github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-21 04:38:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,794 Commits 28 Branches 145 Tags
v3.4.1
Commit Graph

286 Commits

Author SHA1 Message Date
James Kiesel
c1864663aa Localize confirmable tests 2014-10-21 02:28:58 +13:00
Lucas Mazza
8e5c098e3a Merge pull request #3153 from plataformatec/lm-rails-4-2 
Rails 4.2 compatibility
 2014-10-03 14:07:59 -03:00
Lucas Mazza
1d8890b773 Merge branch 'master' into lm-rails-4-2 2014-10-03 09:41:23 -03:00
Lucas Mazza
8b15184a25 Use the last_attempt_warning configuration with the lockable unauthenticated_message message. 
This configuration was added in #2687 but it was never used in the real code that
defines what message should be used by the app.
 2014-10-02 18:50:48 -03:00
Lucas Mazza
ed109ac3d5 Merge swap usage into a single method call. 2014-10-02 18:42:46 -03:00
Lucas Mazza
7eeaac9db1 Merge branch 'master' into lm-rails-4-2 2014-09-29 17:30:30 -03:00
Lucas Mazza
39ed332299 Ensure that we sanitize any AC::Parameters in find_or_initialize_with_errors. 
As we are already slicing the Hash, we must be sure that this method will send
 a "safe" object down to the other finder methods that will use the Hash entries
 to do the querying.
 2014-09-18 18:21:05 -03:00
Lucas Mazza
716d128e27 Restore global allow_unconfirmed_access_for after test 2014-09-08 17:38:06 -03:00
alexsoble
039b75ba83 Incorporated edits from @lucasmazza, wrote integration tests for password reminder feature 2014-08-06 11:04:46 -04:00
Lucas Mazza
08d8591dfd Merge pull request #3038 from kushkella/non-bang-method-trackable 
added non-bang version of update_tracked_fields
 2014-05-24 00:58:06 -03:00
Kush Kella
dd56dc7da6 added test for update_tracked_fields method 2014-05-22 11:11:13 -07:00
randoum
4ee2402cd7 lock_access! better failure message 2014-05-16 06:02:11 +08:00
randoum
d8ee3e49cb lock_access! better failure message 2014-05-16 05:57:18 +08:00
Lauro Caetano
f7fdde1ab0 Add the invalidate_all_sessions_on_logout configuration to invalidate 
all the remember me tokens when the user signs out.
 2014-04-04 16:17:26 -03:00
Karl Entwistle
de57ef83fb Find a resource based off its encrypted reset_password_token 2014-03-31 14:58:52 +01:00
Anshul Sharma
dc1b399a8b Updated ruby 1.9 hash syntax 2014-02-25 22:12:55 +05:30
Tobin Juday
2ba8275dcc Fix off-by-one error in Lockable module 
When using the maximum_attempts config, Devise actually let you fail n
+ 1 times, not n times.

See https://github.com/plataformatec/devise/issues/2825 for details.
 2014-01-06 23:51:45 -05:00
Moises Vargas M
be236fa6dd lock_access! without sending email 2013-12-24 11:51:24 -05:00
Erik Michaels-Ober
3f03ec02ad Cleanup trailing whitespace 2013-12-05 09:03:32 +01:00
Erik Michaels-Ober
26e85c44e2 Removed use of gendered pronouns 2013-12-02 10:02:17 +01:00
Rodrigo Navarro
3e3a3ad102 Small typo. 2013-11-28 09:00:59 -02:00
Lucas Mazza
bf5bcd52cb Bring password_digest back. 
This method is part of the protected API and is used by custom
encryption engines (like `devise-encryptable`) to hook the custom
encryption logic in the models.

Fixes #2730
 2013-11-08 16:22:31 -02:00
Vitaly Bezkrovny
bb810cfb8f * show message for last attempt, not for one-before-last one; 
* update test to check the message :invalid, :last_attempt, :locked
 2013-10-22 00:43:56 +03:00
Jay Hayes
4861436298 Prevent mutation of orig values during case and wspace sanitizations 2013-10-21 13:21:05 +02:00
Vitaly Bezkrovny
e20e446cf4 + last_attempt 
+ @@last_attempt_warning

+ last_attempt? method;
* send :last_attempt key if it is the last attempt

+ test for last attempt

* update test to make two asserts

* update message
 2013-10-15 01:53:56 +03:00
Vipul A M
ae6a37f796 Cleanup tests for unused variables 2013-09-15 01:52:53 +05:30
José Valim
6b3b0c5e8c Remove deprecated token lookups 2013-09-02 19:23:15 -03:00
José Valim
dff7891b97 Get rid of token authentication 2013-09-02 19:15:47 -03:00
José Valim
605924a921 Add a test related to remember token generation 2013-08-19 20:48:36 +02:00
José Valim
354e5022bf Only allow insecure token lookup if a flag is given 2013-08-06 11:55:13 +02:00
José Valim
143794d701 Use HMAC on tokens stored in the DB 2013-08-05 18:56:07 +02:00
José Valim
c4d5a3fdaa No need to assert for a message we won't receive 2013-07-26 10:00:09 +02:00
José Valim
11a77055f1 Merge pull request #2525 from jetthoughts/timeoutable-without-rememberable 
Fixed checking for rememberable in timeoutable
 2013-07-26 00:58:09 -07:00
Michael Nikitochkin
fffbeb5cc7 Fixed bug when user has field remember_created_at but the module rememberable is not enabled for the user 2013-07-26 10:20:29 +03:00
Siarhei Hanchuk
b7bc8dec12 Added method after_confrimation 2013-07-23 14:19:58 +03:00
José Valim
da0323e591 Merge pull request #2419 from plataformatec/issue-2418 
set error to the field specified in unlock_keys config
 2013-07-08 23:52:19 -07:00
José Valim
061e9d7404 Merge pull request #2475 from tkhr/enable_skipping_reconfirmation_notification_but_regenerate_confirmation_token_2 
Enable to skip sending reconfirmation email when reconfirmable is on and skip_confirmation_notification! is invoked
 2013-07-08 23:51:42 -07:00
Takehiro Adachi
df2995ce19 Enable to skip sending reconfirmation email when skip_confirmation_notification! is invoked 
We could always generate a confirmation token but not sending a
confirmation email by invoking the skip_confirmation_notification!
method when creating the account.
But there were no way to do that when we were turning on reconfirmable
and updating email.
 2013-06-20 08:21:54 +09:00
José Valim
72cf2481b5 Rename ParamFilter to ParameterFilter for consistency 2013-06-19 09:17:54 +02:00
Steve Slotnick
b194882b23 Renaming get_or_create_*_token to ensure_*_token to match API in token authenticatable 2013-06-12 15:10:14 -07:00
Steve Slotnick
b5909f9b93 changing name from *_token! to get_or_create_*_token 2013-06-11 14:14:17 -07:00
Steve Slotnick
3c9cfa50c0 Adding publicly available methods on Recoverable and Confirmable to retrieve tokens 2013-06-10 19:17:19 -07:00
Kramer Campbell
17e85aa79d Avoid sending confirmations to blank emails. 
At times, validations may be skipped and no email address may be
provided. Such an instance comes when testing uniqueness validations of
specific attributes in a Devise model with confirmable, especially when
using Shoulda matchers.
 2013-05-22 19:48:06 -07:00
Vasiliy Ermolovich
dd7c3ee91f set error to the field specified in unlock_keys config 
closes #2418
 2013-05-14 17:41:47 +03:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
José Valim
e499fadf52 Use persisted? in order to check if the record was destoryed or not 2013-05-07 08:55:30 -06:00
José Valim
5ad122b928 Fix build for mongoid 2013-05-07 08:47:18 -06:00
José Valim
03f2a6a5e4 Merge pull request #2392 from michiel3/master 
Add destroy_with_password method
 2013-05-07 07:11:47 -07:00
Carlos Antonio da Silva
69f79ad446 Let Devise play with both Rails 3.2 and Rails 4 for now 2013-05-05 19:55:06 -03:00
Victor Cruz Dueñas
d6d61fc5be Adding tests for case_insensitive_keys and strip_whitespace_keys to param filter 2013-05-05 01:02:48 +02:00