RubyGems - cloudfoundry-devise - Versions diffs - 1.5.2 - Mend

cloudfoundry-devise 1.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (210) hide show

data/.gitignore +12 -0
data/.travis.yml +13 -0
data/CHANGELOG.rdoc +755 -0
data/Gemfile +35 -0
data/MIT-LICENSE +20 -0
data/README.rdoc +366 -0
data/Rakefile +34 -0
data/app/controllers/devise/confirmations_controller.rb +46 -0
data/app/controllers/devise/omniauth_callbacks_controller.rb +26 -0
data/app/controllers/devise/passwords_controller.rb +50 -0
data/app/controllers/devise/registrations_controller.rb +114 -0
data/app/controllers/devise/sessions_controller.rb +49 -0
data/app/controllers/devise/unlocks_controller.rb +34 -0
data/app/helpers/devise_helper.rb +25 -0
data/app/mailers/devise/mailer.rb +15 -0
data/app/views/devise/confirmations/new.html.erb +12 -0
data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
data/app/views/devise/passwords/edit.html.erb +16 -0
data/app/views/devise/passwords/new.html.erb +12 -0
data/app/views/devise/registrations/edit.html.erb +25 -0
data/app/views/devise/registrations/new.html.erb +18 -0
data/app/views/devise/sessions/new.html.erb +17 -0
data/app/views/devise/shared/_links.erb +25 -0
data/app/views/devise/unlocks/new.html.erb +12 -0
data/cloudfoundry-devise.gemspec +25 -0
data/config/locales/en.yml +59 -0
data/lib/devise.rb +453 -0
data/lib/devise/controllers/helpers.rb +260 -0
data/lib/devise/controllers/internal_helpers.rb +161 -0
data/lib/devise/controllers/rememberable.rb +52 -0
data/lib/devise/controllers/scoped_views.rb +33 -0
data/lib/devise/controllers/shared_helpers.rb +26 -0
data/lib/devise/controllers/url_helpers.rb +53 -0
data/lib/devise/delegator.rb +16 -0
data/lib/devise/encryptors/authlogic_sha512.rb +19 -0
data/lib/devise/encryptors/base.rb +20 -0
data/lib/devise/encryptors/clearance_sha1.rb +17 -0
data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
data/lib/devise/encryptors/sha1.rb +25 -0
data/lib/devise/encryptors/sha512.rb +25 -0
data/lib/devise/failure_app.rb +149 -0
data/lib/devise/hooks/activatable.rb +11 -0
data/lib/devise/hooks/forgetable.rb +9 -0
data/lib/devise/hooks/rememberable.rb +6 -0
data/lib/devise/hooks/timeoutable.rb +24 -0
data/lib/devise/hooks/trackable.rb +9 -0
data/lib/devise/mailers/helpers.rb +86 -0
data/lib/devise/mapping.rb +175 -0
data/lib/devise/models.rb +91 -0
data/lib/devise/models/authenticatable.rb +181 -0
data/lib/devise/models/confirmable.rb +220 -0
data/lib/devise/models/database_authenticatable.rb +122 -0
data/lib/devise/models/encryptable.rb +72 -0
data/lib/devise/models/lockable.rb +169 -0
data/lib/devise/models/omniauthable.rb +23 -0
data/lib/devise/models/recoverable.rb +136 -0
data/lib/devise/models/registerable.rb +21 -0
data/lib/devise/models/rememberable.rb +114 -0
data/lib/devise/models/serializable.rb +43 -0
data/lib/devise/models/timeoutable.rb +45 -0
data/lib/devise/models/token_authenticatable.rb +72 -0
data/lib/devise/models/trackable.rb +30 -0
data/lib/devise/models/validatable.rb +62 -0
data/lib/devise/modules.rb +30 -0
data/lib/devise/omniauth.rb +28 -0
data/lib/devise/omniauth/config.rb +45 -0
data/lib/devise/omniauth/url_helpers.rb +33 -0
data/lib/devise/orm/active_record.rb +44 -0
data/lib/devise/orm/mongoid.rb +31 -0
data/lib/devise/param_filter.rb +41 -0
data/lib/devise/path_checker.rb +18 -0
data/lib/devise/rails.rb +73 -0
data/lib/devise/rails/routes.rb +385 -0
data/lib/devise/rails/warden_compat.rb +120 -0
data/lib/devise/schema.rb +109 -0
data/lib/devise/strategies/authenticatable.rb +155 -0
data/lib/devise/strategies/base.rb +15 -0
data/lib/devise/strategies/database_authenticatable.rb +21 -0
data/lib/devise/strategies/rememberable.rb +53 -0
data/lib/devise/strategies/token_authenticatable.rb +57 -0
data/lib/devise/test_helpers.rb +90 -0
data/lib/devise/version.rb +3 -0
data/lib/generators/active_record/devise_generator.rb +71 -0
data/lib/generators/active_record/templates/migration.rb +29 -0
data/lib/generators/active_record/templates/migration_existing.rb +26 -0
data/lib/generators/devise/devise_generator.rb +22 -0
data/lib/generators/devise/install_generator.rb +24 -0
data/lib/generators/devise/orm_helpers.rb +31 -0
data/lib/generators/devise/views_generator.rb +98 -0
data/lib/generators/mongoid/devise_generator.rb +60 -0
data/lib/generators/templates/README +32 -0
data/lib/generators/templates/devise.rb +215 -0
data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +19 -0
data/lib/generators/templates/simple_form_for/passwords/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +22 -0
data/lib/generators/templates/simple_form_for/registrations/new.html.erb +17 -0
data/lib/generators/templates/simple_form_for/sessions/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +15 -0
data/test/controllers/helpers_test.rb +254 -0
data/test/controllers/internal_helpers_test.rb +96 -0
data/test/controllers/sessions_controller_test.rb +16 -0
data/test/controllers/url_helpers_test.rb +59 -0
data/test/delegator_test.rb +19 -0
data/test/devise_test.rb +72 -0
data/test/encryptors_test.rb +30 -0
data/test/failure_app_test.rb +207 -0
data/test/generators/active_record_generator_test.rb +47 -0
data/test/generators/devise_generator_test.rb +39 -0
data/test/generators/install_generator_test.rb +13 -0
data/test/generators/mongoid_generator_test.rb +23 -0
data/test/generators/views_generator_test.rb +52 -0
data/test/helpers/devise_helper_test.rb +51 -0
data/test/indifferent_hash.rb +33 -0
data/test/integration/authenticatable_test.rb +590 -0
data/test/integration/confirmable_test.rb +262 -0
data/test/integration/database_authenticatable_test.rb +82 -0
data/test/integration/http_authenticatable_test.rb +82 -0
data/test/integration/lockable_test.rb +212 -0
data/test/integration/omniauthable_test.rb +133 -0
data/test/integration/recoverable_test.rb +287 -0
data/test/integration/registerable_test.rb +335 -0
data/test/integration/rememberable_test.rb +158 -0
data/test/integration/timeoutable_test.rb +98 -0
data/test/integration/token_authenticatable_test.rb +148 -0
data/test/integration/trackable_test.rb +92 -0
data/test/mailers/confirmation_instructions_test.rb +95 -0
data/test/mailers/reset_password_instructions_test.rb +83 -0
data/test/mailers/unlock_instructions_test.rb +77 -0
data/test/mapping_test.rb +128 -0
data/test/models/confirmable_test.rb +334 -0
data/test/models/database_authenticatable_test.rb +167 -0
data/test/models/encryptable_test.rb +67 -0
data/test/models/lockable_test.rb +225 -0
data/test/models/recoverable_test.rb +198 -0
data/test/models/rememberable_test.rb +168 -0
data/test/models/serializable_test.rb +38 -0
data/test/models/timeoutable_test.rb +42 -0
data/test/models/token_authenticatable_test.rb +49 -0
data/test/models/trackable_test.rb +5 -0
data/test/models/validatable_test.rb +113 -0
data/test/models_test.rb +109 -0
data/test/omniauth/config_test.rb +57 -0
data/test/omniauth/url_helpers_test.rb +58 -0
data/test/orm/active_record.rb +9 -0
data/test/orm/mongoid.rb +14 -0
data/test/rails_app/Rakefile +10 -0
data/test/rails_app/app/active_record/admin.rb +6 -0
data/test/rails_app/app/active_record/shim.rb +2 -0
data/test/rails_app/app/active_record/user.rb +6 -0
data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
data/test/rails_app/app/controllers/admins_controller.rb +6 -0
data/test/rails_app/app/controllers/application_controller.rb +8 -0
data/test/rails_app/app/controllers/home_controller.rb +25 -0
data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +14 -0
data/test/rails_app/app/controllers/users_controller.rb +23 -0
data/test/rails_app/app/helpers/application_helper.rb +3 -0
data/test/rails_app/app/mailers/users/mailer.rb +3 -0
data/test/rails_app/app/mongoid/admin.rb +24 -0
data/test/rails_app/app/mongoid/shim.rb +24 -0
data/test/rails_app/app/mongoid/user.rb +45 -0
data/test/rails_app/app/views/admins/index.html.erb +1 -0
data/test/rails_app/app/views/admins/sessions/new.html.erb +2 -0
data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -0
data/test/rails_app/app/views/home/index.html.erb +1 -0
data/test/rails_app/app/views/home/join.html.erb +1 -0
data/test/rails_app/app/views/home/private.html.erb +1 -0
data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -0
data/test/rails_app/app/views/layouts/application.html.erb +24 -0
data/test/rails_app/app/views/users/index.html.erb +1 -0
data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +1 -0
data/test/rails_app/app/views/users/sessions/new.html.erb +1 -0
data/test/rails_app/config.ru +4 -0
data/test/rails_app/config/application.rb +41 -0
data/test/rails_app/config/boot.rb +8 -0
data/test/rails_app/config/database.yml +18 -0
data/test/rails_app/config/environment.rb +5 -0
data/test/rails_app/config/environments/development.rb +18 -0
data/test/rails_app/config/environments/production.rb +33 -0
data/test/rails_app/config/environments/test.rb +33 -0
data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
data/test/rails_app/config/initializers/devise.rb +197 -0
data/test/rails_app/config/initializers/inflections.rb +2 -0
data/test/rails_app/config/initializers/secret_token.rb +2 -0
data/test/rails_app/config/routes.rb +87 -0
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +71 -0
data/test/rails_app/db/schema.rb +52 -0
data/test/rails_app/lib/shared_admin.rb +10 -0
data/test/rails_app/lib/shared_user.rb +26 -0
data/test/rails_app/public/404.html +26 -0
data/test/rails_app/public/422.html +26 -0
data/test/rails_app/public/500.html +26 -0
data/test/rails_app/public/favicon.ico +0 -0
data/test/rails_app/script/rails +10 -0
data/test/routes_test.rb +240 -0
data/test/support/assertions.rb +27 -0
data/test/support/helpers.rb +109 -0
data/test/support/integration.rb +88 -0
data/test/support/locale/en.yml +4 -0
data/test/support/webrat/integrations/rails.rb +24 -0
data/test/test_helper.rb +27 -0
data/test/test_helpers_test.rb +134 -0
metadata +295 -0

data/lib/devise/controllers/scoped_views.rb ADDED

@@ -0,0 +1,33 @@
+module Devise
+  module Controllers
+    module ScopedViews
+      extend ActiveSupport::Concern
+      module ClassMethods
+        def scoped_views?
+          defined?(@scoped_views) ? @scoped_views : Devise.scoped_views
+        end
+        def scoped_views=(value)
+          @scoped_views = value
+        end
+      end
+    protected
+      # Render a view for the specified scope. Turned off by default.
+      # Accepts just :controller as option.
+      def render_with_scope(action, path=self.controller_path)
+        if self.class.scoped_views?
+          begin
+            render :template => "#{devise_mapping.scoped_path}/#{path.split("/").last}/#{action}"
+          rescue ActionView::MissingTemplate
+            render :template => "#{path}/#{action}"
+          end
+        else
+          render :template => "#{path}/#{action}"
+        end
+      end
+    end
+  end
+end

data/lib/devise/controllers/shared_helpers.rb ADDED

@@ -0,0 +1,26 @@
+module Devise
+  module Controllers
+    # Helpers used in both FailureApp and Devise controllers.
+    module SharedHelpers
+      MIME_REFERENCES = Mime::HTML.respond_to?(:ref)
+      protected
+      # Helper used by FailureApp and Devise controllers to retrieve proper formats.
+      def request_format
+        @request_format ||= if request.format.respond_to?(:ref)
+          request.format.ref
+        elsif MIME_REFERENCES
+          request.format
+        elsif request.format # Rails < 3.0.4
+          request.format.to_sym
+        end
+      end
+      # Check whether it's navigational format, such as :html or :iphone, or not.
+      def is_navigational_format?
+        Devise.navigational_formats.include?(request_format)
+      end
+    end
+  end
+end

data/lib/devise/controllers/url_helpers.rb ADDED

@@ -0,0 +1,53 @@
+module Devise
+  module Controllers
+    # Create url helpers to be used with resource/scope configuration. Acts as
+    # proxies to the generated routes created by devise.
+    # Resource param can be a string or symbol, a class, or an instance object.
+    # Example using a :user resource:
+    #
+    #   new_session_path(:user)      => new_user_session_path
+    #   session_path(:user)          => user_session_path
+    #   destroy_session_path(:user)  => destroy_user_session_path
+    #
+    #   new_password_path(:user)     => new_user_password_path
+    #   password_path(:user)         => user_password_path
+    #   edit_password_path(:user)    => edit_user_password_path
+    #
+    #   new_confirmation_path(:user) => new_user_confirmation_path
+    #   confirmation_path(:user)     => user_confirmation_path
+    #
+    # Those helpers are added to your ApplicationController.
+    module UrlHelpers
+      def self.remove_helpers!
+        self.instance_methods.map(&:to_s).grep(/_(url|path)$/).each do |method|
+          remove_method method
+        end
+      end
+      def self.generate_helpers!(routes=nil)
+        routes ||= begin
+          mappings = Devise.mappings.values.map(&:used_helpers).flatten.uniq
+          Devise::URL_HELPERS.slice(*mappings)
+        end
+        routes.each do |module_name, actions|
+          [:path, :url].each do |path_or_url|
+            actions.each do |action|
+              action = action ? "#{action}_" : ""
+              method = "#{action}#{module_name}_#{path_or_url}"
+              class_eval <<-URL_HELPERS, __FILE__, __LINE__ + 1
+                def #{method}(resource_or_scope, *args)
+                  scope = Devise::Mapping.find_scope!(resource_or_scope)
+                  send("#{action}\#{scope}_#{module_name}_#{path_or_url}", *args)
+                end
+              URL_HELPERS
+            end
+          end
+        end
+      end
+      generate_helpers!(Devise::URL_HELPERS)
+    end
+  end
+end

data/lib/devise/delegator.rb ADDED

@@ -0,0 +1,16 @@
+module Devise
+  # Checks the scope in the given environment and returns the associated failure app.
+  class Delegator
+    def call(env)
+      failure_app(env).call(env)
+    end
+    def failure_app(env)
+      app = env["warden.options"] &&
+        (scope = env["warden.options"][:scope]) &&
+        Devise.mappings[scope.to_sym].failure_app
+      app || Devise::FailureApp
+    end
+  end
+end

data/lib/devise/encryptors/authlogic_sha512.rb ADDED

@@ -0,0 +1,19 @@
+require "digest/sha2"
+module Devise
+  module Encryptors
+    # = AuthlogicSha512
+    # Simulates Authlogic's default encryption mechanism.
+    # Warning: it uses Devise's stretches configuration to port Authlogic's one. Should be set to 20 in the initializer to simulate
+    #  the default behavior.
+    class AuthlogicSha512 < Base
+      # Generates a default password digest based on salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        digest = [password, salt].flatten.join('')
+        stretches.times { digest = Digest::SHA512.hexdigest(digest) }
+        digest
+      end
+    end
+  end
+end

data/lib/devise/encryptors/base.rb ADDED

@@ -0,0 +1,20 @@
+module Devise
+  # Implements a way of adding different encryptions.
+  # The class should implement a self.digest method that taks the following params:
+  #   - password
+  #   - stretches: the number of times the encryption will be applied
+  #   - salt: the password salt as defined by devise
+  #   - pepper: Devise config option
+  #
+  module Encryptors
+    class Base
+      def self.digest
+        raise NotImplemented
+      end
+      def self.salt(stretches)
+        Devise.friendly_token[0,20]
+      end
+    end
+  end
+end

data/lib/devise/encryptors/clearance_sha1.rb ADDED

@@ -0,0 +1,17 @@
+require "digest/sha1"
+module Devise
+  module Encryptors
+    # = ClearanceSha1
+    # Simulates Clearance's default encryption mechanism.
+    # Warning: it uses Devise's pepper to port the concept of REST_AUTH_SITE_KEY
+    # Warning: it uses Devise's stretches configuration to port the concept of REST_AUTH_DIGEST_STRETCHES
+    class ClearanceSha1 < Base
+      # Generates a default password digest based on salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        Digest::SHA1.hexdigest("--#{salt}--#{password}--")
+      end
+    end
+  end
+end

data/lib/devise/encryptors/restful_authentication_sha1.rb ADDED

@@ -0,0 +1,22 @@
+require "digest/sha1"
+module Devise
+  module Encryptors
+    # = RestfulAuthenticationSha1
+    # Simulates Restful Authentication's default encryption mechanism.
+    # Warning: it uses Devise's pepper to port the concept of REST_AUTH_SITE_KEY
+    # Warning: it uses Devise's stretches configuration to port the concept of REST_AUTH_DIGEST_STRETCHES. Should be set to 10 in
+    # the initializer to simulate the default behavior.
+    class RestfulAuthenticationSha1 < Base
+      # Generates a default password digest based on salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        digest = pepper
+        stretches.times { digest = Digest::SHA1.hexdigest([digest, salt, password, pepper].flatten.join('--')) }
+        digest
+      end
+    end
+  end
+end

data/lib/devise/encryptors/sha1.rb ADDED

@@ -0,0 +1,25 @@
+require "digest/sha1"
+module Devise
+  module Encryptors
+    # = Sha1
+    # Uses the Sha1 hash algorithm to encrypt passwords.
+    class Sha1 < Base
+      # Generates a default password digest based on stretches, salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        digest = pepper
+        stretches.times { digest = self.secure_digest(salt, digest, password, pepper) }
+        digest
+      end
+    private
+      # Generate a SHA1 digest joining args. Generated token is something like
+      #   --arg1--arg2--arg3--argN--
+      def self.secure_digest(*tokens)
+        ::Digest::SHA1.hexdigest('--' << tokens.flatten.join('--') << '--')
+      end
+    end
+  end
+end

data/lib/devise/encryptors/sha512.rb ADDED

@@ -0,0 +1,25 @@
+require "digest/sha2"
+module Devise
+  module Encryptors
+    # = Sha512
+    # Uses the Sha512 hash algorithm to encrypt passwords.
+    class Sha512 < Base
+      # Generates a default password digest based on salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        digest = pepper
+        stretches.times { digest = self.secure_digest(salt, digest, password, pepper) }
+        digest
+      end
+    private
+      # Generate a Sha512 digest joining args. Generated token is something like
+      #   --arg1--arg2--arg3--argN--
+      def self.secure_digest(*tokens)
+        ::Digest::SHA512.hexdigest('--' << tokens.flatten.join('--') << '--')
+      end
+    end
+  end
+end

data/lib/devise/failure_app.rb ADDED

@@ -0,0 +1,149 @@
+require "action_controller/metal"
+module Devise
+  # Failure application that will be called every time :warden is thrown from
+  # any strategy or hook. Responsible for redirect the user to the sign in
+  # page based on current scope and mapping. If no scope is given, redirect
+  # to the default_url.
+  class FailureApp < ActionController::Metal
+    include ActionController::RackDelegation
+    include ActionController::UrlFor
+    include ActionController::Redirecting
+    include Rails.application.routes.url_helpers
+    include Devise::Controllers::SharedHelpers
+    delegate :flash, :to => :request
+    def self.call(env)
+      @respond ||= action(:respond)
+      @respond.call(env)
+    end
+    def self.default_url_options(*args)
+      ApplicationController.default_url_options(*args)
+    end
+    def respond
+      if http_auth?
+        http_auth
+      elsif warden_options[:recall]
+        recall
+      else
+        redirect
+      end
+    end
+    def http_auth
+      self.status = 401
+      self.headers["WWW-Authenticate"] = %(Basic realm=#{Devise.http_authentication_realm.inspect}) if http_auth_header?
+      self.content_type = request.format.to_s
+      self.response_body = http_auth_body
+    end
+    def recall
+      env["PATH_INFO"]  = attempted_path
+      flash.now[:alert] = i18n_message(:invalid)
+      self.response = recall_app(warden_options[:recall]).call(env)
+    end
+    def redirect
+      store_location!
+      flash[:alert] = i18n_message
+      redirect_to redirect_url
+    end
+  protected
+    def i18n_message(default = nil)
+      message = warden.message || warden_options[:message] || default || :unauthenticated
+      if message.is_a?(Symbol)
+        I18n.t(:"#{scope}.#{message}", :resource_name => scope,
+               :scope => "devise.failure", :default => [message, message.to_s])
+      else
+        message.to_s
+      end
+    end
+    def redirect_url
+      opts  = {}
+      route = :"new_#{scope}_session_path"
+      opts[:format] = request_format unless skip_format?
+      if respond_to?(route)
+        send(route, opts)
+      else
+        root_path(opts)
+      end
+    end
+    def skip_format?
+      %w(html */*).include? request_format.to_s
+    end
+    # Choose whether we should respond in a http authentication fashion,
+    # including 401 and optional headers.
+    #
+    # This method allows the user to explicitly disable http authentication
+    # on ajax requests in case they want to redirect on failures instead of
+    # handling the errors on their own. This is useful in case your ajax API
+    # is the same as your public API and uses a format like JSON (so you
+    # cannot mark JSON as a navigational format).
+    def http_auth?
+      if request.xhr?
+        Devise.http_authenticatable_on_xhr
+      else
+        !(request_format && is_navigational_format?)
+      end
+    end
+    # It does not make sense to send authenticate headers in ajax requests
+    # or if the user disabled them.
+    def http_auth_header?
+      Devise.mappings[scope].to.http_authenticatable && !request.xhr?
+    end
+    def http_auth_body
+      return i18n_message unless request_format
+      method = "to_#{request_format}"
+      if method == "to_xml"
+        { :error => i18n_message }.to_xml(:root => "errors")
+      elsif {}.respond_to?(method)
+        { :error => i18n_message }.send(method)
+      else
+        i18n_message
+      end
+    end
+    def recall_app(app)
+      controller, action = app.split("#")
+      controller_name  = ActiveSupport::Inflector.camelize(controller)
+      controller_klass = ActiveSupport::Inflector.constantize("#{controller_name}Controller")
+      controller_klass.action(action)
+    end
+    def warden
+      env['warden']
+    end
+    def warden_options
+      env['warden.options']
+    end
+    def scope
+      @scope ||= warden_options[:scope] || Devise.default_scope
+    end
+    def attempted_path
+      warden_options[:attempted_path]
+    end
+    # Stores requested uri to redirect the user after signing in. We cannot use
+    # scoped session provided by warden here, since the user is not authenticated
+    # yet, but we still need to store the uri based on scope, so different scopes
+    # would never use the same uri to redirect.
+    def store_location!
+      session["#{scope}_return_to"] = attempted_path if request.get? && !http_auth?
+    end
+  end
+end

data/lib/devise/hooks/activatable.rb ADDED

@@ -0,0 +1,11 @@
+# Deny user access whenever his account is not active yet. All strategies that inherits from
+# Devise::Strategies::Authenticatable and uses the validate already check if the user is active_for_authentication?
+# before actively signing him in. However, we need this as hook to validate the user activity
+# in each request and in case the user is using other strategies beside Devise ones.
+Warden::Manager.after_set_user do |record, warden, options|
+  if record && record.respond_to?(:active_for_authentication?) && !record.active_for_authentication?
+    scope = options[:scope]
+    warden.logout(scope)
+    throw :warden, :scope => scope, :message => record.inactive_message
+  end
+end

data/lib/devise/hooks/forgetable.rb ADDED

@@ -0,0 +1,9 @@
+# Before logout hook to forget the user in the given scope, if it responds
+# to forget_me! Also clear remember token to ensure the user won't be
+# remembered again. Notice that we forget the user unless the record is not persisted.
+# This avoids forgetting deleted users.
+Warden::Manager.before_logout do |record, warden, options|
+  if record.respond_to?(:forget_me!)
+    Devise::Controllers::Rememberable::Proxy.new(warden).forget_me(record)
+  end
+end

data/lib/devise/hooks/rememberable.rb ADDED

@@ -0,0 +1,6 @@
+Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
+  scope = options[:scope]
+  if record.respond_to?(:remember_me) && record.remember_me && warden.authenticated?(scope)
+    Devise::Controllers::Rememberable::Proxy.new(warden).remember_me(record)
+  end
+end