github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-20 12:17:59 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,293 Commits 28 Branches 145 Tags
v3.0.4
Commit Graph

202 Commits

Author SHA1 Message Date
Carlos Antonio da Silva
ae4448403c Change flash message to alert instead of error 
Devise uses the defaults :notice and :alert everywhere, this one seems to
have been missed since it was introduced in
ff75341c75.
 2013-05-29 21:34:28 -03:00
Jesse B. Hannah
545a5cec3b Fix redundant assignment of self.resource in Devise::RegistrationsController 
Devise::RegistrationsController#create set self.resource to the return value of build_resource--which is nil, because build_resource sets self.resource to an actual resource object. This caused attempting to save the resource (two lines down) to fail with "undefined method `save' on nil:NilClass."
 2013-05-09 18:33:30 -06:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
José Valim
ef2a2280a3 Update examples to be compatible with Rails 4 2013-05-07 08:18:12 -06:00
Sebastian Wramba
43f7cf0f12 No redirect when Devise API is accessed via JSON 2013-05-07 10:18:23 +02:00
Tan Jun Rong
804fbdf6d5 Fix spelling error, 'reseting' to 'resetting' 2013-04-22 22:25:40 +08:00
Tan Jun Rong
e4987e8bb7 Fix resource_name to resource 2013-04-22 21:40:52 +08:00
Tan Jun Rong
9d5a9c8a61 Add ability to override the redirect path after user has reset their password 2013-04-22 20:22:53 +08:00
Lucas Mazza
93013c2e89 Merge pull request #2366 from hauleth/extract-lookup-for-i18n 
Extract get_message
 2013-04-14 08:21:19 -07:00
José Valim
8a93c34080 Clean up Devise parameter sanitizer 2013-04-13 23:21:46 -07:00
Carlos Antonio da Silva
36557ef641 ✂️ [ci skip] 2013-04-13 10:53:49 -03:00
Drew Ulmer
d20fdf87b6 Introduce BaseSanitizer null sanitizer and controller-specific callbacks 
This updates Devise's StrongParameter support to feature:

- A Null base sanitizer to support existing Rails 3.x installations that
  don't want to use StrongParameters yet
- A new, simpler API for ParameterSanitizer: #permit, #permit!, and #forbid
- Overrideable callbacks on a controller-basis, e.g. #create_sessions_params
  for passing the current scope's parameters through StrongParameters and
  a helper method, whitelisted_params, for rolling your own implementations
  of #create_x_params in your own controllers.
- Lots of tests!
 2013-04-10 10:33:50 -05:00
Łukasz Niemier
95f56258d7 Rename get_message to find_message and fix set_flash_message 2013-04-07 08:52:11 +02:00
Łukasz Niemier
8e9ad4626e Extract get_message 2013-04-06 18:46:21 +02:00
Drew Ulmer
77203e3d97 Change parameter sanitizer instance method to scope to devise 
This way it's very explicit that this method is for devise and it won't
run into any naming collisions with user code.
 2013-04-01 09:46:46 -05:00
Drew Ulmer
78f137368c Add support for Rails 4 strong_parameters 
This brings support for Rails 4 StrongParameters changes.

- Parameter sanitizing is setup for Devise controllers via
  resource_params except Omniauth Callbacks which doesn't use
  resource_params.

- Change #build_resource to not call resource_params for get requests.
  Parameter sanitizing is only needed when params are posted to the
  server so there's no need to try to construct resource params on get
  requests (new, edit).
 2013-03-31 21:31:48 -05:00
Carlos Antonio da Silva
af37800c1d Change match routes to get / post 
match without a verb is deprecated in Rails master.
 2013-01-28 20:23:13 -02:00
José Valim
8fa3951bea Update app/controllers/devise/sessions_controller.rb 2013-01-06 11:07:51 +01:00
Alan Larkin
f2de7bf84c Fixed bug in SessionsController#destroy which caused all XHR requests, regardless of `Accept' header, to be treated as 'text/html'. 2013-01-06 03:50:26 +00:00
José Valim
30ab6f923d Release 2.2.0.rc 2012-12-13 09:20:46 +01:00
Marcin Balinski
ac58c28617 Unlock user when re-setting password and unlock strategy is :email or :both 2012-11-07 10:45:46 +01:00
Vasiliy Ermolovich
5d86327e4d move is_navigational_format? and request_format methods to helpers 2012-11-05 09:54:22 +03:00
José Valim
18c377e0d7 Merge pull request #2112 from latortuga/patch-1 
Make #set_flash_message respect i18n-set resource_name
 2012-10-26 02:05:42 -07:00
Drew Ulmer
b853871667 Make #set_flash_message respect i18n-set resource_name 
Using #devise_i18n_options allows overriding any i18n keys but the
resulting call to I18n.t does not respect an override of resource_name.
 2012-10-24 11:50:26 -05:00
Philip Poots
692175b897 Moves sign_up from helpers to controller 2012-10-23 20:29:41 +01:00
Philip Poots
68dc20cba2 Separates sign_up and sign_in on Registration 
See #2104

Completed with the help of @rubynortheast
 2012-10-23 20:05:45 +01:00
Adam McNamara
564e588f5e Assigns object to self.resource, changing variable scope. 2012-10-10 10:01:35 -04:00
Víctor Manuel Cruz Dueñas
73f617db7b Checking if unconfirmed_email has changed before to set update_needs_confirmation flash message. 
Conflicts:

	test/integration/registerable_test.rb

Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2012-07-23 16:20:51 +02:00
Andrey Koleshko
972ac3b5f0 refactor is_navigational_format? method 2012-06-26 17:58:50 +03:00
Mathieu Lajugie
8171ad39e0 Allow to destroy a session using JSON format (or any non navigational format) when Rails flash feature is not enabled (i.e.: when using rails-api). 2012-06-23 10:49:33 -07:00
Sai
6eeb9e4b7d Update patch-1 2012-06-22 14:03:56 -03:00
Sai
80b2240ef0 Camelize correctly - e.g. omniauth-paypal sets this via OmniAuth.config.add_camelization 2012-06-22 10:55:23 -03:00
José Valim
b1633f2454 Delegate omniauth_authorize_path to the router, closes #1843 2012-06-16 13:43:11 +02:00
José Valim
41a91188f5 Do not trigger timeout on sign in related actions 2012-06-16 13:24:07 +02:00
Gregory Bataille
ff75341c75 Redirect to sign in page when trying to access password#edit without a 
reset_password_token (i.e. not coming from a reset password email)
 2012-06-08 10:08:35 +02:00
José Valim
215fdf119e Better error message when mapping can't be found 2012-06-07 14:34:13 +03:00
José Valim
2b7328535d Check for the request before checking for the mapping, closes #1859 2012-05-25 09:39:50 +02:00
Adam Meehan
7ec4c1424d Add resource_params internal helper to param filtering 
In light of recent discussions around mass assignment security and
the alternate solution of using the controller to filter params, not the model,
a hook/helper is needed to be able to override how the params are filtered
before they are used to build the resource.
 2012-05-15 18:07:02 +10:00
Julian Vargas
6664acd27f Use 'head :no_content' in sessions_controller#destroy 
Code cleanup for returning headers instead of an empty string
when destroying sessions.

Lines 464 and 471 on test/integration/autenticatable_test.rb
were adjusted to assert on :no_content
 2012-05-02 22:40:53 -05:00
Carlos Antonio da Silva
ec3eed5d2a Change method name 2012-04-22 10:07:44 -03:00
Mark Kremer
0e0bfe6686 Added after_unlock_path_for to allow override of redirect after account 
unlock
 2012-04-17 13:38:50 +02:00
Mark Kremer
fafea15fa8 Added after_sending_reset_unlock_instructions_path_for which can be overridden in extensions to modify the redirect path 2012-04-17 10:04:06 +02:00
José Valim
6846014def Do not make _prefixes private. 2012-04-05 09:15:48 -03:00
David FRANCOIS
885d8836d1 Ability to use attr_protected attributes as sign-in keys without triggering ActiveModel::MassAssignmentSecurity::Error when ActiveRecord::Base.mass_assignment_sanitizer is set to :strict. Fixes #1729. 2012-03-21 11:48:00 +01:00
Rodrigo Flores
ecfc7d752a Deprecation warning on module doesn't have a required_fields method 2012-03-03 14:30:59 -03:00
José Valim
2f6ecc1328 Do not call after sign in hook without resource, closes #1666. 2012-03-03 12:09:26 +01:00
Rodrigo Flores
65f08ea175 Removing signed_out path workaround 2012-02-16 14:53:11 -02:00
José Valim
fb8e093389 Accept devise_i18n_options to handle custom i18n values, closes #1633 2012-02-15 16:58:23 +01:00
José Valim
4b47c3ab73 Clean up devise_controller? related code. 2012-02-15 16:58:23 +01:00
José Valim
83c47552e8 Extract auth_options into its own method. 2012-02-01 09:37:33 +01:00