github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-13 08:48:00 -05:00
Code Issues Packages Projects Releases Wiki Activity
3,318 Commits 28 Branches 145 Tags
v4.2.0
Commit Graph

1744 Commits

Author SHA1 Message Date
Lucas Mazza
e05523f767 Prepare for 4.2.0 release. 2016-07-01 14:15:14 -03:00
Lucas Mazza
b1508e93e1 Properly check for authentication_keys or encrypted_password changes when clearing the reset password token 
This change is required to better support scenarios where records don't have
an `encrypted_password` column and the password is managed elsewhere (LDAP, for instance).

The move from `email_changed?` to loop through the `authentication_keys` is also
useful to support edge cases where users can authenticate with different attributes
besides their email.

Closes #3624.
 2016-07-01 14:08:38 -03:00
Lucas Mazza
a20cca6873 Fix IllegalStateError for controller tests with custom strategies. 2016-06-27 16:43:57 -03:00
Lucas Mazza
c2c74b0a39 Use ActiveSupport.on_load to hook into Active Record and Mongoid. 2016-06-27 14:55:22 -03:00
Lucas Mazza
783234c72a Merge pull request #4153 from krishandley/fix_env_deprecation_warning 
Fix Rails 5 env deprecation warning
 2016-06-27 14:44:49 -03:00
HAMADA Takayuki
bb44d422d6 not signed_in 302 redirect failed on Rails5 RC2 2016-06-26 06:02:58 +09:00
Kris Handley
0c991af985 Fix Rails 5 env deprecation warning 
Full warning ```DEPRECATION WARNING: env is deprecated and will be removed from Rails 5.1```
 2016-06-18 14:20:08 +01:00
Arne Zeising
ac702843dd Change behavior to skip reconfirmation after creating a record with #save called in callback (#4125) 
https://github.com/plataformatec/devise/pull/4125
 2016-06-13 17:57:24 -03:00
Kostas Diamantis
4015488b90 Add missing support of Rails.application.config.action_controller.relative_url_root (#4146) 
* Add Devise::FailureApp#{relative_url_root, relative_url_root?}

Also support missing action_controller.relative_url_root configuration.

* Dry assignment of relative_url_root

Also this commit adds support for
Rails.application.config.action_controller.relative_url_root
 2016-06-13 15:46:43 -03:00
Lucas Mazza
3fa0afad67 Merge pull request #4148 from jamescook/james/remove-session-inspect 
Remove unnecessary 'warden.raw_session.inspect'
 2016-06-13 11:33:33 -03:00
James Cook
c3b54dc0c2 Remove unnecessary 'warden.raw_session.inspect' 2016-06-10 20:14:11 -05:00
Tim Krajcar
a0232cf763 Implement Devise::Models::Authenticatable#inspect, re-using #serializable_hash. 2016-06-03 15:54:58 -07:00
Stefan Botzenhart
cbbe932ee2 Fix authenticated engine routes (#4081) 
Fix infinite loop in authenticated engine routes in Rails 5

https://github.com/plataformatec/devise/issues/3705
 2016-05-21 11:55:56 -03:00
Lucas Mazza
4924dd68ae Raise a more informative error when request.env['warden'] is nil. 
Previously, a `NoMethodError` exception would be raised from here when the
middleware stack isn't present and Warden wasn't injected as expected
(like in a controller test). To foolproof ourselves, we now raise a more
informative error when `request.env['warden']` is `nil` so developers can
figure this out on their own instead of reaching to the issue tracker for
guidance.
 2016-05-16 15:23:25 -03:00
Lucas Mazza
b5a5bae09c Tidy up ControllerHelpers implementation a bit. 2016-05-15 19:55:24 -03:00
Lucas Mazza
e757543323 Revisit docs on test helpers on README.md 2016-05-15 19:47:42 -03:00
Lucas Mazza
7b000390a0 Add Devise::Test::IntegrationHelpers. 2016-05-15 19:36:41 -03:00
Lucas Mazza
3f3ec236bb Move Devise::TestHelpers to Devise::Test::ControllerHelpers. 2016-05-15 19:36:41 -03:00
Lucas Mazza
d1f8884ee6 Merge pull request #4105 from giedriusr/features/update_example_in_authenticatable 
Update example code in authenticatable model
 2016-05-15 11:49:02 -03:00
Ralin Chimev
9caf07dd4f Fix overwriting the remember_token when a valid one already exists (#4101) 
The remember_token should not get overwritten when a user is
signing in and a valid token already exists.

Fixes #3950.
 2016-05-15 11:48:12 -03:00
Ulisses Almeida
2044fffa25 Deprecate the bypass option of sign_in (#4078) 
The sign_in method permits the bypass option
that ignore the others options used. This behavior
has lead some users to a misconfusion what the
method really does.

This change deprecate the bypass option in favor
of a method that only does the sign in with bypass.

Closes #3981
 2016-05-15 11:46:48 -03:00
Giedrius Rimkus
2e442d81f7 Update example code in authenticatable model 2016-05-12 15:47:04 +03:00
Maarten van Vliet
8286325fd0 Remove reference to Rails 3.2 in post-install text (#4094) 2016-05-08 13:41:46 -03:00
Lucas Mazza
db8e247aa5 Document reload_routes on the app file template. 2016-05-05 17:23:05 -03:00
Lucas Mazza
e01fdba557 Merge pull request #4053 from sidonath/make-route-reloading-configurable 
Make reloading of routes optional
 2016-05-05 17:18:43 -03:00
Lucas Mazza
201a4f92c2 Remove deprecated Devise::Models::Recoverable#after_password_reset method. 2016-05-03 18:33:08 -03:00
Lucas Mazza
71f90c0d6e Remove deprecated Devise::Models::Recoverable#reset_password! method. 2016-05-03 18:33:08 -03:00
Lucas Mazza
26e22d8e95 Remove deprecated Devise::Models::Confirmable#confirm! method. 2016-05-03 18:33:08 -03:00
Lucas Mazza
9805728964 Remove deprecated Devise.bcrypt method. 2016-05-03 18:32:56 -03:00
Lucas Mazza
f64022a57b Remove deprecated OmniAuth URL helpers. 2016-05-03 18:32:56 -03:00
Lucas Mazza
e79201aef8 Remove deprecated ParameterSanitizer API. 2016-05-03 18:32:47 -03:00
Lucas Mazza
031351224a Remove usage of ActiveSupport::Dependencies 3.x API. 2016-05-03 13:52:33 -03:00
Lucas Mazza
74ab3e9a05 Remove references to ActiveSupport::OrderedHash. 
We no longer support legacy rubies where hashes aren't ordered, so we don't need
to use this class for it.
 2016-05-03 13:48:42 -03:00
Ulisses Almeida
1bc9ebd7de Release 4.1.0 2016-05-02 23:51:49 -03:00
ALLEN WANG QIANG
78bbf6dcc4 Send on create confirmation email after commit (#4064) 
Call send_on_create_confirmation_instructions in after_commit instead of after_create, I think this is no harm in general and it makes things like async job work.

Fix #4062
 2016-05-02 21:32:14 -03:00
Justin Bull
3226ab16c1 Extract list of both strategies into class constant 2016-05-02 14:22:09 -04:00
Justin Bull
7346ce709a 🪲 Fix strategy checking in #unlock_strategy_enabled? for :none and undefined strategies 
A bug that if the unlock strategy was set to `:both`, it would return true for all & any inputs

See #4072
 2016-05-01 13:56:12 -04:00
Ulisses Almeida
91ef42dc0a Remove remaining code of setup deprecation warning 
Since all configurations are using the current
recomended defaults. We can remove this deprecation
warning for Devise 4.1.
 2016-05-01 12:44:40 -03:00
Ulisses Almeida
1ddca80cee Set the new default of sign_out_via config 2016-05-01 12:44:40 -03:00
Ulisses Almeida
896521be73 Se the new default for skip_session_storage config 2016-05-01 12:44:40 -03:00
Ulisses Almeida
6e419ce821 Set the new default for reconfirmable config 2016-05-01 12:44:40 -03:00
Ulisses Almeida
93df02f601 Set the new default for strip_whitespace_keys config 2016-05-01 12:44:40 -03:00
José Valim
fdd9337b64 Merge pull request #4066 from sbc100/friendly_token 
Friendly token
 2016-04-30 10:03:04 +02:00
Lucas Mazza
2040b021e1 Extend the deprecation horizon for the ParameterSanitizer and the OmniAuth helpers. 2016-04-29 16:20:01 -03:00
Sam Clegg
d122faf410 Use friendly_token over token_generator when only raw value is needed 
The first value returned by token_generator.generate is
simply the return value of friendly_token so this code should
be equivalent.

The use of token_generator here dates back to when the
confirmation_token was stored as a digest, but that is no
longer true.
 2016-04-27 10:44:15 -04:00
Sam Clegg
eaa4713e22 Consistent use of save method 2016-04-26 15:16:13 -04:00
byzg
357ce9c3b5 Humanize authentication keys in failure flash message (#4014) 
Humanize and translates the authentication keys in failure flash message.
 2016-04-26 11:17:03 -03:00
kimgb
830d3e86ee updated email_regexp and added test cases (#4001) 
Add a more permissive default e-mail regex.
 2016-04-26 11:13:07 -03:00
Philipe Fatio
209b97d86b Remove upgrade path for old session format (#4032) 
This removes an upgrade path that migrated the old serialization format
to the new one introduced. This was introduced in c22d755 (#2300)
3 years ago and should no longer be needed.
 2016-04-26 11:10:55 -03:00
Ulisses Almeida
4da955d9cd Release 4.0.1 2016-04-25 17:06:05 -03:00