses session_options by default. 2010-09-25 21:13:54 +02:00
José Valim
531f221be7 Allow :stateless_token to be set to true avoiding users to be stored in session through token authentication 2010-09-25 20:28:14 +02:00
José Valim
617e142e34 Store the salt in session and expire the session if the user changes his password 2010-09-25 17:24:56 +02:00
José Valim
09088706bb Extract encryptors into their own module for better bcrypt support. 2010-09-25 16:08:46 +02:00
José Valim
31d821c2e0 Allow to Rememberable to work without remember_token relying on salt if possible. 
This comes with the benefit that if you change your password, all remember tokens expires, and it also requires one field less in the database.

The downside is that if you want remember_me_across_browser to be false, it won't work unless you use the token. It also requires you to be using database_authenticable.

Using salt is now the default in Devise.
 2010-09-25 13:07:24 +02:00
José Valim
1ed674afa8 Use Admin in old rememberable tests. 2010-09-25 12:04:38 +02:00
José Valim
2aa1d2f3b7 Increase the size of the friendly token. 
The chance of someone to successfully guess a random token in the website is:

(number_of_users / 2388636399360109977557402041718133080829429159844757507642063199359529632522467783435119230976)
 2010-09-25 11:51:57 +02:00
José Valim
c12d75eecf Do not rely on controller being available in params. 2010-09-25 11:22:18 +02:00
José Valim
dd11f43014 All tests green on latest mongoid. 2010-09-24 11:30:08 +02:00
Martin Davidsson
ec0e105c52 Incorporate feedback from carlosantoniodasilva and update rememberable 
tests
 2010-09-24 11:08:59 +08:00
Thibaud Guillaume-Gentil
c121d8026e Avoid BCrypt::Errors::InvalidSalt: invalid salt 
when password_salt is nil.

Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-09-21 12:09:07 +02:00
José Valim
5429f940e7 Refactor code related with authentication keys on password recovery and account unlocking, closes #396. 2010-09-21 12:05:17 +02:00