github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-25 14:48:02 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,041 Commits 28 Branches 146 Tags
v2.2.1
Commit Graph

118 Commits

Author SHA1 Message Date
José Valim
8fa3951bea Update app/controllers/devise/sessions_controller.rb 2013-01-06 11:07:51 +01:00
Alan Larkin
f2de7bf84c Fixed bug in SessionsController#destroy which caused all XHR requests, regardless of `Accept' header, to be treated as 'text/html'. 2013-01-06 03:50:26 +00:00
Marcin Balinski
ac58c28617 Unlock user when re-setting password and unlock strategy is :email or :both 2012-11-07 10:45:46 +01:00
Philip Poots
692175b897 Moves sign_up from helpers to controller 2012-10-23 20:29:41 +01:00
Philip Poots
68dc20cba2 Separates sign_up and sign_in on Registration 
See #2104

Completed with the help of @rubynortheast
 2012-10-23 20:05:45 +01:00
Adam McNamara
564e588f5e Assigns object to self.resource, changing variable scope. 2012-10-10 10:01:35 -04:00
Víctor Manuel Cruz Dueñas
73f617db7b Checking if unconfirmed_email has changed before to set update_needs_confirmation flash message. 
Conflicts:

	test/integration/registerable_test.rb

Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2012-07-23 16:20:51 +02:00
Mathieu Lajugie
8171ad39e0 Allow to destroy a session using JSON format (or any non navigational format) when Rails flash feature is not enabled (i.e.: when using rails-api). 2012-06-23 10:49:33 -07:00
Sai
6eeb9e4b7d Update patch-1 2012-06-22 14:03:56 -03:00
Sai
80b2240ef0 Camelize correctly - e.g. omniauth-paypal sets this via OmniAuth.config.add_camelization 2012-06-22 10:55:23 -03:00
José Valim
b1633f2454 Delegate omniauth_authorize_path to the router, closes #1843 2012-06-16 13:43:11 +02:00
José Valim
41a91188f5 Do not trigger timeout on sign in related actions 2012-06-16 13:24:07 +02:00
Gregory Bataille
ff75341c75 Redirect to sign in page when trying to access password#edit without a 
reset_password_token (i.e. not coming from a reset password email)
 2012-06-08 10:08:35 +02:00
Adam Meehan
7ec4c1424d Add resource_params internal helper to param filtering 
In light of recent discussions around mass assignment security and
the alternate solution of using the controller to filter params, not the model,
a hook/helper is needed to be able to override how the params are filtered
before they are used to build the resource.
 2012-05-15 18:07:02 +10:00
Julian Vargas
6664acd27f Use 'head :no_content' in sessions_controller#destroy 
Code cleanup for returning headers instead of an empty string
when destroying sessions.

Lines 464 and 471 on test/integration/autenticatable_test.rb
were adjusted to assert on :no_content
 2012-05-02 22:40:53 -05:00
Carlos Antonio da Silva
ec3eed5d2a Change method name 2012-04-22 10:07:44 -03:00
Mark Kremer
0e0bfe6686 Added after_unlock_path_for to allow override of redirect after account 
unlock
 2012-04-17 13:38:50 +02:00
Mark Kremer
fafea15fa8 Added after_sending_reset_unlock_instructions_path_for which can be overridden in extensions to modify the redirect path 2012-04-17 10:04:06 +02:00
David FRANCOIS
885d8836d1 Ability to use attr_protected attributes as sign-in keys without triggering ActiveModel::MassAssignmentSecurity::Error when ActiveRecord::Base.mass_assignment_sanitizer is set to :strict. Fixes #1729. 2012-03-21 11:48:00 +01:00
Rodrigo Flores
65f08ea175 Removing signed_out path workaround 2012-02-16 14:53:11 -02:00
José Valim
83c47552e8 Extract auth_options into its own method. 2012-02-01 09:37:33 +01:00
José Valim
8c9cf7d671 Add deprecations, update changelog. 2012-01-24 14:23:34 +01:00
Jo Liss
c78c196423 More helpful sign-up message for Confirmable 
This is also better for translations, because we can translate paragraph-wise.

signed_up_but_inactive and signed_up_but_locked are likely not needed,
but I wasn't sure how to best remove them.
 2012-01-23 13:52:32 +01:00
José Valim
1ebcb09fc1 Do not rely on root_path. Redirect to / if not available. 2012-01-02 22:43:07 +01:00
José Valim
66b93e8fd2 Clean up as we don't need to call render_with_scope anymore. 2012-01-02 22:12:09 +01:00
José Valim
d9df632671 Get rid of InternalHelpers, refactor scoped views for more performant behavior. 2012-01-02 22:01:28 +01:00
José Valim
a29a30effc Move InternalHelpers to parent controller. 2012-01-02 20:30:56 +01:00
José Valim
1fdeadd113 Merge pull request #1188 from sj26/controller-inheritence 
Make all controllers inherit from a single DeviseController
 2012-01-02 11:24:33 -08:00
Vasiliy Ermolovich
1e1e964d25 redirect users to sign in page after unlock, closes #1486 2011-12-08 22:06:09 +03:00
José Valim
6aed8f1c87 Clean up reconfirmable behavior. 2011-12-04 22:14:44 +01:00
José Valim
6d681c5b8a Merge remote-tracking branch 'heimidal/updates' into reconfirm 
Conflicts:
	lib/devise/models/confirmable.rb
	test/support/helpers.rb
 2011-12-04 20:58:41 +01:00
José Valim
1e37e42239 Do not use stored location for sign out. 2011-11-20 19:19:41 +00:00
Hinrik Örn Sigurðsson
9ea7249368 Allow specifying a resource_return_to for sign out 
It was impossible to accomplish this by providing a
custom #after_sign_out_path_for in ApplicationController because the
session gets destroyed before it is called. Furthermore,
resource_return_to is now used by default if it exists, so users won't
have to provide a custom #after_sign_out_path_for in that case.
 2011-11-13 20:27:08 +00:00
José Valim
16208f7ad7 Rework previous commit to clean up the instance variable dynamically. 2011-11-09 17:00:42 -02:00
José Valim
1bace6df4e Be sure to expire cached devise data after sign in, closes #1411 2011-11-05 20:11:09 -02:00
José Valim
2a5ad4664b Change all paranoid settings to behave as success instead of as failure, closes #1375. 2011-10-15 10:52:00 +02:00
Jim Herzberg
b98720d324 jh - reworking paranoid mode in passwords controller 
Signed-off-by: José Valim <jose.valim@gmail.com>
 2011-10-15 10:45:33 +02:00
Brian Rose
7f754caba3 Merge branch 'master' into updates 2011-10-12 10:56:08 -06:00
José Valim
bba6562dcc after_sign_in_path_for now redirects to session[scope_return_to] if any value is stored in it 2011-09-29 13:07:13 +02:00
José Valim
15b76e93d1 The default here is now DELETE. 2011-09-27 10:42:08 +03:00
José Valim
ab9d856568 Add a deprecation warning for previous controller authorization style. 2011-09-22 11:51:09 +02:00
José Valim
335d36088f Instead of depending on mapping.controller[:session], make it explicit when we allow auth from params. 2011-09-14 16:52:28 -07:00
José Valim
98acc84111 Allow options to be passed to authenticate_user! 2011-09-14 16:52:28 -07:00
Rémy Coutable
ebbabaea5b After a password reset, don't show "You are now signed in." if the user can't be signed-in anyway. 2011-09-01 00:24:10 +02:00
Brian Rose
8c0f74f036 Add better message when user updates while reconfirmable is enabled. 2011-08-30 22:19:18 -06:00
Ches Martin
3cedba1de8 Fix optional enforcement of particular authentication keys 
Documentation states that authentication_keys should accept a hash with
values indicating whether or not each key is required. This was added in
b2066cc2 but tests only covered request_keys, and 29afe2d2 later broke
it with a << array operator.
 2011-08-06 20:07:49 +07:00
José Valim
0f8f786f9f Use a default key on inactive reason. 2011-08-02 11:18:23 +03:00
hck
7264bb55b2 added I18n support to inactive_message in RegistrationsController 2011-08-02 08:11:25 +03:00
Simon Ernst
517343ddb5 Add ability to override redirect_to path after account confirmation. 2011-07-08 11:21:01 +02:00
Samuel Cochran
2b64c6d951 Make all controllers inherit from a single DeviseController 2011-06-25 03:34:13 +08:00