devise 1.1.rc1 → 1.1.rc2

data/CHANGELOG.rdoc

@@ -1,34 +1,70 @@
-== 1.1.rc1
-
-* enhancements
-  * Rails 3 compatibility.
-  * All controllers and views are namespaced, for example: Devise::SessionsController and "devise/sessions".
-  * Devise.orm is deprecated. This reduces the required API to hook your ORM with devise.
-  * Use metal for failure app.
-  * HTML e-mails now have proper formatting.
-  * Do not remove options from Datamapper and MongoMapper in find.
-  * Allow to give :skip and :controllers in routes.
-  * Move trackable logic to the model.
-  * E-mails now use any template available in the filesystem. Easy to create multipart e-mails.
-  * E-mails asks headers_for in the model to set the proper headers.
-  * Allow to specify haml in devise_views.
-  * Compatibility with Datamapper and Mongoid.
-  * Make config.devise available on config/application.rb.
-  * TokenAuthenticatable now works with HTTP Basic Auth.
-  * Allow :unlock_strategy to be :none and add :lock_strategy which can be :failed_attempts or none. Setting those values to :none means that you want to handle lock and unlocking by yourself.
-  * No need to append ?unauthenticated=true in URLs anymore since Flash was moved to a middleware in Rails 3.
-  * :activatable is included by default in your models.
+== 1.1.rc2
+
+* enhancements
+  * Allow to set cookie domain for the remember token. (by github.com/mantas)
+  * Added navigational formats to specify when it should return a 302 and when a 401.
+  * Added authenticate(scope) support in routes (by github.com/wildchild)
+  * Added after_update_path_for to registrations controller (by github.com/thedelchop)
+  * Allow the mailer object to be replaced through config.mailer = "MyOwnMailer"
+
+* bug fix
+  * Fix a bug where session was timing out on sign out
+
+* deprecations
+  * bcrypt is now the default encryptor
+  * devise.mailer.confirmations_instructions now should be devise.mailer.confirmations_instructions.subject
+  * devise.mailer.user.confirmations_instructions now should be devise.mailer.confirmations_instructions.user_subject
+  * Generators now use Rails 3 syntax (devise:install) instead of devise_install
+
+== 1.1.rc
+
+* enhancements
+  * Rails 3 compatibility
+  * All controllers and views are namespaced, for example: Devise::SessionsController and "devise/sessions"
+  * Devise.orm is deprecated. This reduces the required API to hook your ORM with devise
+  * Use metal for failure app
+  * HTML e-mails now have proper formatting
+  * Allow to give :skip and :controllers in routes
+  * Move trackable logic to the model
+  * E-mails now use any template available in the filesystem. Easy to create multipart e-mails
+  * E-mails asks headers_for in the model to set the proper headers
+  * Allow to specify haml in devise_views
+  * Compatibility with Datamapper and Mongoid
+  * Make config.devise available on config/application.rb
+  * TokenAuthenticatable now works with HTTP Basic Auth
+  * Allow :unlock_strategy to be :none and add :lock_strategy which can be :failed_attempts or none. Setting those values to :none means that you want to handle lock and unlocking by yourself
+  * No need to append ?unauthenticated=true in URLs anymore since Flash was moved to a middleware in Rails 3
+  * :activatable is included by default in your models
+
+* bug fix
+  * Fix a bug with STI
+
+* deprecations
+  * Rails 3 compatible only
+  * Removed support for MongoMapper
+  * Scoped views are no longer "sessions/users/new". Now use "users/sessions/new"
+  * Devise.orm is deprecated, just require "devise/orm/YOUR_ORM" instead
+  * Devise.default_url_options is deprecated, just modify ApplicationController.default_url_options
+  * All messages under devise.sessions, except :signed_in and :signed_out, should be moved to devise.failure
+  * :as and :scope in routes is deprecated. Use :path and :singular instead
+
+== 1.0.8
+
+* enhancements
+  * Support for latest MongoMapper
+  * Added anybody_signed_in? helper (by github.com/SSDany)
+
+* bug fix
+  * confirmation_required? is properly honored on active? calls. (by github.com/paulrosania)
+
+== 1.0.7
 
 * bug fix
-  * fix a bug with STI
+  * Ensure password confirmation is always required
 
 * deprecations
-  * Rails 3 compatible only.
-  * Scoped views are no longer "sessions/users/new". Now use "users/sessions/new".
-  * Devise.orm is deprecated, just require "devise/orm/YOUR_ORM" instead.
-  * Devise.default_url_options is deprecated, just modify ApplicationController.default_url_options.
-  * All messages under devise.sessions, except :signed_in and :signed_out, should be moved to devise.failure.
-  * :as and :scope in routes is deprecated. Use :path and :singular instead.
+  * authenticatable was deprecated and renamed to database_authenticatable
+  * confirmable is not included by default on generation
 
 == 1.0.6
 

data/Gemfile

@@ -1,10 +1,10 @@
-source "http://gemcutter.org"
+source "http://rubygems.org"
 
 # Need to install Rails from source
-gem "rails", "3.0.0.beta3"
-gem "warden", "0.10.3"
-gem "sqlite3-ruby", :require => "sqlite3"
-gem "webrat", "0.7"
+gem "rails", "3.0.0.beta4"
+gem "warden", "0.10.7"
+gem "sqlite3-ruby"
+gem "webrat", "0.7.0"
 gem "mocha", :require => false
 gem "bcrypt-ruby", :require => "bcrypt"
 
@@ -13,15 +13,17 @@ if RUBY_VERSION < '1.9'
 end
 
 group :mongoid do
-  gem "mongo",        ">= 0.18.3"
-  gem "mongo_ext",    ">= 0.18.3", :require => false
+  gem "mongo"
   gem "mongoid", :git => "git://github.com/durran/mongoid.git"
+  gem "bson_ext"
 end
 
 group :data_mapper do
-  gem "do_sqlite3", '>= 0.10.1'
-  gem "dm-core", :git => "git://github.com/datamapper/dm-core.git"
-  gem "dm-validations", :git => "git://github.com/datamapper/dm-more.git"
-  gem "dm-timestamps", :git => "git://github.com/datamapper/dm-more.git"
-  gem "dm-rails", :git => "git://github.com/datamapper/dm-rails.git"
-end
+  gem 'dm-core',           '~> 1.0.0', :git => 'git://github.com/datamapper/dm-core'
+  gem 'dm-migrations',     '~> 1.0.0', :git => 'git://github.com/datamapper/dm-migrations'
+  gem 'dm-sqlite-adapter', '~> 1.0.0', :git => 'git://github.com/datamapper/dm-sqlite-adapter'
+  gem 'dm-validations',    '~> 1.0.0', :git => 'git://github.com/datamapper/dm-validations'
+  gem 'dm-serializer',     '~> 1.0.0', :git => 'git://github.com/datamapper/dm-serializer'
+  gem 'dm-timestamps',     '~> 1.0.0', :git => 'git://github.com/datamapper/dm-timestamps'
+  gem 'dm-rails',          '~> 1.0.0', :git => 'git://github.com/datamapper/dm-rails'
+end

data/README.rdoc

@@ -13,53 +13,74 @@ Right now it's composed of 11 modules:
 * Token Authenticatable: signs in an user based on an authentication token (also known as "single access token"). The token can be given both through query string or HTTP Basic Authentication.
 * Confirmable: sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
 * Recoverable: resets the user password and sends reset instructions.
-* Registerable: handles signing up users through a registration process.
+* Registerable: handles signing up users through a registration process, also allowing them to edit and destroy their account.
 * Rememberable: manages generating and clearing a token for remembering the user from a saved cookie.
 * Trackable: tracks sign in count, timestamps and IP address.
 * Timeoutable: expires sessions that have no activity in a specified period of time.
 * Validatable: provides validations of email and password. It's optional and can be customized, so you're able to define your own validations.
 * Lockable: locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.
 
-== Examples
+== Installation
 
-* Example application using Devise at http://github.com/plataformatec/devise_example
-* Example Rails 2.3 web app combining subdomains with Devise at http://github.com/fortuity/subdomain-authentication
+=== Rails 3 beta 4
 
-== Dependencies
+To use Devise with Rails 3 beta 4, please use it straight from the git repository, by adding it to your Gemfile:
 
-Devise is based on Warden (http://github.com/hassox/warden), a Rack Authentication Framework. You need to install Warden as a gem. Please ensure you have it installed in order to use Devise (see installation below).
+  gem "devise", :git => "git://github.com/plataformatec/devise.git"
 
-== Installation
+Then follow the same steps as below.
+
+=== Rails 3 beta 3
 
 Devise master branch now supports Rails 3 and is NOT backward compatible. You can use the latest Rails 3 beta gem with Devise latest gem:
 
-  sudo gem install devise --version=1.1.rc1
+  gem install devise --version=1.1.rc1
 
 After you install Devise and add it to your Gemfile, you need to run the generator:
 
-  rails generate devise_install
+  rails generate devise:install
 
-And you're ready to go. The generator will install an initializer which describes ALL Devise's configuration options, so be sure to take a look at it and at the documentation as well:
+The generator will install an initializer which describes ALL Devise's configuration options and you MUST take a look at it. When you are done, you are ready to add Devise to any of your models using the generator:
 
-  http://rdoc.info/projects/plataformatec/devise
+  rails generate devise MODEL
 
-The documentation above is for Rails 3. If you want to consult the documentation for Rails 2.3, you need to start `gem server` in your own machine. Finally, another good resource for information, is the wiki:
+Replace MODEL by the class name you want to add devise, like User, Admin, etc. This will create a model (if one does not exist) and configure it with default Devise modules. The generator will also create a migration file (if your ORM support them) and configure your routes. Continue reading this file to understand exactly what the generator produces and how to use it.
 
-  http://wiki.github.com/plataformatec/devise
-
-== Rails 2.3
+=== Rails 2.3
 
 If you want to use the Rails 2.3.x version, you should do:
 
-  sudo gem install devise --version=1.0.6
+  gem install devise --version=1.0.7
 
-Or checkout from the v1.0 branch:
+And please check the README at the v1.0 branch since this one is based on Rails 3:
 
   http://github.com/plataformatec/devise/tree/v1.0
 
+== Ecosystem
+
+Devise ecosystem is growing solid day after day. If you just need a walkthrough about setting up Devise, this README will work great. But if you need more documentation and resources, please check both the wiki and rdoc:
+
+* http://rdoc.info/projects/plataformatec/devise
+* http://wiki.github.com/plataformatec/devise
+
+Both links above are for Devise with Rails 3. If you need to use Devise with Rails 2.3, you can always run `gem server` from the command line after you install the gem to access the old documentation.
+
+Another great way to learn Devise are Ryan Bates' screencasts:
+
+* http://railscasts.com/episodes/209-introducing-devise
+* http://railscasts.com/episodes/210-customizing-devise
+
+And a few example applications:
+
+* Rails 2.3 app using Devise at http://github.com/plataformatec/devise_example
+* Rails 2.3 app using Devise with subdomains at http://github.com/fortuity/subdomain-authentication
+* Rails 3.0 app with Mongoid at http://github.com/fortuity/rails3-mongoid-devise
+
+Finally, Devise also has several extensions built by the community. Don't forget to check them at the end of this README. If you want to write an extension on your own, you should also check Warden (http://github.com/hassox/warden), a Rack Authentication Framework which Devise depends on.
+
 == Basic Usage
 
-This is a walkthrough with all steps you need to setup a devise resource, including model, migration, route files, and optional configuration. You MUST also check out the *Generators* section below to help you start.
+This is a walkthrough with all steps you need to setup a devise resource, including model, migration, route files, and optional configuration.
 
 Devise must be set up within the model (or models) you want to use. Devise routes must be created inside your config/routes.rb file.
 
@@ -88,13 +109,13 @@ Configure your routes after setting up your model. Open your config/routes.rb fi
 
 This will use your User model to create a set of needed routes (you can see them by running `rake routes`).
 
-Options for configuring your routes include :class_name (to set the class for that route), :path_prefix, :as and :path_names, where the last two have the same meaning as in common routes. The available :path_names are:
+Options for configuring your routes include :class_name (to set the class for that route), :path_prefix, :path and :path_names, where the last two have the same meaning as in common routes. The available :path_names are:
 
-  devise_for :users, :as => "usuarios", :path_names => { :sign_in => 'login', :sign_out => 'logout', :sign_up => 'register', :password => 'secret', :confirmation => 'verification', :unlock => 'unblock' }
+  devise_for :users, :path => "usuarios", :path_names => { :sign_in => 'login', :sign_out => 'logout', :password => 'secret', :confirmation => 'verification', :unlock => 'unblock', :registration => 'register', :sign_up => 'cmon_let_me_in' }
 
 Be sure to check devise_for documentation for details.
 
-After creating your models and routes, run your migrations, and you are ready to go! But don't stop reading here, we still have a lot to tell you:
+This exactly what the devise generator produces for you: model, routes and migrations. Don't forget to run rake db:migrate and you are ready to go! But don't stop reading here, we still have a lot to tell you.
 
 == Controller filters and helpers
 
@@ -133,13 +154,14 @@ Devise allows you to set up as many roles as you want. For example, you may have
     t.database_authenticatable
     t.lockable
     t.trackable
+    t.timestamps
   end
 
   # Inside your Admin model
   devise :database_authenticatable, :trackable, :timeoutable, :lockable
 
   # Inside your routes
-  devise_for :admin
+  devise_for :admins
 
   # Inside your protected controller
   before_filter :authenticate_admin!
@@ -149,27 +171,13 @@ Devise allows you to set up as many roles as you want. For example, you may have
   current_admin
   admin_session
 
-== Generators
-
-Devise has generators to help you get started:
-
-  rails generate devise_install
-
-This will generate an initializer, with a description of all configuration values.
-
-You can also generate models:
-
-  rails generate devise Model
-
-This will create a model named "Model" configured with default Devise modules and attr_accessible set for default fields. The generator will also create the migration and configure your routes for Devise.
-
 == Model configuration
 
 The devise method in your models also accepts some options to configure its modules. For example, you can choose which encryptor to use in database_authenticatable:
 
   devise :database_authenticatable, :confirmable, :recoverable, :encryptor => :bcrypt
 
-Besides :encryptor, you can define :pepper, :stretches, :confirm_within, :remember_for, :timeout_in, :unlock_in and other values. For details, see the initializer file that was created when you invoked the devise_install generator described above.
+Besides :encryptor, you can define :pepper, :stretches, :confirm_within, :remember_for, :timeout_in, :unlock_in and other values. For details, see the initializer file that was created when you invoked the "devise:install" generator described above.
 
 == Configuring views
 
@@ -177,7 +185,7 @@ We built Devise to help you quickly develop an application that uses authenticat
 
 Since Devise is an engine, all its views are packaged inside the gem. These views will help you get started, but after sometime you may want to change them. If this is the case, you just need to invoke the following generator, and it will copy all views to your application:
 
-  rails generate devise_views
+  rails generate devise:views
 
 However, if you have more than one role in your application (such as "User" and "Admin"), you will notice that Devise uses the same views for all roles. Fortunately, Devise offers an easy way to customize views. All you need to do is set "config.scoped_views = true" inside "config/initializers/devise.rb".
 
@@ -257,6 +265,20 @@ Devise implements encryption strategies for Clearance, Authlogic and Restful-Aut
 
 Devise supports ActiveRecord (by default) and Mongoid. We offer experimental Datamapper support (with the limitation that the Devise test suite does not run completely with Datamapper). To choose other ORM, you just need to configure it in the initializer file.
 
+== Extensions
+
+Devise also has extensions created by the community:
+
+* http://github.com/scambra/devise_invitable adds support to Devise for sending invitations by email.
+
+* http://github.com/grimen/devise_facebook_connectable adds support for Facebook Connect authentication, and optionally fetching user info from Facebook in the same step.
+
+* http://github.com/joshk/devise_imapable adds support for imap based authentication, excellent for internal apps when an LDAP server isn't available.
+
+* http://github.com/cschiewek/devise_ldap_authenticatable adds support for LDAP authentication via simple bind.
+
+Please consult their respective documentation for more information and requirements.
+
 == TODO
 
 Please refer to TODO file.
@@ -268,15 +290,9 @@ Please refer to TODO file.
 
 == Contributors
 
-We have a long list of valued contributors. See the CHANGELOG or do `git shortlog -s -n` in the cloned repository.
-
-== Devise extensions
+We have a long list of valued contributors. Check them all at:
 
-* http://github.com/scambra/devise_invitable adds support to Devise for sending invitations by email.
-
-* http://github.com/grimen/devise_facebook_connectable adds support for Facebook Connect authentication, and optionally fetching user info from Facebook in the same step.
-
-* http://github.com/joshk/devise_imapable adds support for imap based authentication, excellent for internal apps when an LDAP server isn't available.
+http://github.com/plataformatec/devise/contributors
 
 == Bugs and Feedback
 
@@ -288,10 +304,6 @@ For support, send an e-mail to the mailing list.
 
 http://groups.google.com/group/plataformatec-devise
 
-See the wiki for additional documentation and support.
-
-http://wiki.github.com/plataformatec/devise
-
 == License
 
-MIT License. Copyright 2009 Plataforma Tecnologia. http://blog.plataformatec.com.br
+MIT License. Copyright 2010 Plataforma Tecnologia. http://blog.plataformatec.com.br

data/Rakefile

@@ -45,10 +45,11 @@ begin
     s.authors = ['José Valim', 'Carlos Antônio']
     s.files =  FileList["[A-Z]*", "{app,config,lib}/**/*"]
     s.extra_rdoc_files = FileList["[A-Z]*"] - %w(Gemfile Rakefile)
-    s.add_dependency("warden", "~> 0.10.3")
+    s.add_dependency("warden", "~> 0.10.7")
+    s.add_dependency("bcrypt-ruby", "~> 2.1.2")
   end
 
   Jeweler::GemcutterTasks.new
 rescue LoadError
-  puts "Jeweler, or one of its dependencies, is not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
+  puts "Jeweler, or one of its dependencies, is not available. Install it with: gem install jeweler"
 end

data/TODO

@@ -1,2 +1,3 @@
 * Move integration tests to Capybara
 * Better ORM integration
+* Extract activatable models tests from confirmable

data/app/controllers/devise/registrations_controller.rb

@@ -31,7 +31,7 @@ class Devise::RegistrationsController < ApplicationController
   def update
     if resource.update_with_password(params[resource_name])
       set_flash_message :notice, :updated
-      redirect_to after_sign_in_path_for(self.resource)
+      redirect_to after_update_path_for(resource)
     else
       clean_up_passwords(resource)
       render_with_scope :edit

data/app/mailers/devise/mailer.rb

@@ -1,6 +1,5 @@
 class Devise::Mailer < ::ActionMailer::Base
   include Devise::Controllers::ScopedViews
-
   attr_reader :devise_mapping, :resource
 
   def confirmation_instructions(record)
@@ -17,52 +16,53 @@ class Devise::Mailer < ::ActionMailer::Base
 
   private
 
-    # Configure default email options
-    def setup_mail(record, action)
-      @scope_name     = Devise::Mapping.find_scope!(record)
-      @devise_mapping = Devise.mappings[@scope_name]
-      @resource       = instance_variable_set("@#{@devise_mapping.name}", record)
-
-      template_path = ["devise/mailer"]
-      template_path.unshift "#{@devise_mapping.plural}/mailer" if self.class.scoped_views?
+  # Configure default email options
+  def setup_mail(record, action)
+    @scope_name     = Devise::Mapping.find_scope!(record)
+    @devise_mapping = Devise.mappings[@scope_name]
+    @resource       = instance_variable_set("@#{@devise_mapping.name}", record)
 
-      headers = {
-        :subject => translate(@devise_mapping, action),
-        :from => mailer_sender(@devise_mapping),
-        :to => record.email,
-        :template_path => template_path
-      }
+    template_path = ["devise/mailer"]
+    template_path.unshift "#{@devise_mapping.plural}/mailer" if self.class.scoped_views?
 
-      headers.merge!(record.headers_for(action)) if record.respond_to?(:headers_for)
-      mail(headers)
-    end
+    headers = {
+      :subject => translate(@devise_mapping, action),
+      :from => mailer_sender(@devise_mapping),
+      :to => record.email,
+      :template_path => template_path
+    }
 
-    # Fix a bug in Rails 3 beta 3
-    def mail(*) #:nodoc:
-      super
-      @_message["template_path"] = nil
-      @_message
-    end
+    headers.merge!(record.headers_for(action)) if record.respond_to?(:headers_for)
+    mail(headers)
+  end
 
-    def mailer_sender(mapping)
-      if Devise.mailer_sender.is_a?(Proc)
-        Devise.mailer_sender.call(mapping.name)
-      else
-        Devise.mailer_sender
-      end
+  def mailer_sender(mapping)
+    if Devise.mailer_sender.is_a?(Proc)
+      Devise.mailer_sender.call(mapping.name)
+    else
+      Devise.mailer_sender
     end
+  end
 
-    # Setup subject namespaced by model. It means you're able to setup your
-    # messages using specific resource scope, or provide a default one.
-    # Example (i18n locale file):
-    #
-    #   en:
-    #     devise:
-    #       mailer:
-    #         confirmation_instructions: '...'
-    #         user:
-    #           confirmation_instructions: '...'
-    def translate(mapping, key)
-      I18n.t(:"#{mapping.name}.#{key}", :scope => [:devise, :mailer], :default => key)
-    end
+  # Setup a subject doing an I18n lookup. At first, it attemps to set a subject
+  # based on the current mapping:
+  #
+  #   en:
+  #     devise:
+  #       mailer:
+  #         confirmation_instructions:
+  #           user_subject: '...'
+  #
+  # If one does not exist, it fallbacks to ActionMailer default:
+  #
+  #   en:
+  #     devise:
+  #       mailer:
+  #         confirmation_instructions:
+  #           subject: '...'
+  #
+  def translate(mapping, key)
+    I18n.t(:"#{mapping.name}_subject", :scope => [:devise, :mailer, key],
+      :default => [:subject, key.to_s.humanize])
+  end
 end