github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-14 09:17:55 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,490 Commits 28 Branches 145 Tags
v3.2.3
Commit Graph

1401 Commits

Author SHA1 Message Date
Lucas Mazza
b8f1d0d0c6 Release v3.2.3 2014-02-20 15:30:48 -03:00
Ryan McGeary
5f9838950a Remove password_length default docs in config template 
The default specified in the docs does not match up with the default
specified in the config.

See
cc8636cfed/lib/devise.rb (L127)

Changing the docs to read 6..128 with the config setting to 8..128 is
feared to cause confusion, so removing the default clause instead.
 2014-02-16 08:19:47 -05:00
Lucas Mazza
e57b672e90 Ensure that migrations are created with the .rb extension. 
Since rails/rails#13612 the generator won't always add the `.rb`
extension when creating migrations with the `migration_template`
method.
 2014-02-11 10:19:05 -02:00
Lucas Mazza
eba91e6580 Read the secret_key value from Rails secret_key_base. 
It is possible to override this by setting the `secret_key` manually
on the `devise.rb` initializer on your application.
 2014-01-22 11:13:25 -02:00
Jake Worth
61e87be580 Fix typos 2014-01-09 10:00:27 -06:00
Tobin Juday
2ba8275dcc Fix off-by-one error in Lockable module 
When using the maximum_attempts config, Devise actually let you fail n
+ 1 times, not n times.

See https://github.com/plataformatec/devise/issues/2825 for details.
 2014-01-06 23:51:45 -05:00
José Valim
7a654cdd04 Merge pull request #2809 from moisesweb/mv_access_lock_without_email 
lock_access! without sending email
 2014-01-04 00:37:38 -08:00
Jeremy Ward
9d0d15b814 Updated documentation to use 1.9 hash syntax. 2014-01-02 19:02:36 -08:00
Jeremy Ward
b50fa74596 Edit is now configurable for devise registrations via path_name. 2014-01-02 17:49:37 -08:00
Moises Vargas M
be236fa6dd lock_access! without sending email 2013-12-24 11:51:24 -05:00
schneems
a00921f417 [close #2755] Raise incompatible route error 
Right now if you try to use a route that you have defined in your `omniauth_callbacks` but you have not declared that resource to be `omniauthable` you will get a weird route missing error which causes the user to look in the routes for the fix:

```ruby
devise_for  :users, controllers: {omniauth_callbacks: "users/omniauth_callbacks"}
```

This PR checks to see if the mapping of `:user` has the module `omniauthable` included in it when `omniauth_callbacks` is specified in the route. If it does not, an instructional error is raised:

```
Mapping omniauth_callbacks on a resource that is not omniauthable
Please add `devise :omniauthable` to the `User` model
```
 2013-12-18 19:19:25 -06:00
Rogério Yokomizo
8ca34aa41e Remove authentication some authentication token stuffs 
Since we don't have authentication token, we don't have to check if
password is "X".

:authentication_token don't have to be in the blacklist for
serialization too.
 2013-12-10 12:30:28 -02:00
Rogério Yokomizo
16ec143228 fix typo and some clarification 2013-12-05 10:39:42 -02:00
José Valim
c67de7e91c Merge pull request #2772 from sferik/gender_neutral_pronouns 
Remove a couple more gendered pronouns
 2013-12-05 00:09:48 -08:00
Erik Michaels-Ober
3f03ec02ad Cleanup trailing whitespace 2013-12-05 09:03:32 +01:00
Erik Michaels-Ober
4e7cd18a04 Remove a couple more gendered pronouns 2013-12-05 09:03:28 +01:00
Bartosz Kopiński
53893edec8 Removing regexp anchors in routing constraints 
They're not allowed according to:
http://guides.rubyonrails.org/routing.html#segment-constraints
 2013-12-02 21:27:23 +01:00
Erik Michaels-Ober
26e85c44e2 Removed use of gendered pronouns 2013-12-02 10:02:17 +01:00
José Valim
65947b6696 Release v3.2.2 2013-11-25 12:00:21 +01:00
Marcus Mansur
bd83483ba6 fixes missing caller 2013-11-21 13:26:34 -02:00
Christopher Sexton
7afc096fa4 Keep the query string and path in store_location_for 
Persist the URI's query when saving to the session.

Fixes #2742
 2013-11-20 15:47:20 -05:00
Vasiliy Ermolovich
bb2ff3553b require rails generator base class in devise generators 
closes #2743
 2013-11-15 15:56:09 +03:00
José Valim
1390945e5c Improve default omniauth sample 2013-11-14 09:09:05 +01:00
José Valim
f36efc0cc9 Ensure multiple leading / are also removed, thanks @homakov 2013-11-13 15:01:23 +01:00
José Valim
3b598ec235 Release v3.2.1 2013-11-13 14:15:13 +01:00
José Valim
95ec62ea76 Ensure encryption on authentication 2013-11-13 13:45:34 +01:00
José Valim
0582467032 Ensure we only store paths in store_location_for (thanks to @homakov for the tip) 2013-11-13 13:30:24 +01:00
José Valim
e303de9756 Merge pull request #2729 from matthewrudy/store-location-helper 
Add store_location_for helper
 2013-11-08 23:22:39 -08:00
Matthew Rudy Jacobs
268e486dbb Add store_location_for helper 
This is used as a complement to `stored_location_for`.

Example:

Before authorizing with Omniauth;

  store_location_for(:user, dashboard_path)
  redirect_to user_omniauth_authorize_path(:facebook)

In our Omniauth callback

  sign_in(user)
  redirect_to stored_location_for(:user) || root_path
 2013-11-09 00:59:00 +00:00
Lucas Mazza
bf5bcd52cb Bring password_digest back. 
This method is part of the protected API and is used by custom
encryption engines (like `devise-encryptable`) to hook the custom
encryption logic in the models.

Fixes #2730
 2013-11-08 16:22:31 -02:00
José Valim
e26ea51fe5 Improve error message for wrongly nested omniauth callback 2013-11-07 14:30:32 +01:00
José Valim
9d872709c0 Release Devise 3.2.0 2013-11-06 21:39:16 +01:00
José Valim
27bcefcf54 Ensure timeoutable hook respects Devise.sign_out_all_scopes configuration 
Closes #2606
 2013-11-06 21:07:38 +01:00
José Valim
4f1bf8f3f9 Split out sign_in/out functionality so it can be reused in hooks 2013-11-06 20:55:26 +01:00
José Valim
a7624c8f51 Merge pull request #2227 from AlexanderZaytsev/master 
Use mapping.fullpath in omniauth callbacks
 2013-11-06 11:32:21 -08:00
José Valim
f5f7e97d8b Merge pull request #2718 from ssendev/flashing_formats 
Separate redirects and flash messages in navigational_formats and flashing_formats
 2013-11-06 00:10:23 -08:00
José Valim
13117f01be Merge pull request #2562 from devolute/master 
passes headers through test helpers' response
 2013-11-05 23:59:11 -08:00
Kaworu
fe1fb1f7a2 Don't use config option for flashing_formats 2013-11-01 22:25:15 +01:00
Kaworu
c87809a0f5 Separate redirects and flash messages in navigational_formats and flashing_formats 2013-11-01 21:47:40 +01:00
José Valim
9eb0768cb9 Add Rails 4 related todo 2013-10-31 14:40:44 +01:00
José Valim
e445039716 Merge pull request #2717 from memberful/2716-splat-sanitize-params 
Splat the arguments to strong_parameters#permit, fixes #2716
 2013-10-31 14:40:28 +01:00
José Valim
69d28f9b0e Add config.last_attempt_warning to default config 2013-10-26 11:56:31 +02:00
Benoit Bénézech
04e47687b2 remove respond_to in favor of an implementation that returns options 2013-10-24 17:29:53 +02:00
Benoit Bénézech
d5514bf916 Add options for FailureApp's i18n_message. Similar #1633 2013-10-24 16:49:13 +02:00
Dave Tong
8bef8b87f1 Add documentation to the 'after_database_authentication' method. 2013-10-24 08:25:00 +11:00
Vitaly Bezkrovny
bb810cfb8f * show message for last attempt, not for one-before-last one; 
* update test to check the message :invalid, :last_attempt, :locked
 2013-10-22 00:43:56 +03:00
José Valim
a8069be4c8 Improve devise_for docs to be make routes integration more explicit 2013-10-21 13:28:20 +02:00
Jay Hayes
21583cbf95 Update code comment to keep it up to date 
[#2691]
[ci skip]
 2013-10-21 13:21:11 +02:00
Jay Hayes
4861436298 Prevent mutation of orig values during case and wspace sanitizations 2013-10-21 13:21:05 +02:00
Vitaly Bezkrovny
e20e446cf4 + last_attempt 
+ @@last_attempt_warning

+ last_attempt? method;
* send :last_attempt key if it is the last attempt

+ test for last attempt

* update test to make two asserts

* update message
 2013-10-15 01:53:56 +03:00