github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-15 01:38:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,993 Commits 28 Branches 145 Tags
v3.5.2
Commit Graph

354 Commits

Author SHA1 Message Date
Neil van Beinum
710496b6a8 Remove unnecessary line break on edit password page. 2015-08-06 18:21:34 +01:00
Feng Ye
4d89c709a5 redirect to after_resetting_password_path always 2015-07-10 20:01:42 +08:00
José Valim
b14995167b Do not mark _prefixes as protected 2015-05-26 09:53:38 +02:00
Carlos Antonio da Silva
868d3d82a0 Do a final pass removing spaces around square brackets 
Keep plataformatec guidelines and review tools happy.
Related to #3480.
 2015-03-13 13:59:19 -03:00
Dave Copeland
e1b9dc860f remove use of hide_action in favor of protected 
Rails 5 will [not have `hide_action` any longer](https://github.com/rails/rails/pull/18371/files), as the Rails convention is to not expose private or protected methods as actions, thus obviating the need for `hide_action`.

Presumably, there is code inheriting from `DeviseController` that is
calling these helpers, so they cannot be private, so protected seems to
be the only way to get Devise working with Rails 5.
 2015-03-01 15:05:20 -05:00
José Valim
893a0222ef Update new.html.erb 2015-02-14 10:59:01 +01:00
redbar0n
ee8c13435f Fix potential security leak in email reconfirmation flow 
Ref. bug/issue: https://github.com/plataformatec/devise/issues/3457
 2015-02-13 21:43:06 +01:00
Michael Borohovski
f0992e4a96 Added an option to not automatically sign in a user after a password reset. This is useful for cases where additional strategies might be needed (such as two-factor authentication, e.g.), or generally if it is considered a security risk to automatically log in a user after a password is reset. 2015-02-13 02:29:11 -08:00
Rodrigo Rosenfeld Rosas
c2fb80d4d9 Use Devise translations when inheriting from core controllers 
closes #3367
 2015-01-12 17:24:17 -02:00
George Millo
5bb479052c Remove local variable from RegistrationsController 2015-01-11 15:10:44 +00:00
Massimiliano
6c5323c574 Update devise_controller.rb 2015-01-07 14:46:02 -05:00
Massimiliano
c92ef26b94 Update find_message to accept scope 
This should still keep the devise lookup in the case that a customed scope is not passed as option, but if instead the custom scope is passed, then the find_message method will use it.

This is kind of useful, if i don't want overwrite the devise locale, and use different locale files, but keeping still the fallback of my devise locale.
 2015-01-06 21:06:09 -05:00
Carlos Antonio da Silva
bebf0ecbbe Simplify the logic to display the minimum password length hint 
There's no real need to pass 2 variables to the view to figure that out,
we can simply display the message relying on whether or not the
`@minimum_password_length` variable is present.
 2014-12-27 11:22:40 -02:00
Katee
d0a30d485d Moves minimum_password_length to DeviseController. 2014-12-16 16:14:32 -05:00
Katee
607bf70674 Shows min password length on edit password view. 2014-12-15 19:52:58 -05:00
David Rodríguez
1bbcc54026 Yield the resource in RegistrationsController#new 2014-11-19 09:32:51 +01:00
Mihai Târnovan
3902e0702c Yield the resource in SessionsController#new 2014-11-05 15:47:10 +02:00
Chaker Nakhli
8a7796aea9 Add ActiveSupport load hook for DeviseController 2014-10-28 13:41:55 +01:00
Sean Collins
cfe0dc1ee1 change class="fields" to class="field" to be same as rails scaffolding 2014-10-22 12:44:01 -04:00
Uday Singh
51263f995b updated confirmation views with the same formatting and added fields and actions to tag 2014-10-22 04:25:33 -04:00
Uday Singh
f9ca733e68 updated passwords views with proper formatting akin to scaffolding and classes for fields and actions 2014-10-22 04:23:51 -04:00
Uday Singh
9c221e2418 updated new.html.erb unlock views 2014-10-22 04:12:28 -04:00
Uday Singh
ef016b448e reformatted and updated sessions views with proper fields and action classes 2014-10-22 04:10:01 -04:00
Uday Singh
a5bab11321 reformatted fields, added fields and actions class like rails scaffolding, changed <i> html tag for updated <em> html5 tag 2014-10-22 04:08:33 -04:00
Hannah Briggs
f80ebea0e6 allow set_flash_message to set flash.now messages 2014-10-18 21:28:20 -07:00
Michael Ding
002b4c6c01 fix argument bug 
when `is_navigational_format?` returns false, Exception will be throw: 
ArgumentError (Nil location provided. Can't build URI.)
 2014-09-29 14:36:05 +08:00
Damir Svrtan
df9712bbe4 Rename links.erb to links.html.erb 2014-08-18 00:15:25 +02:00
alexsoble
c3fa8fabcf Restore password length message in case of error 2014-08-10 12:17:54 -04:00
alexsoble
fe015f5a54 Revert "Update routes to match 'sign up'/'log in', incorporate feedback from @carlosantoniodasilva" 
This reverts commit de2a24b3d3.
 2014-08-10 12:13:35 -04:00
alexsoble
de2a24b3d3 Update routes to match 'sign up'/'log in', incorporate feedback from @carlosantoniodasilva 2014-08-07 11:33:03 -04:00
alexsoble
67d8dd1e94 Replace 'Sign in' with 'Log in' in views, update tests 2014-08-06 13:32:02 -04:00
alexsoble
039b75ba83 Incorporated edits from @lucasmazza, wrote integration tests for password reminder feature 2014-08-06 11:04:46 -04:00
alexsoble
e65c26e1e7 Only display password length warning if validatable module is included 2014-08-05 10:22:47 -04:00
alexsoble
c38accd648 Tell new signups about minimum password length in registrations/new.html.erb 2014-08-04 15:53:40 -04:00
James Herdman
b64f165154 Silence Warning Regarding Use of Splat 
I was seeing the following in my console:

```
/home/vagrant/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/devise-3.2.4/app/controllers/devise_controller.rb:9: warning: `*' interpreted as argument prefix
/home/vagrant/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/devise-3.2.4/app/controllers/devise_controller.rb:10: warning: `*' interpreted as argument prefix
```

This change silences this warning.
 2014-07-11 15:06:56 -04:00
Lucas Mazza
8df6980c9e Update _prefixes override to work with Rails 4.2 2014-06-24 10:06:45 -03:00
David Henry
1e8e8516f0 Simplify access to router_name using the existing scope lookup. 2014-05-05 23:19:03 +01:00
David Henry
2dee54bc86 make the find_mapping! method return a mapping object 2014-05-03 22:41:32 +01:00
David Henry
23761aded2 Add find_mapping! method to return the router_name instead of overloading find_scope! 2014-05-03 22:37:21 +01:00
David Henry
e085526b6e Get the logic in the right order and fix variable naming (and run the tests) 2014-05-02 00:22:20 +01:00
David Henry
9e8371c293 Make after_sign_out_path_for and after_inactive_sign_up_path_for aware of router name if declared in devise_for declaration. 2014-05-01 23:49:46 +01:00
kento1218
d63b6b7b9d Fix Devise::ConfirmationsController#after_confirmation_path_for 
after_confirmation_path_for checks whether the user already signed in
by calling signed_in? after confirmation succeeded.
Since it was called without scope specification, the user treated as
signed in inappropriately when the user signed in as another resource
(such as 'admin').
 2014-04-28 20:44:00 +09:00
Weston Platter
0b096c961a remove new line to keep convention with other methods 2014-04-20 13:57:31 -06:00
Lauro Caetano
571dead19b Check if there is a signed in user before sign out. 
Only execute the `SessionsController#destroy` if there is a signed in
user, otherwise it will raise
`ActionController::InvalidAuthenticityToken`.

Fixes #2934.
 2014-04-09 10:25:44 -03:00
Daniel Pehrson
ce3ead6b5f Ensure registration controller block yields happen on failure in addition to success and closes #2936. 
Now with 100% more unit tests.
 2014-03-21 10:29:14 -04:00
Lucas Mazza
1eab594895 SessionsController#destroy no longer yields the resource object. 
If you need access to the current resource when overring the action
use the scope helper (like `current_user`) before calling `super`.

Closes #2926.
 2014-03-17 11:52:20 -03:00
Lucas Mazza
aea82d0b03 Update remaning 1.8 hash syntax. 2014-02-25 14:25:55 -03:00
Anshul Sharma
dc1b399a8b Updated ruby 1.9 hash syntax 2014-02-25 22:12:55 +05:30
rbsec
13b50d63ca Set autocomplete=off on all password inputs 2014-02-21 10:37:17 +00:00
Ezequiel Delpero
989071144e Adds yield around resource on devise controllers 
If you want to add a new behavior to your devise
controllers but you don't want to override devise's
default workflow, just pass a block around resource.

This would give you for example, the ability to
trigger background jobs after user signs in.
 2013-11-08 20:43:08 -03:00