devise 3.2.1 → 4.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.travis.yml +58 -10
- data/CHANGELOG.md +199 -979
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +73 -8
- data/Gemfile +19 -11
- data/Gemfile.lock +152 -119
- data/ISSUE_TEMPLATE.md +19 -0
- data/MIT-LICENSE +1 -1
- data/README.md +347 -93
- data/Rakefile +4 -2
- data/app/controllers/devise/confirmations_controller.rb +11 -5
- data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
- data/app/controllers/devise/passwords_controller.rb +20 -8
- data/app/controllers/devise/registrations_controller.rb +34 -19
- data/app/controllers/devise/sessions_controller.rb +47 -17
- data/app/controllers/devise/unlocks_controller.rb +9 -4
- data/app/controllers/devise_controller.rb +67 -31
- data/app/helpers/devise_helper.rb +4 -2
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +8 -4
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +15 -6
- data/app/views/devise/passwords/new.html.erb +8 -4
- data/app/views/devise/registrations/edit.html.erb +28 -14
- data/app/views/devise/registrations/new.html.erb +19 -8
- data/app/views/devise/sessions/new.html.erb +17 -8
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +8 -4
- data/bin/test +13 -0
- data/config/locales/en.yml +22 -17
- data/devise.gemspec +7 -6
- data/gemfiles/Gemfile.rails-4.1-stable +32 -0
- data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
- data/gemfiles/Gemfile.rails-4.2-stable +32 -0
- data/gemfiles/Gemfile.rails-4.2-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.0-stable +33 -0
- data/gemfiles/Gemfile.rails-5.0-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
- data/guides/bug_report_templates/integration_test.rb +106 -0
- data/lib/devise.rb +107 -84
- data/lib/devise/controllers/helpers.rb +111 -31
- data/lib/devise/controllers/rememberable.rb +15 -6
- data/lib/devise/controllers/scoped_views.rb +3 -1
- data/lib/devise/controllers/sign_in_out.rb +39 -26
- data/lib/devise/controllers/store_location.rb +31 -2
- data/lib/devise/controllers/url_helpers.rb +9 -7
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +24 -0
- data/lib/devise/failure_app.rb +98 -39
- data/lib/devise/hooks/activatable.rb +7 -6
- data/lib/devise/hooks/csrf_cleaner.rb +5 -1
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +7 -2
- data/lib/devise/hooks/proxy.rb +4 -2
- data/lib/devise/hooks/rememberable.rb +4 -2
- data/lib/devise/hooks/timeoutable.rb +16 -9
- data/lib/devise/hooks/trackable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +15 -12
- data/lib/devise/mapping.rb +8 -2
- data/lib/devise/models.rb +3 -1
- data/lib/devise/models/authenticatable.rb +63 -36
- data/lib/devise/models/confirmable.rb +121 -41
- data/lib/devise/models/database_authenticatable.rb +66 -23
- data/lib/devise/models/lockable.rb +30 -17
- data/lib/devise/models/omniauthable.rb +3 -1
- data/lib/devise/models/recoverable.rb +62 -26
- data/lib/devise/models/registerable.rb +2 -0
- data/lib/devise/models/rememberable.rb +62 -33
- data/lib/devise/models/timeoutable.rb +4 -8
- data/lib/devise/models/trackable.rb +12 -3
- data/lib/devise/models/validatable.rb +16 -9
- data/lib/devise/modules.rb +12 -10
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +2 -0
- data/lib/devise/parameter_sanitizer.rb +131 -69
- data/lib/devise/rails.rb +10 -13
- data/lib/devise/rails/routes.rb +147 -116
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/secret_key_finder.rb +25 -0
- data/lib/devise/strategies/authenticatable.rb +20 -9
- data/lib/devise/strategies/base.rb +3 -1
- data/lib/devise/strategies/database_authenticatable.rb +8 -5
- data/lib/devise/strategies/rememberable.rb +15 -3
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +4 -2
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/generators/active_record/devise_generator.rb +47 -10
- data/lib/generators/active_record/templates/migration.rb +9 -7
- data/lib/generators/active_record/templates/migration_existing.rb +9 -7
- data/lib/generators/devise/controllers_generator.rb +46 -0
- data/lib/generators/devise/devise_generator.rb +9 -5
- data/lib/generators/devise/install_generator.rb +22 -0
- data/lib/generators/devise/orm_helpers.rb +8 -19
- data/lib/generators/devise/views_generator.rb +51 -28
- data/lib/generators/mongoid/devise_generator.rb +22 -19
- data/lib/generators/templates/README +5 -12
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/devise.rb +64 -35
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +42 -0
- data/test/controllers/custom_strategy_test.rb +10 -6
- data/test/controllers/helper_methods_test.rb +24 -0
- data/test/controllers/helpers_test.rb +88 -40
- data/test/controllers/inherited_controller_i18n_messages_test.rb +53 -0
- data/test/controllers/internal_helpers_test.rb +31 -22
- data/test/controllers/load_hooks_controller_test.rb +21 -0
- data/test/controllers/passwords_controller_test.rb +8 -5
- data/test/controllers/sessions_controller_test.rb +42 -33
- data/test/controllers/url_helpers_test.rb +13 -5
- data/test/delegator_test.rb +3 -1
- data/test/devise_test.rb +34 -19
- data/test/failure_app_test.rb +150 -42
- data/test/generators/active_record_generator_test.rb +58 -31
- data/test/generators/controllers_generator_test.rb +50 -0
- data/test/generators/devise_generator_test.rb +4 -2
- data/test/generators/install_generator_test.rb +16 -3
- data/test/generators/mongoid_generator_test.rb +5 -3
- data/test/generators/views_generator_test.rb +40 -2
- data/test/helpers/devise_helper_test.rb +20 -20
- data/test/integration/authenticatable_test.rb +134 -141
- data/test/integration/confirmable_test.rb +109 -67
- data/test/integration/database_authenticatable_test.rb +36 -23
- data/test/integration/http_authenticatable_test.rb +29 -20
- data/test/integration/lockable_test.rb +52 -49
- data/test/integration/mounted_engine_test.rb +38 -0
- data/test/integration/omniauthable_test.rb +30 -15
- data/test/integration/recoverable_test.rb +76 -61
- data/test/integration/registerable_test.rb +107 -91
- data/test/integration/rememberable_test.rb +82 -30
- data/test/integration/timeoutable_test.rb +48 -40
- data/test/integration/trackable_test.rb +15 -8
- data/test/mailers/confirmation_instructions_test.rb +16 -14
- data/test/mailers/email_changed_test.rb +132 -0
- data/test/mailers/mailer_test.rb +20 -0
- data/test/mailers/reset_password_instructions_test.rb +13 -11
- data/test/mailers/unlock_instructions_test.rb +12 -10
- data/test/mapping_test.rb +15 -6
- data/test/models/authenticatable_test.rb +15 -3
- data/test/models/confirmable_test.rb +190 -95
- data/test/models/database_authenticatable_test.rb +75 -41
- data/test/models/lockable_test.rb +115 -61
- data/test/models/omniauthable_test.rb +3 -1
- data/test/models/recoverable_test.rb +116 -37
- data/test/models/registerable_test.rb +3 -1
- data/test/models/rememberable_test.rb +95 -94
- data/test/models/serializable_test.rb +19 -8
- data/test/models/timeoutable_test.rb +10 -8
- data/test/models/trackable_test.rb +50 -1
- data/test/models/validatable_test.rb +24 -30
- data/test/models_test.rb +19 -8
- data/test/omniauth/config_test.rb +15 -11
- data/test/omniauth/url_helpers_test.rb +8 -9
- data/test/orm/active_record.rb +16 -2
- data/test/orm/mongoid.rb +4 -2
- data/test/parameter_sanitizer_test.rb +53 -57
- data/test/rails_app/app/active_record/admin.rb +2 -0
- data/test/rails_app/app/active_record/shim.rb +3 -1
- data/test/rails_app/app/active_record/user.rb +14 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +9 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +9 -0
- data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
- data/test/rails_app/app/active_record/user_without_email.rb +10 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/admins_controller.rb +3 -6
- data/test/rails_app/app/controllers/application_controller.rb +7 -3
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +32 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +33 -0
- data/test/rails_app/app/controllers/home_controller.rb +7 -1
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +3 -1
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +7 -5
- data/test/rails_app/app/controllers/users_controller.rb +8 -6
- data/test/rails_app/app/helpers/application_helper.rb +2 -0
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +5 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -10
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +6 -0
- data/test/rails_app/app/mongoid/admin.rb +13 -11
- data/test/rails_app/app/mongoid/shim.rb +4 -2
- data/test/rails_app/app/mongoid/user.rb +30 -19
- data/test/rails_app/app/mongoid/user_on_engine.rb +41 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +41 -0
- data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +35 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/home/index.html.erb +1 -1
- data/test/rails_app/app/views/home/join.html.erb +1 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +13 -5
- data/test/rails_app/config/boot.rb +17 -4
- data/test/rails_app/config/environment.rb +2 -0
- data/test/rails_app/config/environments/development.rb +2 -0
- data/test/rails_app/config/environments/production.rb +10 -2
- data/test/rails_app/config/environments/test.rb +14 -3
- data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
- data/test/rails_app/config/initializers/devise.rb +22 -21
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +3 -6
- data/test/rails_app/config/initializers/session_store.rb +2 -0
- data/test/rails_app/config/routes.rb +67 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +16 -10
- data/test/rails_app/db/schema.rb +2 -0
- data/test/rails_app/lib/shared_admin.rb +10 -4
- data/test/rails_app/lib/shared_user.rb +4 -1
- data/test/rails_app/lib/shared_user_without_email.rb +28 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +15 -0
- data/test/rails_test.rb +11 -0
- data/test/routes_test.rb +92 -61
- data/test/secret_key_finder_test.rb +97 -0
- data/test/support/action_controller/record_identifier.rb +12 -0
- data/test/support/assertions.rb +4 -14
- data/test/support/helpers.rb +23 -10
- data/test/support/http_method_compatibility.rb +53 -0
- data/test/support/integration.rb +19 -16
- data/test/support/mongoid.yml +6 -0
- data/test/support/webrat/integrations/rails.rb +11 -0
- data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +60 -40
- data/test/test/integration_helpers_test.rb +34 -0
- data/test/test_helper.rb +9 -0
- data/test/test_models.rb +8 -6
- metadata +123 -53
- data/gemfiles/Gemfile.rails-3.2.x +0 -31
- data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
RailsApp::Application.configure do
|
2
4
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
5
|
|
@@ -20,7 +22,13 @@ RailsApp::Application.configure do
|
|
20
22
|
# config.action_dispatch.rack_cache = true
|
21
23
|
|
22
24
|
# Disable Rails's static asset server (Apache or nginx will already do this).
|
23
|
-
|
25
|
+
if Rails.version >= "5.0.0"
|
26
|
+
config.public_file_server.enabled = false
|
27
|
+
elsif Rails.version >= "4.2.0"
|
28
|
+
config.serve_static_files = false
|
29
|
+
else
|
30
|
+
config.serve_static_assets = false
|
31
|
+
end
|
24
32
|
|
25
33
|
# Compress JavaScripts and CSS.
|
26
34
|
config.assets.js_compressor = :uglifier
|
@@ -46,7 +54,7 @@ RailsApp::Application.configure do
|
|
46
54
|
config.log_level = :info
|
47
55
|
|
48
56
|
# Prepend all log lines with the following tags.
|
49
|
-
# config.log_tags = [
|
57
|
+
# config.log_tags = [:subdomain, :uuid]
|
50
58
|
|
51
59
|
# Use a different logger for distributed setups.
|
52
60
|
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
RailsApp::Application.configure do
|
2
4
|
# Settings specified here will take precedence over those in config/application.rb.
|
3
5
|
|
@@ -12,9 +14,18 @@ RailsApp::Application.configure do
|
|
12
14
|
# preloads Rails for running tests, you may have to set it to true.
|
13
15
|
config.eager_load = false
|
14
16
|
|
15
|
-
#
|
16
|
-
|
17
|
-
|
17
|
+
# Disable serving static files from the `/public` folder by default since
|
18
|
+
# Apache or NGINX already handles this.
|
19
|
+
if Rails.version >= "5.0.0"
|
20
|
+
config.public_file_server.enabled = true
|
21
|
+
config.public_file_server.headers = {'Cache-Control' => 'public, max-age=3600'}
|
22
|
+
elsif Rails.version >= "4.2.0"
|
23
|
+
config.serve_static_files = true
|
24
|
+
config.static_cache_control = "public, max-age=3600"
|
25
|
+
else
|
26
|
+
config.serve_static_assets = true
|
27
|
+
config.static_cache_control = "public, max-age=3600"
|
28
|
+
end
|
18
29
|
|
19
30
|
# Show full error reports and disable caching.
|
20
31
|
config.consider_all_requests_local = true
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "omniauth-facebook"
|
2
4
|
require "omniauth-openid"
|
3
5
|
|
@@ -12,6 +14,8 @@ Devise.setup do |config|
|
|
12
14
|
# note that it will be overwritten if you use your own mailer class with default "from" parameter.
|
13
15
|
config.mailer_sender = "please-change-me@config-initializers-devise.com"
|
14
16
|
|
17
|
+
|
18
|
+
config.parent_controller = "ApplicationWithFakeEngine"
|
15
19
|
# Configure the class responsible to send e-mails.
|
16
20
|
# config.mailer = "Devise::Mailer"
|
17
21
|
|
@@ -29,7 +33,7 @@ Devise.setup do |config|
|
|
29
33
|
# session. If you need permissions, you should implement that in a before filter.
|
30
34
|
# You can also supply hash where the value is a boolean expliciting if authentication
|
31
35
|
# should be aborted or not if the value is not present. By default is empty.
|
32
|
-
# config.authentication_keys = [
|
36
|
+
# config.authentication_keys = [:email]
|
33
37
|
|
34
38
|
# Configure parameters from the request object used for authentication. Each entry
|
35
39
|
# given should be a request method and it will automatically be passed to
|
@@ -41,12 +45,12 @@ Devise.setup do |config|
|
|
41
45
|
# Configure which authentication keys should be case-insensitive.
|
42
46
|
# These keys will be downcased upon creating or modifying a user and when used
|
43
47
|
# to authenticate or find a user. Default is :email.
|
44
|
-
config.case_insensitive_keys = [
|
48
|
+
config.case_insensitive_keys = [:email]
|
45
49
|
|
46
50
|
# Configure which authentication keys should have whitespace stripped.
|
47
51
|
# These keys will have whitespace before and after removed upon creating or
|
48
52
|
# modifying a user and when used to authenticate or find a user. Default is :email.
|
49
|
-
config.strip_whitespace_keys = [
|
53
|
+
config.strip_whitespace_keys = [:email]
|
50
54
|
|
51
55
|
# Tell if authentication through request.params is enabled. True by default.
|
52
56
|
# config.params_authenticatable = true
|
@@ -66,8 +70,8 @@ Devise.setup do |config|
|
|
66
70
|
config.stretches = Rails.env.test? ? 1 : 10
|
67
71
|
|
68
72
|
# ==> Configuration for :confirmable
|
69
|
-
# The time you want to give your user to confirm
|
70
|
-
#
|
73
|
+
# The time you want to give your user to confirm their account. During this time
|
74
|
+
# they will be able to access your application without confirming. Default is nil.
|
71
75
|
# When allow_unconfirmed_access_for is zero, the user won't be able to sign in without confirming.
|
72
76
|
# You can use this to let your user access some features of your application
|
73
77
|
# without confirming the account, but blocking it after a certain period
|
@@ -75,21 +79,18 @@ Devise.setup do |config|
|
|
75
79
|
# config.allow_unconfirmed_access_for = 2.days
|
76
80
|
|
77
81
|
# Defines which key will be used when confirming an account
|
78
|
-
# config.confirmation_keys = [
|
82
|
+
# config.confirmation_keys = [:email]
|
79
83
|
|
80
84
|
# ==> Configuration for :rememberable
|
81
85
|
# The time the user will be remembered without asking for credentials again.
|
82
86
|
# config.remember_for = 2.weeks
|
83
87
|
|
84
|
-
# If true, a valid remember token can be re-used between multiple browsers.
|
85
|
-
# config.remember_across_browsers = true
|
86
|
-
|
87
88
|
# If true, extends the user's remember period when remembered via cookie.
|
88
89
|
# config.extend_remember_period = false
|
89
90
|
|
90
91
|
# ==> Configuration for :validatable
|
91
|
-
# Range for password length. Default is 8..
|
92
|
-
# config.password_length = 8..
|
92
|
+
# Range for password length. Default is 8..72.
|
93
|
+
# config.password_length = 8..72
|
93
94
|
|
94
95
|
# Regex to use to validate the email address
|
95
96
|
# config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
|
@@ -106,7 +107,7 @@ Devise.setup do |config|
|
|
106
107
|
# config.lock_strategy = :failed_attempts
|
107
108
|
|
108
109
|
# Defines which key will be used when locking and unlocking an account
|
109
|
-
# config.unlock_keys = [
|
110
|
+
# config.unlock_keys = [:email]
|
110
111
|
|
111
112
|
# Defines which strategy will be used to unlock an account.
|
112
113
|
# :email = Sends an unlock link to the user email
|
@@ -125,19 +126,19 @@ Devise.setup do |config|
|
|
125
126
|
# ==> Configuration for :recoverable
|
126
127
|
#
|
127
128
|
# Defines which key will be used when recovering the password for an account
|
128
|
-
# config.reset_password_keys = [
|
129
|
+
# config.reset_password_keys = [:email]
|
129
130
|
|
130
131
|
# Time interval you can reset your password with a reset password key.
|
131
132
|
# Don't put a too small interval or your users won't have the time to
|
132
133
|
# change their passwords.
|
133
134
|
config.reset_password_within = 2.hours
|
134
135
|
|
135
|
-
#
|
136
|
-
|
136
|
+
# When set to false, does not sign a user in automatically after their password is
|
137
|
+
# reset. Defaults to true, so a user is signed in automatically after a reset.
|
138
|
+
# config.sign_in_after_reset_password = true
|
137
139
|
|
138
|
-
#
|
139
|
-
|
140
|
-
# config.token_authentication_key = :auth_token
|
140
|
+
# Set up a pepper to generate the encrypted password.
|
141
|
+
config.pepper = "d142367154e5beacca404b1a6a4f8bc52c6fdcfa3ccc3cf8eb49f3458a688ee6ac3b9fae488432a3bfca863b8a90008368a9f3a3dfbe5a962e64b6ab8f3a3a1a"
|
141
142
|
|
142
143
|
# ==> Scopes configuration
|
143
144
|
# Turn scoped views on. Before rendering "sessions/new", it will first check for
|
@@ -166,9 +167,9 @@ Devise.setup do |config|
|
|
166
167
|
# config.sign_out_via = :get
|
167
168
|
|
168
169
|
# ==> OmniAuth
|
169
|
-
config.omniauth :facebook, 'APP_ID', 'APP_SECRET', :
|
170
|
+
config.omniauth :facebook, 'APP_ID', 'APP_SECRET', scope: 'email,offline_access'
|
170
171
|
config.omniauth :openid
|
171
|
-
config.omniauth :openid, :
|
172
|
+
config.omniauth :openid, name: 'google', identifier: 'https://www.google.com/accounts/o8/id'
|
172
173
|
|
173
174
|
# ==> Warden configuration
|
174
175
|
# If you want to use other strategies, that are not supported by Devise, or
|
@@ -176,6 +177,6 @@ Devise.setup do |config|
|
|
176
177
|
#
|
177
178
|
# config.warden do |manager|
|
178
179
|
# manager.failure_app = AnotherApp
|
179
|
-
# manager.default_strategies(:
|
180
|
+
# manager.default_strategies(scope: :user).unshift :some_external_strategy
|
180
181
|
# end
|
181
182
|
end
|
@@ -1,8 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
config = Rails.application.config
|
2
4
|
|
3
|
-
|
4
|
-
config.secret_key_base = 'd588e99efff13a86461fd6ab82327823ad2f8feb5dc217ce652cdd9f0dfc5eb4b5a62a92d24d2574d7d51dfb1ea8dd453ea54e00cf672159a13104a135422a10'
|
5
|
-
else
|
6
|
-
config.secret_token = 'ea942c41850d502f2c8283e26bdc57829f471bb18224ddff0a192c4f32cdf6cb5aa0d82b3a7a7adbeb640c4b06f3aa1cd5f098162d8240f669b39d6b49680571'
|
7
|
-
config.session_store :cookie_store, :key => "_my_app"
|
8
|
-
end
|
5
|
+
config.secret_key_base = 'd588e99efff13a86461fd6ab82327823ad2f8feb5dc217ce652cdd9f0dfc5eb4b5a62a92d24d2574d7d51dfb1ea8dd453ea54e00cf672159a13104a135422a10'
|
@@ -1,6 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
Rails.application.routes.draw do
|
2
4
|
# Resources for testing
|
3
|
-
resources :users, :
|
5
|
+
resources :users, only: [:index] do
|
4
6
|
member do
|
5
7
|
get :expire
|
6
8
|
get :accept
|
@@ -9,96 +11,118 @@ Rails.application.routes.draw do
|
|
9
11
|
end
|
10
12
|
|
11
13
|
authenticate do
|
12
|
-
post :exhibit, :
|
14
|
+
post :exhibit, on: :member
|
13
15
|
end
|
14
16
|
end
|
15
17
|
|
16
|
-
resources :admins, :
|
17
|
-
get :expire, :on => :member
|
18
|
-
end
|
18
|
+
resources :admins, only: [:index]
|
19
19
|
|
20
20
|
# Users scope
|
21
|
-
devise_for :users, :
|
21
|
+
devise_for :users, controllers: { omniauth_callbacks: "users/omniauth_callbacks" }
|
22
|
+
|
23
|
+
devise_for :user_on_main_apps,
|
24
|
+
class_name: 'UserOnMainApp',
|
25
|
+
router_name: :main_app,
|
26
|
+
module: :devise
|
27
|
+
|
28
|
+
devise_for :user_on_engines,
|
29
|
+
class_name: 'UserOnEngine',
|
30
|
+
router_name: :fake_engine,
|
31
|
+
module: :devise
|
32
|
+
|
33
|
+
devise_for :user_without_email,
|
34
|
+
class_name: 'UserWithoutEmail',
|
35
|
+
router_name: :main_app,
|
36
|
+
module: :devise
|
22
37
|
|
23
38
|
as :user do
|
24
|
-
get "/as/sign_in", :
|
39
|
+
get "/as/sign_in", to: "devise/sessions#new"
|
25
40
|
end
|
26
41
|
|
27
|
-
get "/sign_in", :
|
42
|
+
get "/sign_in", to: "devise/sessions#new"
|
43
|
+
|
44
|
+
# Routes for custom controller testing
|
45
|
+
devise_for :user, only: [:registrations], controllers: { registrations: "custom/registrations" }, as: :custom, path: :custom
|
28
46
|
|
29
47
|
# Admin scope
|
30
|
-
devise_for :admin, :
|
48
|
+
devise_for :admin, path: "admin_area", controllers: { sessions: :"admins/sessions" }, skip: :passwords
|
31
49
|
|
32
|
-
get "/admin_area/home", :
|
33
|
-
get "/anywhere", :
|
50
|
+
get "/admin_area/home", to: "admins#index", as: :admin_root
|
51
|
+
get "/anywhere", to: "foo#bar", as: :new_admin_password
|
34
52
|
|
35
53
|
authenticate(:admin) do
|
36
|
-
get "/private", :
|
54
|
+
get "/private", to: "home#private", as: :private
|
37
55
|
end
|
38
56
|
|
39
57
|
authenticate(:admin, lambda { |admin| admin.active? }) do
|
40
|
-
get "/private/active", :
|
58
|
+
get "/private/active", to: "home#private", as: :private_active
|
41
59
|
end
|
42
60
|
|
43
61
|
authenticated :admin do
|
44
|
-
get "/dashboard", :
|
62
|
+
get "/dashboard", to: "home#admin_dashboard"
|
45
63
|
end
|
46
64
|
|
47
65
|
authenticated :admin, lambda { |admin| admin.active? } do
|
48
|
-
get "/dashboard/active", :
|
66
|
+
get "/dashboard/active", to: "home#admin_dashboard"
|
49
67
|
end
|
50
68
|
|
51
69
|
authenticated do
|
52
|
-
get "/dashboard", :
|
70
|
+
get "/dashboard", to: "home#user_dashboard"
|
53
71
|
end
|
54
72
|
|
55
73
|
unauthenticated do
|
56
|
-
get "/join", :
|
74
|
+
get "/join", to: "home#join"
|
57
75
|
end
|
58
76
|
|
59
77
|
# Routes for constraints testing
|
60
|
-
devise_for :headquarters_admin, :
|
78
|
+
devise_for :headquarters_admin, class_name: "Admin", path: "headquarters", constraints: {host: /192\.168\.1\.\d\d\d/}
|
79
|
+
|
80
|
+
constraints(host: /192\.168\.1\.\d\d\d/) do
|
81
|
+
devise_for :homebase_admin, class_name: "Admin", path: "homebase"
|
82
|
+
end
|
61
83
|
|
62
|
-
|
63
|
-
devise_for :
|
84
|
+
scope(subdomain: 'sub') do
|
85
|
+
devise_for :subdomain_users, class_name: "User", only: [:sessions]
|
64
86
|
end
|
65
87
|
|
66
|
-
devise_for :skip_admin, :
|
88
|
+
devise_for :skip_admin, class_name: "Admin", skip: :all
|
67
89
|
|
68
90
|
# Routes for format=false testing
|
69
|
-
devise_for :htmlonly_admin, :
|
70
|
-
devise_for :htmlonly_users, :
|
91
|
+
devise_for :htmlonly_admin, class_name: "Admin", skip: [:confirmations, :unlocks], path: "htmlonly_admin", format: false, skip_helpers: [:confirmations, :unlocks]
|
92
|
+
devise_for :htmlonly_users, class_name: "User", only: [:confirmations, :unlocks], path: "htmlonly_users", format: false, skip_helpers: true
|
71
93
|
|
72
94
|
# Other routes for routing_test.rb
|
73
|
-
devise_for :reader, :
|
95
|
+
devise_for :reader, class_name: "User", only: :passwords
|
74
96
|
|
75
|
-
scope :
|
76
|
-
devise_for :sub_admin, :
|
97
|
+
scope host: "sub.example.com" do
|
98
|
+
devise_for :sub_admin, class_name: "Admin"
|
77
99
|
end
|
78
100
|
|
79
|
-
namespace :publisher, :
|
80
|
-
devise_for :accounts, :
|
101
|
+
namespace :publisher, path_names: { sign_in: "i_dont_care", sign_out: "get_out" } do
|
102
|
+
devise_for :accounts, class_name: "Admin", path_names: { sign_in: "get_in" }
|
81
103
|
end
|
82
104
|
|
83
|
-
scope ":locale", :
|
84
|
-
devise_for :accounts, :
|
85
|
-
:
|
86
|
-
:
|
87
|
-
:
|
88
|
-
:
|
89
|
-
:
|
90
|
-
|
105
|
+
scope ":locale", module: :invalid do
|
106
|
+
devise_for :accounts, singular: "manager", class_name: "Admin",
|
107
|
+
path_names: {
|
108
|
+
sign_in: "login", sign_out: "logout",
|
109
|
+
password: "secret", confirmation: "verification",
|
110
|
+
unlock: "unblock", sign_up: "register",
|
111
|
+
registration: "management",
|
112
|
+
cancel: "giveup", edit: "edit/profile"
|
113
|
+
}, failure_app: lambda { |env| [404, {"Content-Type" => "text/plain"}, ["Oops, not found"]] }, module: :devise
|
91
114
|
end
|
92
115
|
|
93
|
-
namespace :sign_out_via, :
|
94
|
-
devise_for :deletes, :
|
95
|
-
devise_for :posts, :
|
96
|
-
devise_for :
|
116
|
+
namespace :sign_out_via, module: "devise" do
|
117
|
+
devise_for :deletes, sign_out_via: :delete, class_name: "Admin"
|
118
|
+
devise_for :posts, sign_out_via: :post, class_name: "Admin"
|
119
|
+
devise_for :gets, sign_out_via: :get, class_name: "Admin"
|
120
|
+
devise_for :delete_or_posts, sign_out_via: [:delete, :post], class_name: "Admin"
|
97
121
|
end
|
98
122
|
|
99
|
-
get "/set", :
|
100
|
-
get "/unauthenticated", :
|
123
|
+
get "/set", to: "home#set"
|
124
|
+
get "/unauthenticated", to: "home#unauthenticated"
|
101
125
|
get "/custom_strategy/new"
|
102
126
|
|
103
|
-
root :
|
127
|
+
root to: "home#index", via: [:get, :post]
|
104
128
|
end
|
@@ -1,12 +1,18 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
superclass = ActiveRecord::Migration
|
4
|
+
# TODO: Inherit from the 5.0 Migration class directly when we drop support for Rails 4.
|
5
|
+
superclass = ActiveRecord::Migration[5.0] if superclass.respond_to?(:[])
|
6
|
+
|
7
|
+
class CreateTables < superclass
|
2
8
|
def self.up
|
3
9
|
create_table :users do |t|
|
4
10
|
t.string :username
|
5
11
|
t.string :facebook_token
|
6
12
|
|
7
13
|
## Database authenticatable
|
8
|
-
t.string :email, :
|
9
|
-
t.string :encrypted_password, :
|
14
|
+
t.string :email, null: false, default: ""
|
15
|
+
t.string :encrypted_password, null: false, default: ""
|
10
16
|
|
11
17
|
## Recoverable
|
12
18
|
t.string :reset_password_token
|
@@ -16,7 +22,7 @@ class CreateTables < ActiveRecord::Migration
|
|
16
22
|
t.datetime :remember_created_at
|
17
23
|
|
18
24
|
## Trackable
|
19
|
-
t.integer :sign_in_count, :
|
25
|
+
t.integer :sign_in_count, default: 0
|
20
26
|
t.datetime :current_sign_in_at
|
21
27
|
t.datetime :last_sign_in_at
|
22
28
|
t.string :current_sign_in_ip
|
@@ -29,17 +35,17 @@ class CreateTables < ActiveRecord::Migration
|
|
29
35
|
# t.string :unconfirmed_email # Only if using reconfirmable
|
30
36
|
|
31
37
|
## Lockable
|
32
|
-
t.integer :failed_attempts, :
|
38
|
+
t.integer :failed_attempts, default: 0 # Only if lock strategy is :failed_attempts
|
33
39
|
t.string :unlock_token # Only if unlock strategy is :email or :both
|
34
40
|
t.datetime :locked_at
|
35
41
|
|
36
|
-
t.timestamps
|
42
|
+
t.timestamps null: false
|
37
43
|
end
|
38
44
|
|
39
45
|
create_table :admins do |t|
|
40
46
|
## Database authenticatable
|
41
|
-
t.string :email, :
|
42
|
-
t.string :encrypted_password, :
|
47
|
+
t.string :email, null: true
|
48
|
+
t.string :encrypted_password, null: true
|
43
49
|
|
44
50
|
## Recoverable
|
45
51
|
t.string :reset_password_token
|
@@ -58,9 +64,9 @@ class CreateTables < ActiveRecord::Migration
|
|
58
64
|
t.datetime :locked_at
|
59
65
|
|
60
66
|
## Attribute for testing route blocks
|
61
|
-
t.boolean :active, :
|
67
|
+
t.boolean :active, default: false
|
62
68
|
|
63
|
-
t.timestamps
|
69
|
+
t.timestamps null: false
|
64
70
|
end
|
65
71
|
end
|
66
72
|
|
data/test/rails_app/db/schema.rb
CHANGED
@@ -1,4 +1,6 @@
|
|
1
1
|
# encoding: UTF-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
# This file is auto-generated from the current state of the database. Instead
|
3
5
|
# of editing this file, please use the migrations feature of Active Record to
|
4
6
|
# incrementally modify your database, and then regenerate this schema definition.
|