clearance 1.9.0 → 1.10.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 44710933cf74cc5856e2b54f9635c9ce57a3bccb
-  data.tar.gz: 922d68715caba09515eaf38755a4eaacbe84e29a
+  metadata.gz: f17291a4d13d462f49a5fc69684b8709714749aa
+  data.tar.gz: 30d2cbfaf5855833fa24c7c33b1d51bf50e7db25
 SHA512:
-  metadata.gz: 61008d6951aadac829026e458009b7eeeed0aa2fb7fbb814935656ab7e1ccec47bd81bab57430a50ea923d7fa9aee8ef94c418f432782898ec14b10499f1874c
-  data.tar.gz: 5bc31612cc5f8203052b0f8a7a6fee0c06da99a54f00890d2fd7f2a52b4746a885c46bc7dd24e675371f6fc689f3f5dfe7611faebfd4af04d310498028481e9e
+  metadata.gz: ee5ec1d2dd6d3790e53379b09da0b00654268ec650dc1b4fca1b7776c647d9ca34ddd0940d6fe0e4657619e1cc67d8546066bc31744c3d342954ed6a3a573cfb
+  data.tar.gz: 46ee3ac5bf3104289785a31bd935133d46325ef5da7c3827477fcd2fcc294569cbd992b58ba92765f7acf265ee5e90bec66f6908e06ac9b990bcaf67f858e46e

data/.travis.yml

@@ -6,8 +6,8 @@ language:
 rvm:
   - 1.9.3
   - 2.0.0
-  - 2.1.5
-  - 2.2.0
+  - 2.1.6
+  - 2.2.2
 
 install:
   - "travis_retry bin/setup"

data/CONTRIBUTING.md

@@ -1,4 +1,7 @@
-We love pull requests. Here's a quick guide:
+We love pull requests from everyone. By participating in this project, you agree
+to abide by the thoughtbot [code of conduct].
+
+[code of conduct]: https://thoughtbot.com/open-source-code-of-conduct
 
 1. Fork the repo.
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    clearance (1.9.0)
+    clearance (1.10.1)
       bcrypt
       email_validator (~> 1.4)
       rails (>= 3.1)
@@ -64,7 +64,7 @@ GEM
     coderay (1.1.0)
     database_cleaner (1.3.0)
     diff-lcs (1.2.5)
-    email_validator (1.5.0)
+    email_validator (1.6.0)
       activemodel
     erubis (2.7.0)
     factory_girl (4.5.0)
@@ -72,27 +72,25 @@ GEM
     factory_girl_rails (4.5.0)
       factory_girl (~> 4.5.0)
       railties (>= 3.0.0)
-    globalid (0.3.3)
+    globalid (0.3.5)
       activesupport (>= 4.1.0)
-    hike (1.2.3)
     i18n (0.7.0)
     json (1.8.2)
-    loofah (2.0.1)
+    loofah (2.0.2)
       nokogiri (>= 1.5.9)
     mail (2.6.3)
       mime-types (>= 1.16, < 3)
     method_source (0.8.2)
-    mime-types (2.4.3)
+    mime-types (2.5)
     mini_portile (0.6.2)
-    minitest (5.5.1)
-    multi_json (1.11.0)
+    minitest (5.6.1)
     nokogiri (1.6.6.2)
       mini_portile (~> 0.6.0)
     pry (0.10.1)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
-    rack (1.6.0)
+    rack (1.6.1)
     rack-test (0.6.3)
       rack (>= 1.0)
     rails (4.2.0)
@@ -108,11 +106,11 @@ GEM
       sprockets-rails
     rails-deprecated_sanitizer (1.0.3)
       activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.5)
+    rails-dom-testing (1.0.6)
       activesupport (>= 4.2.0.beta, < 5.0)
       nokogiri (~> 1.6.0)
       rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.1)
+    rails-html-sanitizer (1.0.2)
       loofah (~> 2.0)
     railties (4.2.0)
       actionpack (= 4.2.0)
@@ -140,19 +138,15 @@ GEM
     shoulda-matchers (2.8.0)
       activesupport (>= 3.0.0)
     slop (3.6.0)
-    sprockets (2.12.3)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
+    sprockets (3.1.0)
       rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
-    sprockets-rails (2.2.4)
+    sprockets-rails (2.3.1)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       sprockets (>= 2.8, < 4.0)
     sqlite3 (1.3.10)
     thor (0.19.1)
-    thread_safe (0.3.4)
-    tilt (1.4.1)
+    thread_safe (0.3.5)
     timecop (0.7.1)
     tzinfo (1.2.2)
       thread_safe (~> 0.1)

data/NEWS.md

@@ -3,6 +3,15 @@
 The noteworthy changes for each Clearance version are included here. For a
 complete changelog, see the git history.
 
+## [1.10.1] - May 15, 2015
+
+### Deprecated
+- All clearance-provided password strategies other than BCrypt have been
+  deprecated. You can continue to use those strategies without a deprecation
+  warning by adding `clearance-deprecated_password_strategies` to your Gemfile.
+
+[1.10.1]: https://github.com/thoughtbot/clearance/compare/v1.9.0...v1.10.1
+
 ## [1.9.0] - April 3, 2015
 
 ### Added
@@ -17,7 +26,6 @@ complete changelog, see the git history.
 - Change password template now contains "Change my password" link text to
   address an issue linking the URL in some mail clients.
 
-
 [1.9.0]: https://github.com/thoughtbot/clearance/compare/v1.8.1...v1.9.0
 
 ## [1.8.1] - March 3, 2015

data/README.md

@@ -155,7 +155,8 @@ See [app/controllers/clearance](/app/controllers/clearance) for the default
 behavior. Many protected methods were extracted in these controllers in an
 attempt to make overrides and hooks simpler.
 
-To override a Clearance controller, subclass it:
+To override a Clearance controller, subclass it and update the routes to
+point to your new controller (see the "Routes" section).
 
 ```ruby
 class PasswordsController < Clearance::PasswordsController
@@ -172,6 +173,7 @@ sessions#url_after_create
 sessions#url_for_signed_in_users
 users#url_after_create
 application#url_after_denied_access_when_signed_in
+application#url_after_denied_access_when_signed_out
 ```
 
 To override them all at once, change the global configuration of `redirect_url`.

data/app/views/layouts/application.html.erb

@@ -7,9 +7,9 @@
 <body>
   <div id="header">
     <% if signed_in? -%>
-      <%= button_to t('.sign_out'), sign_out_path, method: :delete %>
+      <%= button_to t(".sign_out"), sign_out_path, method: :delete %>
     <% else -%>
-      <%= link_to t('.sign_in'), sign_in_path %>
+      <%= link_to t(".sign_in"), sign_in_path %>
     <% end -%>
   </div>
 

data/app/views/passwords/create.html.erb

@@ -1,3 +1,3 @@
 <div id="clearance" class="password-reset">
-  <p><%= t '.description' %></p>
+  <p><%= t(".description") %></p>
 </div>

data/app/views/passwords/edit.html.erb

@@ -1,7 +1,7 @@
 <div id="clearance" class="password-reset">
-  <h2><%= t '.title' %></h2>
+  <h2><%= t(".title") %></h2>
 
-  <p><%= t '.description' %></p>
+  <p><%= t(".description") %></p>
 
   <%= form_for :password_reset,
         url: user_password_path(@user, token: @user.confirmation_token),

data/app/views/passwords/new.html.erb

@@ -1,7 +1,7 @@
 <div id="clearance" class="password-reset">
-  <h2><%= t '.title' %></h2>
+  <h2><%= t(".title") %></h2>
 
-  <p><%= t '.description' %></p>
+  <p><%= t(".description") %></p>
 
   <%= form_for :password, url: passwords_path do |form| %>
     <div class="text-field">

data/app/views/sessions/_form.html.erb

@@ -15,8 +15,8 @@
 
   <div class="other-links">
     <% if Clearance.configuration.allow_sign_up? %>
-      <%= link_to t('.sign_up'), sign_up_path %>
+      <%= link_to t(".sign_up"), sign_up_path %>
     <% end %>
-    <%= link_to t('.forgot_password'), new_password_path %>
+    <%= link_to t(".forgot_password"), new_password_path %>
   </div>
 <% end %>

data/app/views/sessions/new.html.erb

@@ -1,5 +1,5 @@
 <div id="clearance" class="sign-in">
-  <h2><%= t '.title' %></h2>
+  <h2><%= t(".title") %></h2>
 
   <%= render partial: '/sessions/form' %>
 

data/app/views/users/new.html.erb

@@ -1,5 +1,5 @@
 <div id="clearance" class="sign-up">
-  <h2><%= t('.title') %></h2>
+  <h2><%= t(".title") %></h2>
 
   <%= form_for @user do |form| %>
     <%= render partial: '/users/form', object: form %>
@@ -9,7 +9,7 @@
     </div>
 
     <div class="other-links">
-      <%= link_to t('.sign_in'), sign_in_path %>
+      <%= link_to t(".sign_in"), sign_in_path %>
     </div>
   <% end %>
 </div>

data/lib/clearance/password_strategies/bcrypt_migration_from_sha1.rb

@@ -1,6 +1,13 @@
 module Clearance
   module PasswordStrategies
     module BCryptMigrationFromSHA1
+      DEPRECATION_MESSAGE = "[DEPRECATION] The BCryptMigrationFromSha1 " \
+        "password strategy has been deprecated and will be removed from " \
+        "Clearance 2.0. BCrypt is the only officially supported strategy, " \
+        "though you are free to provide your own. To continue using this " \
+        "strategy, add clearance-deprecated_password_strategies to your " \
+        "Gemfile."
+
       class BCryptUser
         include Clearance::PasswordStrategies::BCrypt
 
@@ -22,10 +29,12 @@ module Clearance
       end
 
       def authenticated?(password)
+        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
         authenticated_with_sha1?(password) || authenticated_with_bcrypt?(password)
       end
 
       def password=(new_password)
+        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
         @password = new_password
         BCryptUser.new(self).password = new_password
       end

data/lib/clearance/password_strategies/blowfish.rb

@@ -4,11 +4,19 @@ require 'base64'
 module Clearance
   module PasswordStrategies
     module Blowfish
+      DEPRECATION_MESSAGE = "[DEPRECATION] The Blowfish password strategy " \
+        "has been deprecated and will be removed from Clearance 2.0. BCrypt " \
+        "is the only officially supported strategy, though you are free to " \
+        "provide your own. To continue using this strategy add " \
+        "clearance-deprecated_password_strategies to your Gemfile."
+
       def authenticated?(password)
+        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
         encrypted_password == encrypt(password)
       end
 
       def password=(new_password)
+        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
         @password = new_password
         initialize_salt_if_necessary
 

data/lib/clearance/password_strategies/sha1.rb

@@ -3,13 +3,21 @@ module Clearance
     module SHA1
       require 'digest/sha1'
 
+      DEPRECATION_MESSAGE = "[DEPRECATION] The SHA1 password strategy " \
+        "has been deprecated and will be removed from Clearance 2.0. BCrypt " \
+        "is the only officially supported strategy, though you are free to " \
+        "provide your own. To continue using this strategy add " \
+        "clearance-deprecated_password_strategies to your Gemfile."
+
       extend ActiveSupport::Concern
 
       def authenticated?(password)
+        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
         encrypted_password == encrypt(password)
       end
 
       def password=(new_password)
+        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
         @password = new_password
         initialize_salt_if_necessary
 

data/lib/clearance/version.rb

@@ -1,3 +1,3 @@
 module Clearance
-  VERSION = "1.9.0"
+  VERSION = "1.10.1"
 end

data/spec/password_strategies/bcrypt_migration_from_sha1_spec.rb

@@ -2,6 +2,12 @@ require "spec_helper"
 include FakeModelWithPasswordStrategy
 
 describe Clearance::PasswordStrategies::BCryptMigrationFromSHA1 do
+  around do |example|
+    silence_warnings do
+      example.run
+    end
+  end
+
   describe "#password=" do
     it "encrypts the password into a BCrypt-encrypted encrypted_password" do
       stub_bcrypt_password

data/spec/password_strategies/blowfish_spec.rb

@@ -2,6 +2,12 @@ require "spec_helper"
 include FakeModelWithPasswordStrategy
 
 describe Clearance::PasswordStrategies::Blowfish do
+  around do |example|
+    silence_warnings do
+      example.run
+    end
+  end
+
   describe "#password=" do
     context "when the password is set" do
       it "does not initialize the salt" do

data/spec/password_strategies/sha1_spec.rb

@@ -2,6 +2,12 @@ require "spec_helper"
 include FakeModelWithPasswordStrategy
 
 describe Clearance::PasswordStrategies::SHA1 do
+  around do |example|
+    silence_warnings do
+      example.run
+    end
+  end
+
   describe "#password=" do
     context "when the salt is set" do
       it "does not initialize the salt when assigned" do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: clearance
 version: !ruby/object:Gem::Version
-  version: 1.9.0
+  version: 1.10.1
 platform: ruby
 authors:
 - Dan Croak
@@ -25,7 +25,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-03 00:00:00.000000000 Z
+date: 2015-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt