github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-14 09:17:55 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,490 Commits 28 Branches 145 Tags
v3.2.3
Commit Graph

330 Commits

Author SHA1 Message Date
Vasiliy Ermolovich
49086d0294 remove warnings regarding number extensions 2014-01-04 18:54:19 +03:00
José Valim
3adeba38f5 Merge pull request #2763 from paulanunda/master 
Fixed small grammatical error in en.yml
 2013-12-09 21:50:20 -08:00
Erik Michaels-Ober
26e85c44e2 Removed use of gendered pronouns 2013-12-02 10:02:17 +01:00
Paul Anunda
43282f738e Fixed small grammatical error in en.yml 2013-11-28 10:29:50 -06:00
Marcus Mansur
b16899f7bf fixes timeoutable specs to cover sign_out_all_scopes false 2013-11-21 14:02:45 -02:00
José Valim
27bcefcf54 Ensure timeoutable hook respects Devise.sign_out_all_scopes configuration 
Closes #2606
 2013-11-06 21:07:38 +01:00
andrew morton
52a3768451 A GET to sign in shouldn't extend the session. 2013-11-06 20:20:22 +01:00
José Valim
c323065b57 Merge pull request #2634 from gregates/bug/confirmation_workflow 
Tweaks confirmation flow for signed_in users
 2013-09-16 07:17:46 -07:00
Greg Gates
989d7192fa Tweaks confirmation flow for signed_in users 
For #2627

When allow_unconfirmed_access_for > 0, users may
be already signed in at the time they confirm
their account. Consequently, the default
confirmation should be compatible with this
possibility. Additionally, they should not be
redirected to the sign in form after confirmation
in this case. So I've changed
ConfirmationsController#after_confirmation_path_for
to send the user to the root path when signed in,
or the sign in form otherwise.
 2013-09-16 10:12:15 -04:00
Vipul A M
ae6a37f796 Cleanup tests for unused variables 2013-09-15 01:52:53 +05:30
José Valim
9464416c3e Bring back test removed by accident 2013-09-02 19:25:05 -03:00
José Valim
6b3b0c5e8c Remove deprecated token lookups 2013-09-02 19:23:15 -03:00
José Valim
dff7891b97 Get rid of token authentication 2013-09-02 19:15:47 -03:00
Vasiliy Ermolovich
23c5517009 add test for fc251c306c 2013-08-31 15:25:49 +03:00
Andri Möll
052cbef205 Don't confirm email after password reset. 
Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2013-08-18 10:13:35 +02:00
José Valim
3dccf3c6ff Do not sign in after confirmation 2013-08-08 22:33:58 +02:00
José Valim
354e5022bf Only allow insecure token lookup if a flag is given 2013-08-06 11:55:13 +02:00
José Valim
f5a77ac598 Skip storage for cookies on unverified requests 2013-08-05 10:24:11 +02:00
José Valim
747751a20f Protect against CSRF token fixation attacks 2013-08-02 23:13:15 +02:00
Vasiliy Ermolovich
b7079c7cf2 redirect user to the referrer if latest request was not GET after timeout 
closes #2421
 2013-05-19 17:11:34 +03:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
Carlos Antonio da Silva
69f79ad446 Let Devise play with both Rails 3.2 and Rails 4 for now 2013-05-05 19:55:06 -03:00
Carlos Antonio da Silva
d9d5ae3d58 Correct OrderedHash initialization to ensure keys order in 1.8.7 
This should hopefully fix the build with 1.8.7 🙏
 2013-05-01 21:35:03 -03:00
Vasiliy Ermolovich
dceb788c6b fix OrderedHash initialization 2013-04-23 10:37:10 +03:00
Vasiliy Ermolovich
fae8e977e8 use ordered hash to fix tests on ruby 1.8 2013-04-22 22:42:49 +03:00
Carlos Antonio da Silva
b8c5d76c5a Merge pull request #2380 from vipulnsward/fix_warnings 
fix some warnings
 2013-04-19 15:53:43 -07:00
Vipul A M
b871bd5036 fix some warning 2013-04-19 19:08:20 +05:30
Vipul A M
2e6457006e Remove unused variables and fix typos 2013-04-18 10:24:38 +05:30
José Valim
5bf4f57fcf Tidy up devise configuration 2013-04-13 22:07:54 -07:00
José Valim
1b8fd7c2ff Merge pull request #2271 from robhurring/master 
Allowing http token auth to set the token_authentication_key if missing from params
 2013-04-13 21:39:36 -07:00
Rafael Mendonça França
335a6af861 Merge branch 'master' into rails4 2013-03-28 13:51:12 -03:00
Matt Jones + Tony Schneider
f4ceecece4 Allow explicit configuration of http auth key 
- Fix basic auth case in which authorized_keys is configured as hash
- Duplicate existing functionality when http_auth_key is not explicitly
  set
 2013-03-04 12:23:05 -05:00
Carlos Antonio da Silva
7998d6f878 Match full template name 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
d77a956276 Remove AR deprecated finder warnings 2013-02-25 22:12:06 -03:00
Carlos Antonio da Silva
3c885e043d Fix changed error messages from confirmation validation 2013-02-25 22:12:06 -03:00
Philipe Fatio
c22d755cf4 Make use of warden's scoped serialization 2013-02-25 07:38:42 +01:00
Rob
547439d94c renaming devise option "allow_authorization_to_set_auth_token" to "allow_token_authenticatable_via_headers" 2013-02-10 12:50:52 -05:00
Rob
84f743c4ef adding http token auth options to env[devise.token_options] 2013-02-10 12:48:02 -05:00
Rob
3025b7e2f7 Allow http token authorization to set token_authentication_key in place of passing it in via params 
It will not override existing token_authentication_key params if they are present.
 2013-02-09 15:12:36 -05:00
Drew Ulmer
c9c1e13743 Add test for Issue #2190 
Seems to be passing for me.
 2013-01-31 10:05:53 -06:00
José Valim
25296d8c6f Add tests for sign out with redirect, related to #2249 2013-01-30 08:28:51 -07:00
Carlos Antonio da Silva
86eecc6606 Change "ActionController::IntegrationTest" to "ActionDispatch::IntegrationTest" 2013-01-28 19:58:21 -02:00
Carlos Antonio da Silva
0061f113db Fix indent [ci skip] 2013-01-20 21:49:45 -02:00
Vasiliy Ermolovich
d3f8bd6cae add key option to rememberable_options 
closes #2218
 2013-01-20 23:16:25 +03:00
Vasiliy Ermolovich
9913fde749 use click_button for canceling account in integration specs 2013-01-12 14:12:05 +03:00
Alan Larkin
84b8188db9 Added failing integration test for XHR invocation of SessionsController#destroy with */*' in the Accept' header. 2013-01-06 03:49:59 +00:00
José Valim
839e8fc8ac Show if there is an e-mail waiting for confirmation, closes #2060 2012-12-13 09:13:33 +01:00
José Valim
e1fde192f2 Update CHANGELOG 2012-12-13 08:43:43 +01:00
Gabe Martin-Dempesy
130d684198 Change failure key for missing database resource to :invalid_email 2012-11-19 15:49:21 -08:00
Jared Morgan
f044916f94 Use correct current_password in RegistrationTest of invalid confirmation 
In DatabaseAuthenticatable#update_with_password, password is now deleted if
the current_password is invalid. dm-validations will not check the
confirmation in that case, so this test was failing in dm-devise.
 2012-11-15 12:21:11 -06:00