github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-04-28 03:00:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,138 Commits 33 Branches 149 Tags
v1.3.2
Commit Graph

490 Commits

Author SHA1 Message Date
José Valim
6a6ed6702e Improve tests and update CHANGELOG. 2011-02-15 10:07:08 +01:00
Nate Todd
2d0f887ba7 Preventing timeoutable from interfering with stateless tokens. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-02-15 09:54:13 +01:00
José Valim
aac9c40cba Ensure after hooks are called on registrations controller, closes #852 2011-02-15 09:41:35 +01:00
Jo Liss
f964ea526b Skip test that fails with Mongoid. 
The test suite passes now.
 2011-02-10 23:00:14 +08:00
Jo Liss
8440ed0101 Make Devise::friendly_token 20 characters long. 
This makes the tokens better suited for URLs in plain-text emails, and
is still secure for all practical purposes.
 2011-02-10 21:42:58 +08:00
Jeffrey Jones
cb5e0c4a7b Simplified logic for checking if the email is present and moved the Mongoid classes out of eval statements 2011-02-10 16:16:33 +08:00
Jeffrey Jones
0287d8cc80 When using database_authenticatable Devise will now only create an email field when appropriate. 
(If using default authentication_keys or custom authentication_keys with email included)

Test written for Mongoid, not sure how to test for active_record yet.
 2011-02-10 16:16:33 +08:00
José Valim
f332d7e932 Add a test to show recoverable works as expected if password is blank. 2011-02-09 10:11:48 +01:00
Carlos Antonio da Silva
c9fe8885f9 Spaces 2011-02-06 19:23:36 -02:00
Nico Ritsche
f06bed279a corrected 'an user' to 'a user' in comments and docs 2011-02-06 23:46:49 +08:00
John Plummer
7a1852e9f5 Allow send confirmation to change keys used 2011-02-05 16:19:01 +08:00
José Valim
68f699bfd4 Do not change default behavior of previous apps. 2011-01-21 10:55:40 +01:00
José Valim
0615c0a0a4 Fix infinite redirect issues. Closes #787 and closes #795. 2011-01-20 09:22:41 +01:00
José Valim
c78bb68c66 Revert "Fix an issue causing infinite redirects in production, closes #720" 
This reverts commit a156576ce9.

Conflicts:

	lib/devise/controllers/internal_helpers.rb
 2011-01-20 09:16:44 +01:00
Jo Liss
4207c2321f Fix the module sorting in devise method. 2011-01-15 07:38:06 +08:00
Jo Liss
fa239b984a Do not silently ignore invalid modules passed to devise method in model. 
The & operator seemed to be only used to force sorting, but as a
side effect we got suboptimal error handling.
 2011-01-15 06:42:29 +08:00
Jo Liss
692f7b27ff typos (remaining instances of authenticable -> authenticatable) 2011-01-13 13:02:17 +08:00
siong1987
6e91edd5e3 failure_app redirects to the correct format if it is a non-html request. This is to ensure that firefox redirects the correct format since firefox doesn't inherit accept info. also fix issue 675 that is resurrected by issue 754. 2011-01-11 18:27:14 +08:00
Richard Aday
88d4aca2c4 Adding tests for reset_password_keys and unlock_keys 2010-12-30 03:11:03 +08:00
Richard Aday
038eb321d4 Allowing reset_password_keys and unlock_keys to be set through the config 2010-12-30 03:10:56 +08:00
José Valim
c8c84c77c6 Respond to all formats if none is specified. 2010-12-29 16:01:11 +01:00
José Valim
8f20b13f84 By default, just require e-mail on recover and lockable. 2010-12-28 23:00:23 +01:00
José Valim
af1295284c rememberable cookie now is httponly by default 2010-12-25 12:04:04 +01:00
JamesFerguson
1b43cb5203 Added assertion testing that remember_user_token cookie is flagged as HttpOnly. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-12-25 11:49:40 +01:00
José Valim
b34f456096 Invoke callbacks using the correct API 2010-12-25 11:41:14 +01:00
Josh Starcher
e95eb93eb7 added failing test for Warden before_failure hooks 2010-12-25 18:21:20 +08:00
José Valim
27051cb2fe responder formats should be inherited from ApplicationController 2010-12-25 11:04:39 +01:00
Prem Sichanugrist
e8e3df3891 Add support for non-navigational format response to SessionsController 
This will make Devise::SessionsController return the authenticated object in the requested format instead of redirect the client to another page upon success authentication.
 2010-12-25 17:57:15 +08:00
siong1987
379d8c69a5 Issue 675: recall option is now passed for not confirmed email and inactive account. 2010-12-23 02:24:26 +08:00
José Valim
13e8bc22e3 Move duplicate sign_in logic to sign_in(). 2010-12-20 10:02:27 +01:00
José Valim
a156576ce9 Fix an issue causing infinite redirects in production, closes #720 2010-12-18 09:38:41 +01:00
José Valim
b942520dc4 No need to use expand_path as we assume the test directory is in the . 2010-12-18 08:22:01 +01:00
Andrés Mejía
a2e92a2ef2 Adding mongoid generator tests. 2010-12-18 15:15:43 +08:00
Andrés Mejía
60be68436b Adding tests for Active Record generator 2010-12-18 15:15:43 +08:00
Carlos Antonio da Silva
7ed1fb116f Cleanup requires in generators tests, fixing issue with load error in Ruby 1.9.2 2010-12-09 23:52:30 -02:00
José Valim
ec5bfe9119 Ensure to convert keys on indifferent hash. 2010-11-27 19:45:25 +01:00
Gavin Hughes
fe5ef25614 Deprecate anybody_signed_in? in favor of signed_in?(nil) 2010-11-28 00:09:23 +08:00
Carlos Antonio da Silva
268eae1013 Add update_attribute method to Mongoid Shim for devise tests, to fix failing test 
Mongoid does not have this method in the current beta version (2.0.0.beta.20).
 2010-11-26 01:14:27 -02:00
Carlos Antonio da Silva
eb7760b4b2 Make sure to load test gems only in Devise test env 2010-11-26 00:55:16 -02:00
Carlos Antonio da Silva
112f499937 Use UTC for Mongoid timestamps, so it conforms with AR. 2010-11-26 00:54:08 -02:00
Carlos Antonio da Silva
ed30114bd8 Fix changelog e cleanup white spaces 2010-11-21 11:25:37 -02:00
José Valim
71450998c5 Avoid session fixation attacks. 2010-11-20 23:18:41 +01:00
Steve Ross
4a8f9a9ba8 set_flash_message: Added conditional to make certain flash entries are not set if message is blank. 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2010-11-20 21:42:25 +01:00
José Valim
d8016ea3fd Ensure namespaces has proper scoped views, closes #654 2010-11-20 21:41:26 +01:00
Andrew Dahl
8d1e23c67d add unit and integration tests for case insensitive keys 2010-11-20 15:54:01 +01:00
Denis Hennessy
19219cbe0f Fix for HTTP Basic Auth when base64 encoded string wraps 
When using a token longer than approximately 45 characters, the base64 encoded string passed in
the HTTP_AUTHORIZATION header will contain newline characters. The existing implementation used
a regex which didn't handle this case correctly.
 2010-11-15 16:40:39 +08:00
José Valim
67a49f3b75 Ensure authenticatable_salt can be nil. 2010-11-11 22:51:39 +01:00
José Valim
b2496d1bc1 Smallish updates. 2010-11-11 13:53:52 +01:00
José Valim
c7efb68a77 Devise does not intercept 401 returned from applications anymore 2010-11-09 23:42:14 +01:00
José Valim
505bd39700 failure_app now properly handles nil request.format 2010-11-09 23:30:53 +01:00