Merge pull request #1750 from 0x000000/v1.0

Added ability to override redirect_to path after sending reset password ...

app/controllers/passwords_controller.rb

@@ -14,7 +14,7 @@ class PasswordsController < ApplicationController
 
     if resource.errors.empty?
       set_flash_message :notice, :send_instructions
-      redirect_to new_session_path(resource_name)
+      redirect_to after_sending_reset_password_instructions_path_for(resource_name)
     else
       render_with_scope :new
     end
@@ -38,4 +38,10 @@ class PasswordsController < ApplicationController
       render_with_scope :edit
     end
   end
+
+  protected
+
+  def after_sending_reset_password_instructions_path_for(resource_name)
+    new_session_path(resource_name)
+  end
 end

lib/devise.rb

@@ -72,6 +72,10 @@ module Devise
   # Email regex used to validate email formats. Adapted from authlogic.
   EMAIL_REGEX = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
 
+  # Custom domain for cookies. Not set by default
+  mattr_accessor :cookie_options
+  @@cookie_options = {}
+
   # Used to encrypt password. Please generate one with rake secret.
   mattr_accessor :pepper
   @@pepper = nil

lib/devise/hooks/rememberable.rb

@@ -11,11 +11,13 @@ Warden::Manager.prepend_after_authentication do |record, warden, options|
      warden.authenticated?(scope) && record.respond_to?(:remember_me!)
     record.remember_me!
 
-    warden.response.set_cookie "remember_#{scope}_token", {
+    cookie_options = {
       :value => record.class.serialize_into_cookie(record),
       :expires => record.remember_expires_at,
       :path => "/"
-    }
+    }.merge record.cookie_options
+
+    warden.response.set_cookie "remember_#{scope}_token", cookie_options
   end
 end
 
@@ -30,4 +32,4 @@ Warden::Manager.before_logout do |record, warden, options|
     record.forget_me! unless record.frozen?
     warden.response.delete_cookie "remember_#{scope}_token", :path => "/"
   end
-end
+end

lib/devise/models/rememberable.rb

@@ -19,6 +19,9 @@ module Devise
     #                 time for the cookie created to remember the user.
     #                 By default remember_for is 2.weeks.
     #
+    #   cookie_options: configuration options passed to the created cookie.
+    #
+    #
     # Examples:
     #
     #   User.find(1).remember_me!  # regenerating the token
@@ -72,6 +75,10 @@ module Devise
         remember_created_at + self.class.remember_for
       end
 
+      def cookie_options
+        self.class.cookie_options
+      end
+
       module ClassMethods
         # Create the cookie key using the record id and remember_token
         def serialize_into_cookie(record)
@@ -85,7 +92,7 @@ module Devise
           record if record.try(:valid_remember_token?, record_token)
         end
 
-        Devise::Models.config(self, :remember_for)
+        Devise::Models.config(self, :remember_for, :cookie_options)
       end
     end
   end

test/integration/rememberable_test.rb

@@ -20,6 +20,13 @@ class RememberMeTest < ActionController::IntegrationTest
     assert_not_nil user.reload.remember_token
   end
 
+  test 'cookie_options should be applied to cookies' do
+    swap Devise, :cookie_options => { :value => 'dont-do-that' } do
+      user = sign_in_as_user :remember_me => true
+      assert_equal 'dont-do-that', cookies['remember_user_token']
+    end
+  end
+
   test 'remember the user before sign in' do
     user = create_user_and_remember
     get users_path