github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-22 13:18:05 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,794 Commits 28 Branches 145 Tags
v3.4.1
Commit Graph

353 Commits

Author SHA1 Message Date
Timo Schilling
6b0d11ed7a use authentication_keys in flash message, instead of static ‘username’ (fix #3201) 2014-09-23 18:42:11 +02:00
Paul A. Jungwirth
6e0c287391 All causes of failed login should have the same error message 2014-09-11 08:38:14 -07:00
Lucas Mazza
5d43d5f3bc ✂️ 2014-08-11 17:35:28 -03:00
Lucas Mazza
6207e03070 Merge pull request #3135 from alexsoble/master 
UX feature: heads-up for new users about minimum password length
 2014-08-11 17:34:41 -03:00
alexsoble
fe015f5a54 Revert "Update routes to match 'sign up'/'log in', incorporate feedback from @carlosantoniodasilva" 
This reverts commit de2a24b3d3.
 2014-08-10 12:13:35 -04:00
alexsoble
de2a24b3d3 Update routes to match 'sign up'/'log in', incorporate feedback from @carlosantoniodasilva 2014-08-07 11:33:03 -04:00
alexsoble
67d8dd1e94 Replace 'Sign in' with 'Log in' in views, update tests 2014-08-06 13:32:02 -04:00
alexsoble
039b75ba83 Incorporated edits from @lucasmazza, wrote integration tests for password reminder feature 2014-08-06 11:04:46 -04:00
Lucas Mazza
eb9db7ba3a Coerce time objects serialized as Strings before doing the timeoutable comparisons. 
The comparison only fails on Ruby 1.9.3, when we need to parse it properly back
to a Time instance.

Related to #2930.
 2014-08-05 14:58:27 -03:00
alexsoble
e65c26e1e7 Only display password length warning if validatable module is included 2014-08-05 10:22:47 -04:00
alexsoble
c38accd648 Tell new signups about minimum password length in registrations/new.html.erb 2014-08-04 15:53:40 -04:00
José Valim
eeb6060d9d Merge pull request #3054 from cheerfulstoic/devise-neo4j 
Changes to support devise-neo4j
 2014-06-06 21:08:28 +02:00
Brian Underwood
74f4442319 User Model.to_adapter directly as suggested by @josevalim 2014-06-06 08:35:42 -07:00
Brian Underwood
2174e4675e Use User and Admin orm_adapter adapter in tests to support other ORMs (neo4j, in this case) 2014-06-04 21:59:30 -07:00
Brian Underwood
65d7d1ba55 Change test to use acts_like? so that we can have DateTime fields 2014-05-28 22:17:07 -07:00
David Henry
426560a4db Attempt without adding engine to application 2014-05-08 00:46:19 +01:00
David Henry
b5da4e82d0 Add full tests around confirmation when using devise_for with router_name 2014-05-06 23:07:24 +01:00
David Henry
ceafc710ef Start adding tests to the engine routing tests. 2014-05-06 00:56:58 +01:00
kento1218
d63b6b7b9d Fix Devise::ConfirmationsController#after_confirmation_path_for 
after_confirmation_path_for checks whether the user already signed in
by calling signed_in? after confirmation succeeded.
Since it was called without scope specification, the user treated as
signed in inappropriately when the user signed in as another resource
(such as 'admin').
 2014-04-28 20:44:00 +09:00
Lauro Caetano
571dead19b Check if there is a signed in user before sign out. 
Only execute the `SessionsController#destroy` if there is a signed in
user, otherwise it will raise
`ActionController::InvalidAuthenticityToken`.

Fixes #2934.
 2014-04-09 10:25:44 -03:00
Lucas Mazza
da0c27393f Serialize the last_request_at entry as an Integer 
Pushing the `Time` object inside the session has inconsistencies
across different serializers and we should use a more primitive type
so we don't need any specific parsing logic for the JSON serializer.
 2014-03-28 22:51:56 -03:00
Oleg Pudeyev
47845e44a2 Chase language changes in tests 2014-03-03 10:15:33 -05:00
Anshul Sharma
dc1b399a8b Updated ruby 1.9 hash syntax 2014-02-25 22:12:55 +05:30
Vasiliy Ermolovich
49086d0294 remove warnings regarding number extensions 2014-01-04 18:54:19 +03:00
José Valim
3adeba38f5 Merge pull request #2763 from paulanunda/master 
Fixed small grammatical error in en.yml
 2013-12-09 21:50:20 -08:00
Erik Michaels-Ober
26e85c44e2 Removed use of gendered pronouns 2013-12-02 10:02:17 +01:00
Paul Anunda
43282f738e Fixed small grammatical error in en.yml 2013-11-28 10:29:50 -06:00
Marcus Mansur
b16899f7bf fixes timeoutable specs to cover sign_out_all_scopes false 2013-11-21 14:02:45 -02:00
José Valim
27bcefcf54 Ensure timeoutable hook respects Devise.sign_out_all_scopes configuration 
Closes #2606
 2013-11-06 21:07:38 +01:00
andrew morton
52a3768451 A GET to sign in shouldn't extend the session. 2013-11-06 20:20:22 +01:00
José Valim
c323065b57 Merge pull request #2634 from gregates/bug/confirmation_workflow 
Tweaks confirmation flow for signed_in users
 2013-09-16 07:17:46 -07:00
Greg Gates
989d7192fa Tweaks confirmation flow for signed_in users 
For #2627

When allow_unconfirmed_access_for > 0, users may
be already signed in at the time they confirm
their account. Consequently, the default
confirmation should be compatible with this
possibility. Additionally, they should not be
redirected to the sign in form after confirmation
in this case. So I've changed
ConfirmationsController#after_confirmation_path_for
to send the user to the root path when signed in,
or the sign in form otherwise.
 2013-09-16 10:12:15 -04:00
Vipul A M
ae6a37f796 Cleanup tests for unused variables 2013-09-15 01:52:53 +05:30
José Valim
9464416c3e Bring back test removed by accident 2013-09-02 19:25:05 -03:00
José Valim
6b3b0c5e8c Remove deprecated token lookups 2013-09-02 19:23:15 -03:00
José Valim
dff7891b97 Get rid of token authentication 2013-09-02 19:15:47 -03:00
Vasiliy Ermolovich
23c5517009 add test for fc251c306c 2013-08-31 15:25:49 +03:00
Andri Möll
052cbef205 Don't confirm email after password reset. 
Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2013-08-18 10:13:35 +02:00
José Valim
3dccf3c6ff Do not sign in after confirmation 2013-08-08 22:33:58 +02:00
José Valim
354e5022bf Only allow insecure token lookup if a flag is given 2013-08-06 11:55:13 +02:00
José Valim
f5a77ac598 Skip storage for cookies on unverified requests 2013-08-05 10:24:11 +02:00
José Valim
747751a20f Protect against CSRF token fixation attacks 2013-08-02 23:13:15 +02:00
Vasiliy Ermolovich
b7079c7cf2 redirect user to the referrer if latest request was not GET after timeout 
closes #2421
 2013-05-19 17:11:34 +03:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
Carlos Antonio da Silva
69f79ad446 Let Devise play with both Rails 3.2 and Rails 4 for now 2013-05-05 19:55:06 -03:00
Carlos Antonio da Silva
d9d5ae3d58 Correct OrderedHash initialization to ensure keys order in 1.8.7 
This should hopefully fix the build with 1.8.7 🙏
 2013-05-01 21:35:03 -03:00
Vasiliy Ermolovich
dceb788c6b fix OrderedHash initialization 2013-04-23 10:37:10 +03:00
Vasiliy Ermolovich
fae8e977e8 use ordered hash to fix tests on ruby 1.8 2013-04-22 22:42:49 +03:00
Carlos Antonio da Silva
b8c5d76c5a Merge pull request #2380 from vipulnsward/fix_warnings 
fix some warnings
 2013-04-19 15:53:43 -07:00
Vipul A M
b871bd5036 fix some warning 2013-04-19 19:08:20 +05:30