github/devise
1
1
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2026-01-14 09:17:55 -05:00
Code Issues Packages Projects Releases Wiki Activity
3,374 Commits 28 Branches 145 Tags
v4.2.1
Commit Graph

376 Commits

Author SHA1 Message Date
Marc G Gauthier
8ee01fc10b Fix a minor typo in specs 
There is nothing much to this one, it's in the test description so it shouldn't impact a thing and will make this line more greppable.
 2016-08-11 09:56:45 +02:00
Stefan Botzenhart
cbbe932ee2 Fix authenticated engine routes (#4081) 
Fix infinite loop in authenticated engine routes in Rails 5

https://github.com/plataformatec/devise/issues/3705
 2016-05-21 11:55:56 -03:00
Matt Yanchek
85bcbdf18b Set minimum password length for edit and new views (#4068) 
* Set minimum password length for edit and new views

* Update edit.html.erb

* Update registerable_test.rb
 2016-05-05 17:16:41 -03:00
Lucas Mazza
536279b05b Replace homemade assert_not matcher in favor of refute. 2016-05-03 13:57:10 -03:00
Lucas Mazza
74ab3e9a05 Remove references to ActiveSupport::OrderedHash. 
We no longer support legacy rubies where hashes aren't ordered, so we don't need
to use this class for it.
 2016-05-03 13:48:42 -03:00
Lucas Mazza
13285d7ef3 Remove a few Ruby syntax warnings from the test suite. 2016-05-02 10:47:05 -03:00
Ulisses Almeida
1ddca80cee Set the new default of sign_out_via config 2016-05-01 12:44:40 -03:00
Ulisses Almeida
896521be73 Se the new default for skip_session_storage config 2016-05-01 12:44:40 -03:00
byzg
357ce9c3b5 Humanize authentication keys in failure flash message (#4014) 
Humanize and translates the authentication keys in failure flash message.
 2016-04-26 11:17:03 -03:00
Philipe Fatio
209b97d86b Remove upgrade path for old session format (#4032) 
This removes an upgrade path that migrated the old serialization format
to the new one introduced. This was introduced in c22d755 (#2300)
3 years ago and should no longer be needed.
 2016-04-26 11:10:55 -03:00
Ulisses Almeida
4a4b5ba196 Fix remember me always extending the period 
Now the config `extend_remember_period` is used to:

`true` - Every time the user authentication is validated, the
cookie expiration is updated.
`false` - Does not updates the cookie expiration.

Closes #3994
 2016-04-15 20:28:46 -03:00
José Valim
b97b3e6e3b Do not timeout if remember me is enabled 
Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2016-01-22 16:19:10 +01:00
José Valim
4ec7dc0f27 Store creation timestamp on remember cookies 
Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
 2016-01-18 15:17:25 +01:00
Thomas Walpole
302c4e43bd fix Rails 5 test 2015-12-15 10:32:24 -08:00
Thomas Walpole
2024fca4df Rails 5 compatability. Remove rails < 4.1 and Ruby < 2.1 2015-12-11 09:47:30 -08:00
Błażej Pankowiak
9f32f421a5 Allow skipping the timeoutable hook 2015-11-02 23:53:09 +01:00
Lucas Mazza
40258bf100 Remove the custom OmniAuth camelization on teardown. 2015-08-28 11:26:41 -03:00
Timo Schilling
f5e984c151 use OmniAuth::Utils.camelize 
This will display the provider name with the original camelization:
facebook => Facebook
github => GitHub
linkedin => LinkedIn
 2015-08-28 07:51:37 +02:00
David Rodríguez
4064641967 Remove obsolete expire_auth_token_on_timeout 
This should have been removed in dff7891b97
when token authentication (and the reset_authentication_token! method)
were removed.
 2015-07-11 09:01:22 -03:00
Michael Borohovski
f0992e4a96 Added an option to not automatically sign in a user after a password reset. This is useful for cases where additional strategies might be needed (such as two-factor authentication, e.g.), or generally if it is considered a security risk to automatically log in a user after a password is reset. 2015-02-13 02:29:11 -08:00
Dave Powers
63ae9701b4 Update casing of 'OmniAuth' to match that of official OmniAuth documentation 2014-11-14 14:45:09 -05:00
BM5k
b5713a8ddf add Rememerable#after_remembered callback 2014-11-08 16:39:24 -07:00
BM5k
6f88df3453 add test for after_database_authentication 2014-11-08 16:00:07 -07:00
Timo Schilling
6b0d11ed7a use authentication_keys in flash message, instead of static ‘username’ (fix #3201) 2014-09-23 18:42:11 +02:00
Paul A. Jungwirth
6e0c287391 All causes of failed login should have the same error message 2014-09-11 08:38:14 -07:00
Lucas Mazza
5d43d5f3bc ✂️ 2014-08-11 17:35:28 -03:00
Lucas Mazza
6207e03070 Merge pull request #3135 from alexsoble/master 
UX feature: heads-up for new users about minimum password length
 2014-08-11 17:34:41 -03:00
alexsoble
fe015f5a54 Revert "Update routes to match 'sign up'/'log in', incorporate feedback from @carlosantoniodasilva" 
This reverts commit de2a24b3d3.
 2014-08-10 12:13:35 -04:00
alexsoble
de2a24b3d3 Update routes to match 'sign up'/'log in', incorporate feedback from @carlosantoniodasilva 2014-08-07 11:33:03 -04:00
alexsoble
67d8dd1e94 Replace 'Sign in' with 'Log in' in views, update tests 2014-08-06 13:32:02 -04:00
alexsoble
039b75ba83 Incorporated edits from @lucasmazza, wrote integration tests for password reminder feature 2014-08-06 11:04:46 -04:00
Lucas Mazza
eb9db7ba3a Coerce time objects serialized as Strings before doing the timeoutable comparisons. 
The comparison only fails on Ruby 1.9.3, when we need to parse it properly back
to a Time instance.

Related to #2930.
 2014-08-05 14:58:27 -03:00
alexsoble
e65c26e1e7 Only display password length warning if validatable module is included 2014-08-05 10:22:47 -04:00
alexsoble
c38accd648 Tell new signups about minimum password length in registrations/new.html.erb 2014-08-04 15:53:40 -04:00
José Valim
eeb6060d9d Merge pull request #3054 from cheerfulstoic/devise-neo4j 
Changes to support devise-neo4j
 2014-06-06 21:08:28 +02:00
Brian Underwood
74f4442319 User Model.to_adapter directly as suggested by @josevalim 2014-06-06 08:35:42 -07:00
Brian Underwood
2174e4675e Use User and Admin orm_adapter adapter in tests to support other ORMs (neo4j, in this case) 2014-06-04 21:59:30 -07:00
Brian Underwood
65d7d1ba55 Change test to use acts_like? so that we can have DateTime fields 2014-05-28 22:17:07 -07:00
David Henry
426560a4db Attempt without adding engine to application 2014-05-08 00:46:19 +01:00
David Henry
b5da4e82d0 Add full tests around confirmation when using devise_for with router_name 2014-05-06 23:07:24 +01:00
David Henry
ceafc710ef Start adding tests to the engine routing tests. 2014-05-06 00:56:58 +01:00
kento1218
d63b6b7b9d Fix Devise::ConfirmationsController#after_confirmation_path_for 
after_confirmation_path_for checks whether the user already signed in
by calling signed_in? after confirmation succeeded.
Since it was called without scope specification, the user treated as
signed in inappropriately when the user signed in as another resource
(such as 'admin').
 2014-04-28 20:44:00 +09:00
Lauro Caetano
571dead19b Check if there is a signed in user before sign out. 
Only execute the `SessionsController#destroy` if there is a signed in
user, otherwise it will raise
`ActionController::InvalidAuthenticityToken`.

Fixes #2934.
 2014-04-09 10:25:44 -03:00
Lucas Mazza
da0c27393f Serialize the last_request_at entry as an Integer 
Pushing the `Time` object inside the session has inconsistencies
across different serializers and we should use a more primitive type
so we don't need any specific parsing logic for the JSON serializer.
 2014-03-28 22:51:56 -03:00
Oleg Pudeyev
47845e44a2 Chase language changes in tests 2014-03-03 10:15:33 -05:00
Anshul Sharma
dc1b399a8b Updated ruby 1.9 hash syntax 2014-02-25 22:12:55 +05:30
Vasiliy Ermolovich
49086d0294 remove warnings regarding number extensions 2014-01-04 18:54:19 +03:00
José Valim
3adeba38f5 Merge pull request #2763 from paulanunda/master 
Fixed small grammatical error in en.yml
 2013-12-09 21:50:20 -08:00
Erik Michaels-Ober
26e85c44e2 Removed use of gendered pronouns 2013-12-02 10:02:17 +01:00
Paul Anunda
43282f738e Fixed small grammatical error in en.yml 2013-11-28 10:29:50 -06:00