github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-23 21:58:10 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,048 Commits 28 Branches 146 Tags
v2.2.2
Commit Graph

267 Commits

Author SHA1 Message Date
José Valim
0c4615e337 Properly check if reconfirmable is available 2013-01-13 09:53:26 +01:00
Steve Robinson
70e38fe66d Changed link_to to button_to for delete user 
It is advisable to use link_to for mostly GET operations. Actions like DESTROY when presented as a link can cause severe vulnerabilities.
Hence using a button is advisable.
 2013-01-12 01:53:09 +05:30
José Valim
8fa3951bea Update app/controllers/devise/sessions_controller.rb 2013-01-06 11:07:51 +01:00
Alan Larkin
f2de7bf84c Fixed bug in SessionsController#destroy which caused all XHR requests, regardless of `Accept' header, to be treated as 'text/html'. 2013-01-06 03:50:26 +00:00
José Valim
19b5bcbe0f Accept mail options in Devise::Mailer and deprecate headers_for 2013-01-04 18:52:49 +01:00
Graham Wagener
5745d97232 Improved grammar of reset password e-mail. 2012-12-14 15:08:55 +13:00
José Valim
86f0bff332 Apparently Rails 3.1 does not like @headers as ivar 2012-12-13 09:59:36 +01:00
José Valim
30ab6f923d Release 2.2.0.rc 2012-12-13 09:20:46 +01:00
José Valim
839e8fc8ac Show if there is an e-mail waiting for confirmation, closes #2060 2012-12-13 09:13:33 +01:00
José Valim
4c83743263 unconfirmed_email now uses the proper e-mail on salutation, related to #2060 2012-12-13 09:02:59 +01:00
Marcin Balinski
ac58c28617 Unlock user when re-setting password and unlock strategy is :email or :both 2012-11-07 10:45:46 +01:00
Vasiliy Ermolovich
5d86327e4d move is_navigational_format? and request_format methods to helpers 2012-11-05 09:54:22 +03:00
José Valim
18c377e0d7 Merge pull request #2112 from latortuga/patch-1 
Make #set_flash_message respect i18n-set resource_name
 2012-10-26 02:05:42 -07:00
Drew Ulmer
b853871667 Make #set_flash_message respect i18n-set resource_name 
Using #devise_i18n_options allows overriding any i18n keys but the
resulting call to I18n.t does not respect an override of resource_name.
 2012-10-24 11:50:26 -05:00
Philip Poots
692175b897 Moves sign_up from helpers to controller 2012-10-23 20:29:41 +01:00
Philip Poots
68dc20cba2 Separates sign_up and sign_in on Registration 
See #2104

Completed with the help of @rubynortheast
 2012-10-23 20:05:45 +01:00
Adam McNamara
564e588f5e Assigns object to self.resource, changing variable scope. 2012-10-10 10:01:35 -04:00
James Mead
e873e2aeed Use "number of" instead of "amount of" for countable nouns. 2012-09-28 10:52:37 +01:00
Radagaisus
4962fbcb51 no need for {} they said 2012-08-22 02:15:48 +03:00
Radagaisus
be2b481385 fixed for 1.8.7 syntax 2012-08-22 02:13:38 +03:00
Radagaisus
d169ef3641 extra whitespace 2012-08-22 02:01:01 +03:00
Radagaisus
2a64972321 html5 autofocus for a better ux from the get go 2012-08-22 01:58:26 +03:00
Víctor Manuel Cruz Dueñas
73f617db7b Checking if unconfirmed_email has changed before to set update_needs_confirmation flash message. 
Conflicts:

	test/integration/registerable_test.rb

Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2012-07-23 16:20:51 +02:00
Andrey Koleshko
972ac3b5f0 refactor is_navigational_format? method 2012-06-26 17:58:50 +03:00
Mathieu Lajugie
8171ad39e0 Allow to destroy a session using JSON format (or any non navigational format) when Rails flash feature is not enabled (i.e.: when using rails-api). 2012-06-23 10:49:33 -07:00
Sai
6eeb9e4b7d Update patch-1 2012-06-22 14:03:56 -03:00
Sai
80b2240ef0 Camelize correctly - e.g. omniauth-paypal sets this via OmniAuth.config.add_camelization 2012-06-22 10:55:23 -03:00
José Valim
b1633f2454 Delegate omniauth_authorize_path to the router, closes #1843 2012-06-16 13:43:11 +02:00
José Valim
41a91188f5 Do not trigger timeout on sign in related actions 2012-06-16 13:24:07 +02:00
Vasiliy Ermolovich
13f35d80a9 use data-confirm option as :confirm was deprecated in rails 3.2.6 2012-06-14 22:27:40 +03:00
Gregory Bataille
ff75341c75 Redirect to sign in page when trying to access password#edit without a 
reset_password_token (i.e. not coming from a reset password email)
 2012-06-08 10:08:35 +02:00
José Valim
215fdf119e Better error message when mapping can't be found 2012-06-07 14:34:13 +03:00
José Valim
2b7328535d Check for the request before checking for the mapping, closes #1859 2012-05-25 09:39:50 +02:00
Vasiliy Ermolovich
1d79c1982a use implicit partials rendering 
make simple_form templates consistent with templates
that generates by simple_form itself

612c0067cf
 2012-05-20 22:01:11 +03:00
Adam Meehan
7ec4c1424d Add resource_params internal helper to param filtering 
In light of recent discussions around mass assignment security and
the alternate solution of using the controller to filter params, not the model,
a hook/helper is needed to be able to override how the params are filtered
before they are used to build the resource.
 2012-05-15 18:07:02 +10:00
Julian Vargas
6664acd27f Use 'head :no_content' in sessions_controller#destroy 
Code cleanup for returning headers instead of an empty string
when destroying sessions.

Lines 464 and 471 on test/integration/autenticatable_test.rb
were adjusted to assert on :no_content
 2012-05-02 22:40:53 -05:00
Carlos Antonio da Silva
ec3eed5d2a Change method name 2012-04-22 10:07:44 -03:00
Mark Kremer
0e0bfe6686 Added after_unlock_path_for to allow override of redirect after account 
unlock
 2012-04-17 13:38:50 +02:00
Mark Kremer
fafea15fa8 Added after_sending_reset_unlock_instructions_path_for which can be overridden in extensions to modify the redirect path 2012-04-17 10:04:06 +02:00
José Valim
6846014def Do not make _prefixes private. 2012-04-05 09:15:48 -03:00
David FRANCOIS
885d8836d1 Ability to use attr_protected attributes as sign-in keys without triggering ActiveModel::MassAssignmentSecurity::Error when ActiveRecord::Base.mass_assignment_sanitizer is set to :strict. Fixes #1729. 2012-03-21 11:48:00 +01:00
Rodrigo Flores
af12ec2b01 Fixing a deprecation warning 2012-03-03 14:32:53 -03:00
Rodrigo Flores
ecfc7d752a Deprecation warning on module doesn't have a required_fields method 2012-03-03 14:30:59 -03:00
Rodrigo Flores
f04d883ac1 Deprecation warning 2012-03-03 11:12:30 -03:00
Rodrigo Flores
9bf718dd82 Revert "Move devise/shared/_links.erb to devise/_links.erb" 
This reverts commit aa2d15aa33.

Conflicts:

	CHANGELOG.rdoc
 2012-03-03 10:40:59 -03:00
José Valim
2f6ecc1328 Do not call after sign in hook without resource, closes #1666. 2012-03-03 12:09:26 +01:00
Rodrigo Flores
65f08ea175 Removing signed_out path workaround 2012-02-16 14:53:11 -02:00
José Valim
79aadb4bc9 Set autocomplete to off by default on password field. 2012-02-15 17:07:58 +01:00
José Valim
fb8e093389 Accept devise_i18n_options to handle custom i18n values, closes #1633 2012-02-15 16:58:23 +01:00
José Valim
4b47c3ab73 Clean up devise_controller? related code. 2012-02-15 16:58:23 +01:00