devise 3.2.1 → 4.4.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.travis.yml +58 -10
- data/CHANGELOG.md +199 -979
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +73 -8
- data/Gemfile +19 -11
- data/Gemfile.lock +152 -119
- data/ISSUE_TEMPLATE.md +19 -0
- data/MIT-LICENSE +1 -1
- data/README.md +347 -93
- data/Rakefile +4 -2
- data/app/controllers/devise/confirmations_controller.rb +11 -5
- data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
- data/app/controllers/devise/passwords_controller.rb +20 -8
- data/app/controllers/devise/registrations_controller.rb +34 -19
- data/app/controllers/devise/sessions_controller.rb +47 -17
- data/app/controllers/devise/unlocks_controller.rb +9 -4
- data/app/controllers/devise_controller.rb +67 -31
- data/app/helpers/devise_helper.rb +4 -2
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +8 -4
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +15 -6
- data/app/views/devise/passwords/new.html.erb +8 -4
- data/app/views/devise/registrations/edit.html.erb +28 -14
- data/app/views/devise/registrations/new.html.erb +19 -8
- data/app/views/devise/sessions/new.html.erb +17 -8
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +8 -4
- data/bin/test +13 -0
- data/config/locales/en.yml +22 -17
- data/devise.gemspec +7 -6
- data/gemfiles/Gemfile.rails-4.1-stable +32 -0
- data/gemfiles/Gemfile.rails-4.1-stable.lock +171 -0
- data/gemfiles/Gemfile.rails-4.2-stable +32 -0
- data/gemfiles/Gemfile.rails-4.2-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.0-stable +33 -0
- data/gemfiles/Gemfile.rails-5.0-stable.lock +192 -0
- data/gemfiles/Gemfile.rails-5.2-rc1 +26 -0
- data/gemfiles/Gemfile.rails-5.2-rc1.lock +201 -0
- data/guides/bug_report_templates/integration_test.rb +106 -0
- data/lib/devise.rb +107 -84
- data/lib/devise/controllers/helpers.rb +111 -31
- data/lib/devise/controllers/rememberable.rb +15 -6
- data/lib/devise/controllers/scoped_views.rb +3 -1
- data/lib/devise/controllers/sign_in_out.rb +39 -26
- data/lib/devise/controllers/store_location.rb +31 -2
- data/lib/devise/controllers/url_helpers.rb +9 -7
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +24 -0
- data/lib/devise/failure_app.rb +98 -39
- data/lib/devise/hooks/activatable.rb +7 -6
- data/lib/devise/hooks/csrf_cleaner.rb +5 -1
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +7 -2
- data/lib/devise/hooks/proxy.rb +4 -2
- data/lib/devise/hooks/rememberable.rb +4 -2
- data/lib/devise/hooks/timeoutable.rb +16 -9
- data/lib/devise/hooks/trackable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +15 -12
- data/lib/devise/mapping.rb +8 -2
- data/lib/devise/models.rb +3 -1
- data/lib/devise/models/authenticatable.rb +63 -36
- data/lib/devise/models/confirmable.rb +121 -41
- data/lib/devise/models/database_authenticatable.rb +66 -23
- data/lib/devise/models/lockable.rb +30 -17
- data/lib/devise/models/omniauthable.rb +3 -1
- data/lib/devise/models/recoverable.rb +62 -26
- data/lib/devise/models/registerable.rb +2 -0
- data/lib/devise/models/rememberable.rb +62 -33
- data/lib/devise/models/timeoutable.rb +4 -8
- data/lib/devise/models/trackable.rb +12 -3
- data/lib/devise/models/validatable.rb +16 -9
- data/lib/devise/modules.rb +12 -10
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +2 -0
- data/lib/devise/parameter_sanitizer.rb +131 -69
- data/lib/devise/rails.rb +10 -13
- data/lib/devise/rails/routes.rb +147 -116
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/secret_key_finder.rb +25 -0
- data/lib/devise/strategies/authenticatable.rb +20 -9
- data/lib/devise/strategies/base.rb +3 -1
- data/lib/devise/strategies/database_authenticatable.rb +8 -5
- data/lib/devise/strategies/rememberable.rb +15 -3
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +4 -2
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/generators/active_record/devise_generator.rb +47 -10
- data/lib/generators/active_record/templates/migration.rb +9 -7
- data/lib/generators/active_record/templates/migration_existing.rb +9 -7
- data/lib/generators/devise/controllers_generator.rb +46 -0
- data/lib/generators/devise/devise_generator.rb +9 -5
- data/lib/generators/devise/install_generator.rb +22 -0
- data/lib/generators/devise/orm_helpers.rb +8 -19
- data/lib/generators/devise/views_generator.rb +51 -28
- data/lib/generators/mongoid/devise_generator.rb +22 -19
- data/lib/generators/templates/README +5 -12
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/devise.rb +64 -35
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +42 -0
- data/test/controllers/custom_strategy_test.rb +10 -6
- data/test/controllers/helper_methods_test.rb +24 -0
- data/test/controllers/helpers_test.rb +88 -40
- data/test/controllers/inherited_controller_i18n_messages_test.rb +53 -0
- data/test/controllers/internal_helpers_test.rb +31 -22
- data/test/controllers/load_hooks_controller_test.rb +21 -0
- data/test/controllers/passwords_controller_test.rb +8 -5
- data/test/controllers/sessions_controller_test.rb +42 -33
- data/test/controllers/url_helpers_test.rb +13 -5
- data/test/delegator_test.rb +3 -1
- data/test/devise_test.rb +34 -19
- data/test/failure_app_test.rb +150 -42
- data/test/generators/active_record_generator_test.rb +58 -31
- data/test/generators/controllers_generator_test.rb +50 -0
- data/test/generators/devise_generator_test.rb +4 -2
- data/test/generators/install_generator_test.rb +16 -3
- data/test/generators/mongoid_generator_test.rb +5 -3
- data/test/generators/views_generator_test.rb +40 -2
- data/test/helpers/devise_helper_test.rb +20 -20
- data/test/integration/authenticatable_test.rb +134 -141
- data/test/integration/confirmable_test.rb +109 -67
- data/test/integration/database_authenticatable_test.rb +36 -23
- data/test/integration/http_authenticatable_test.rb +29 -20
- data/test/integration/lockable_test.rb +52 -49
- data/test/integration/mounted_engine_test.rb +38 -0
- data/test/integration/omniauthable_test.rb +30 -15
- data/test/integration/recoverable_test.rb +76 -61
- data/test/integration/registerable_test.rb +107 -91
- data/test/integration/rememberable_test.rb +82 -30
- data/test/integration/timeoutable_test.rb +48 -40
- data/test/integration/trackable_test.rb +15 -8
- data/test/mailers/confirmation_instructions_test.rb +16 -14
- data/test/mailers/email_changed_test.rb +132 -0
- data/test/mailers/mailer_test.rb +20 -0
- data/test/mailers/reset_password_instructions_test.rb +13 -11
- data/test/mailers/unlock_instructions_test.rb +12 -10
- data/test/mapping_test.rb +15 -6
- data/test/models/authenticatable_test.rb +15 -3
- data/test/models/confirmable_test.rb +190 -95
- data/test/models/database_authenticatable_test.rb +75 -41
- data/test/models/lockable_test.rb +115 -61
- data/test/models/omniauthable_test.rb +3 -1
- data/test/models/recoverable_test.rb +116 -37
- data/test/models/registerable_test.rb +3 -1
- data/test/models/rememberable_test.rb +95 -94
- data/test/models/serializable_test.rb +19 -8
- data/test/models/timeoutable_test.rb +10 -8
- data/test/models/trackable_test.rb +50 -1
- data/test/models/validatable_test.rb +24 -30
- data/test/models_test.rb +19 -8
- data/test/omniauth/config_test.rb +15 -11
- data/test/omniauth/url_helpers_test.rb +8 -9
- data/test/orm/active_record.rb +16 -2
- data/test/orm/mongoid.rb +4 -2
- data/test/parameter_sanitizer_test.rb +53 -57
- data/test/rails_app/app/active_record/admin.rb +2 -0
- data/test/rails_app/app/active_record/shim.rb +3 -1
- data/test/rails_app/app/active_record/user.rb +14 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +9 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +9 -0
- data/test/rails_app/app/active_record/user_with_validations.rb +12 -0
- data/test/rails_app/app/active_record/user_without_email.rb +10 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/admins_controller.rb +3 -6
- data/test/rails_app/app/controllers/application_controller.rb +7 -3
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +32 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +33 -0
- data/test/rails_app/app/controllers/home_controller.rb +7 -1
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +3 -1
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +3 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +7 -5
- data/test/rails_app/app/controllers/users_controller.rb +8 -6
- data/test/rails_app/app/helpers/application_helper.rb +2 -0
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +5 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -10
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +6 -0
- data/test/rails_app/app/mongoid/admin.rb +13 -11
- data/test/rails_app/app/mongoid/shim.rb +4 -2
- data/test/rails_app/app/mongoid/user.rb +30 -19
- data/test/rails_app/app/mongoid/user_on_engine.rb +41 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +41 -0
- data/test/rails_app/app/mongoid/user_with_validations.rb +37 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +35 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/home/index.html.erb +1 -1
- data/test/rails_app/app/views/home/join.html.erb +1 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +13 -5
- data/test/rails_app/config/boot.rb +17 -4
- data/test/rails_app/config/environment.rb +2 -0
- data/test/rails_app/config/environments/development.rb +2 -0
- data/test/rails_app/config/environments/production.rb +10 -2
- data/test/rails_app/config/environments/test.rb +14 -3
- data/test/rails_app/config/initializers/backtrace_silencers.rb +2 -0
- data/test/rails_app/config/initializers/devise.rb +22 -21
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +3 -6
- data/test/rails_app/config/initializers/session_store.rb +2 -0
- data/test/rails_app/config/routes.rb +67 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +16 -10
- data/test/rails_app/db/schema.rb +2 -0
- data/test/rails_app/lib/shared_admin.rb +10 -4
- data/test/rails_app/lib/shared_user.rb +4 -1
- data/test/rails_app/lib/shared_user_without_email.rb +28 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +15 -0
- data/test/rails_test.rb +11 -0
- data/test/routes_test.rb +92 -61
- data/test/secret_key_finder_test.rb +97 -0
- data/test/support/action_controller/record_identifier.rb +12 -0
- data/test/support/assertions.rb +4 -14
- data/test/support/helpers.rb +23 -10
- data/test/support/http_method_compatibility.rb +53 -0
- data/test/support/integration.rb +19 -16
- data/test/support/mongoid.yml +6 -0
- data/test/support/webrat/integrations/rails.rb +11 -0
- data/test/{test_helpers_test.rb → test/controller_helpers_test.rb} +60 -40
- data/test/test/integration_helpers_test.rb +34 -0
- data/test/test_helper.rb +9 -0
- data/test/test_models.rb +8 -6
- metadata +123 -53
- data/gemfiles/Gemfile.rails-3.2.x +0 -31
- data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159
@@ -0,0 +1,26 @@
|
|
1
|
+
source "https://rubygems.org"
|
2
|
+
|
3
|
+
gemspec path: ".."
|
4
|
+
|
5
|
+
gem "rails", '~> 5.2.0.rc1'
|
6
|
+
gem "omniauth"
|
7
|
+
gem "omniauth-oauth2"
|
8
|
+
gem "rdoc"
|
9
|
+
|
10
|
+
gem "activemodel-serializers-xml", github: "rails/activemodel-serializers-xml"
|
11
|
+
|
12
|
+
gem "rails-controller-testing"
|
13
|
+
|
14
|
+
gem "responders", "~> 2.1"
|
15
|
+
|
16
|
+
group :test do
|
17
|
+
gem "omniauth-facebook"
|
18
|
+
gem "omniauth-openid"
|
19
|
+
gem "webrat", "0.7.3", require: false
|
20
|
+
gem "mocha", "~> 1.1", require: false
|
21
|
+
gem 'test_after_commit', require: false
|
22
|
+
end
|
23
|
+
|
24
|
+
platforms :ruby do
|
25
|
+
gem "sqlite3"
|
26
|
+
end
|
@@ -0,0 +1,201 @@
|
|
1
|
+
GIT
|
2
|
+
remote: git://github.com/rails/activemodel-serializers-xml.git
|
3
|
+
revision: 356edf4dfc38fb1fbfee90c87856e4fe5b73c5e1
|
4
|
+
specs:
|
5
|
+
activemodel-serializers-xml (1.0.2)
|
6
|
+
activemodel (> 5.x)
|
7
|
+
activesupport (> 5.x)
|
8
|
+
builder (~> 3.1)
|
9
|
+
|
10
|
+
PATH
|
11
|
+
remote: ..
|
12
|
+
specs:
|
13
|
+
devise (4.4.3)
|
14
|
+
bcrypt (~> 3.0)
|
15
|
+
orm_adapter (~> 0.1)
|
16
|
+
railties (>= 4.1.0, < 6.0)
|
17
|
+
responders
|
18
|
+
warden (~> 1.2.3)
|
19
|
+
|
20
|
+
GEM
|
21
|
+
remote: https://rubygems.org/
|
22
|
+
specs:
|
23
|
+
actioncable (5.2.0.rc1)
|
24
|
+
actionpack (= 5.2.0.rc1)
|
25
|
+
nio4r (~> 2.0)
|
26
|
+
websocket-driver (>= 0.6.1)
|
27
|
+
actionmailer (5.2.0.rc1)
|
28
|
+
actionpack (= 5.2.0.rc1)
|
29
|
+
actionview (= 5.2.0.rc1)
|
30
|
+
activejob (= 5.2.0.rc1)
|
31
|
+
mail (~> 2.5, >= 2.5.4)
|
32
|
+
rails-dom-testing (~> 2.0)
|
33
|
+
actionpack (5.2.0.rc1)
|
34
|
+
actionview (= 5.2.0.rc1)
|
35
|
+
activesupport (= 5.2.0.rc1)
|
36
|
+
rack (~> 2.0)
|
37
|
+
rack-test (>= 0.6.3)
|
38
|
+
rails-dom-testing (~> 2.0)
|
39
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
40
|
+
actionview (5.2.0.rc1)
|
41
|
+
activesupport (= 5.2.0.rc1)
|
42
|
+
builder (~> 3.1)
|
43
|
+
erubi (~> 1.4)
|
44
|
+
rails-dom-testing (~> 2.0)
|
45
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
46
|
+
activejob (5.2.0.rc1)
|
47
|
+
activesupport (= 5.2.0.rc1)
|
48
|
+
globalid (>= 0.3.6)
|
49
|
+
activemodel (5.2.0.rc1)
|
50
|
+
activesupport (= 5.2.0.rc1)
|
51
|
+
activerecord (5.2.0.rc1)
|
52
|
+
activemodel (= 5.2.0.rc1)
|
53
|
+
activesupport (= 5.2.0.rc1)
|
54
|
+
arel (>= 9.0)
|
55
|
+
activestorage (5.2.0.rc1)
|
56
|
+
actionpack (= 5.2.0.rc1)
|
57
|
+
activerecord (= 5.2.0.rc1)
|
58
|
+
marcel (~> 0.3.1)
|
59
|
+
activesupport (5.2.0.rc1)
|
60
|
+
concurrent-ruby (~> 1.0, >= 1.0.2)
|
61
|
+
i18n (~> 0.7)
|
62
|
+
minitest (~> 5.1)
|
63
|
+
tzinfo (~> 1.1)
|
64
|
+
arel (9.0.0)
|
65
|
+
bcrypt (3.1.11)
|
66
|
+
builder (3.2.3)
|
67
|
+
concurrent-ruby (1.0.5)
|
68
|
+
crass (1.0.3)
|
69
|
+
erubi (1.7.0)
|
70
|
+
faraday (0.12.2)
|
71
|
+
multipart-post (>= 1.2, < 3)
|
72
|
+
globalid (0.4.1)
|
73
|
+
activesupport (>= 4.2.0)
|
74
|
+
hashie (3.5.7)
|
75
|
+
i18n (0.9.3)
|
76
|
+
concurrent-ruby (~> 1.0)
|
77
|
+
jwt (1.5.6)
|
78
|
+
loofah (2.1.1)
|
79
|
+
crass (~> 1.0.2)
|
80
|
+
nokogiri (>= 1.5.9)
|
81
|
+
mail (2.7.0)
|
82
|
+
mini_mime (>= 0.1.1)
|
83
|
+
marcel (0.3.1)
|
84
|
+
mimemagic (~> 0.3.2)
|
85
|
+
metaclass (0.0.4)
|
86
|
+
method_source (0.9.0)
|
87
|
+
mimemagic (0.3.2)
|
88
|
+
mini_mime (1.0.0)
|
89
|
+
mini_portile2 (2.3.0)
|
90
|
+
minitest (5.11.3)
|
91
|
+
mocha (1.3.0)
|
92
|
+
metaclass (~> 0.0.1)
|
93
|
+
multi_json (1.13.1)
|
94
|
+
multi_xml (0.6.0)
|
95
|
+
multipart-post (2.0.0)
|
96
|
+
nio4r (2.2.0)
|
97
|
+
nokogiri (1.8.2)
|
98
|
+
mini_portile2 (~> 2.3.0)
|
99
|
+
oauth2 (1.4.0)
|
100
|
+
faraday (>= 0.8, < 0.13)
|
101
|
+
jwt (~> 1.0)
|
102
|
+
multi_json (~> 1.3)
|
103
|
+
multi_xml (~> 0.5)
|
104
|
+
rack (>= 1.2, < 3)
|
105
|
+
omniauth (1.8.1)
|
106
|
+
hashie (>= 3.4.6, < 3.6.0)
|
107
|
+
rack (>= 1.6.2, < 3)
|
108
|
+
omniauth-facebook (4.0.0)
|
109
|
+
omniauth-oauth2 (~> 1.2)
|
110
|
+
omniauth-oauth2 (1.5.0)
|
111
|
+
oauth2 (~> 1.1)
|
112
|
+
omniauth (~> 1.2)
|
113
|
+
omniauth-openid (1.0.1)
|
114
|
+
omniauth (~> 1.0)
|
115
|
+
rack-openid (~> 1.3.1)
|
116
|
+
orm_adapter (0.5.0)
|
117
|
+
rack (2.0.4)
|
118
|
+
rack-openid (1.3.1)
|
119
|
+
rack (>= 1.1.0)
|
120
|
+
ruby-openid (>= 2.1.8)
|
121
|
+
rack-test (0.8.2)
|
122
|
+
rack (>= 1.0, < 3)
|
123
|
+
rails (5.2.0.rc1)
|
124
|
+
actioncable (= 5.2.0.rc1)
|
125
|
+
actionmailer (= 5.2.0.rc1)
|
126
|
+
actionpack (= 5.2.0.rc1)
|
127
|
+
actionview (= 5.2.0.rc1)
|
128
|
+
activejob (= 5.2.0.rc1)
|
129
|
+
activemodel (= 5.2.0.rc1)
|
130
|
+
activerecord (= 5.2.0.rc1)
|
131
|
+
activestorage (= 5.2.0.rc1)
|
132
|
+
activesupport (= 5.2.0.rc1)
|
133
|
+
bundler (>= 1.3.0)
|
134
|
+
railties (= 5.2.0.rc1)
|
135
|
+
sprockets-rails (>= 2.0.0)
|
136
|
+
rails-controller-testing (1.0.2)
|
137
|
+
actionpack (~> 5.x, >= 5.0.1)
|
138
|
+
actionview (~> 5.x, >= 5.0.1)
|
139
|
+
activesupport (~> 5.x)
|
140
|
+
rails-dom-testing (2.0.3)
|
141
|
+
activesupport (>= 4.2.0)
|
142
|
+
nokogiri (>= 1.6)
|
143
|
+
rails-html-sanitizer (1.0.3)
|
144
|
+
loofah (~> 2.0)
|
145
|
+
railties (5.2.0.rc1)
|
146
|
+
actionpack (= 5.2.0.rc1)
|
147
|
+
activesupport (= 5.2.0.rc1)
|
148
|
+
method_source
|
149
|
+
rake (>= 0.8.7)
|
150
|
+
thor (>= 0.18.1, < 2.0)
|
151
|
+
rake (12.3.0)
|
152
|
+
rdoc (6.0.1)
|
153
|
+
responders (2.4.0)
|
154
|
+
actionpack (>= 4.2.0, < 5.3)
|
155
|
+
railties (>= 4.2.0, < 5.3)
|
156
|
+
ruby-openid (2.7.0)
|
157
|
+
sprockets (3.7.1)
|
158
|
+
concurrent-ruby (~> 1.0)
|
159
|
+
rack (> 1, < 3)
|
160
|
+
sprockets-rails (3.2.1)
|
161
|
+
actionpack (>= 4.0)
|
162
|
+
activesupport (>= 4.0)
|
163
|
+
sprockets (>= 3.0.0)
|
164
|
+
sqlite3 (1.3.13)
|
165
|
+
test_after_commit (1.1.0)
|
166
|
+
activerecord (>= 3.2)
|
167
|
+
thor (0.20.0)
|
168
|
+
thread_safe (0.3.6)
|
169
|
+
tzinfo (1.2.5)
|
170
|
+
thread_safe (~> 0.1)
|
171
|
+
warden (1.2.7)
|
172
|
+
rack (>= 1.0)
|
173
|
+
webrat (0.7.3)
|
174
|
+
nokogiri (>= 1.2.0)
|
175
|
+
rack (>= 1.0)
|
176
|
+
rack-test (>= 0.5.3)
|
177
|
+
websocket-driver (0.7.0)
|
178
|
+
websocket-extensions (>= 0.1.0)
|
179
|
+
websocket-extensions (0.1.3)
|
180
|
+
|
181
|
+
PLATFORMS
|
182
|
+
ruby
|
183
|
+
|
184
|
+
DEPENDENCIES
|
185
|
+
activemodel-serializers-xml!
|
186
|
+
devise!
|
187
|
+
mocha (~> 1.1)
|
188
|
+
omniauth
|
189
|
+
omniauth-facebook
|
190
|
+
omniauth-oauth2
|
191
|
+
omniauth-openid
|
192
|
+
rails (~> 5.2.0.rc1)
|
193
|
+
rails-controller-testing
|
194
|
+
rdoc
|
195
|
+
responders (~> 2.1)
|
196
|
+
sqlite3
|
197
|
+
test_after_commit
|
198
|
+
webrat (= 0.7.3)
|
199
|
+
|
200
|
+
BUNDLED WITH
|
201
|
+
1.16.1
|
@@ -0,0 +1,106 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
begin
|
4
|
+
require 'bundler/inline'
|
5
|
+
rescue LoadError => e
|
6
|
+
$stderr.puts 'Bundler version 1.10 or later is required. Please update your Bundler'
|
7
|
+
raise e
|
8
|
+
end
|
9
|
+
|
10
|
+
gemfile(true) do
|
11
|
+
source 'https://rubygems.org'
|
12
|
+
# Activate the gem you are reporting the issue against.
|
13
|
+
gem 'rails', '~> 4.2.0'
|
14
|
+
gem 'devise', '~> 4.0'
|
15
|
+
gem 'sqlite3'
|
16
|
+
gem 'byebug'
|
17
|
+
end
|
18
|
+
|
19
|
+
require 'rack/test'
|
20
|
+
require 'action_controller/railtie'
|
21
|
+
require 'active_record'
|
22
|
+
require 'devise/rails/routes'
|
23
|
+
require 'devise/rails/warden_compat'
|
24
|
+
|
25
|
+
ActiveRecord::Base.establish_connection( adapter: :sqlite3, database: ':memory:')
|
26
|
+
|
27
|
+
class DeviseCreateUsers < ActiveRecord::Migration
|
28
|
+
def change
|
29
|
+
create_table(:users) do |t|
|
30
|
+
t.string :email, null: false
|
31
|
+
t.string :encrypted_password, null: true
|
32
|
+
t.timestamps null: false
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
Devise.setup do |config|
|
39
|
+
require 'devise/orm/active_record'
|
40
|
+
config.secret_key = 'secret_key_base'
|
41
|
+
end
|
42
|
+
|
43
|
+
class TestApp < Rails::Application
|
44
|
+
config.root = File.dirname(__FILE__)
|
45
|
+
config.session_store :cookie_store, key: 'cookie_store_key'
|
46
|
+
secrets.secret_token = 'secret_token'
|
47
|
+
secrets.secret_key_base = 'secret_key_base'
|
48
|
+
config.eager_load = false
|
49
|
+
|
50
|
+
config.middleware.use Warden::Manager do |config|
|
51
|
+
Devise.warden_config = config
|
52
|
+
end
|
53
|
+
|
54
|
+
config.logger = Logger.new($stdout)
|
55
|
+
Rails.logger = config.logger
|
56
|
+
|
57
|
+
end
|
58
|
+
|
59
|
+
Rails.application.initialize!
|
60
|
+
|
61
|
+
DeviseCreateUsers.migrate(:up)
|
62
|
+
|
63
|
+
class User < ActiveRecord::Base
|
64
|
+
devise :database_authenticatable
|
65
|
+
end
|
66
|
+
|
67
|
+
Rails.application.routes.draw do
|
68
|
+
devise_for :users
|
69
|
+
|
70
|
+
get '/' => 'test#index'
|
71
|
+
end
|
72
|
+
|
73
|
+
class ApplicationController < ActionController::Base
|
74
|
+
end
|
75
|
+
|
76
|
+
class TestController < ApplicationController
|
77
|
+
include Rails.application.routes.url_helpers
|
78
|
+
|
79
|
+
before_filter :authenticate_user!
|
80
|
+
|
81
|
+
def index
|
82
|
+
render plain: 'Home'
|
83
|
+
end
|
84
|
+
end
|
85
|
+
|
86
|
+
require 'minitest/autorun'
|
87
|
+
|
88
|
+
class BugTest < ActionDispatch::IntegrationTest
|
89
|
+
include Rack::Test::Methods
|
90
|
+
include Warden::Test::Helpers
|
91
|
+
|
92
|
+
def test_returns_success
|
93
|
+
Warden.test_mode!
|
94
|
+
|
95
|
+
login_as User.create!(email: 'test@test.com', password: 'test123456', password_confirmation: 'test123456')
|
96
|
+
|
97
|
+
get '/'
|
98
|
+
assert last_response.ok?
|
99
|
+
end
|
100
|
+
|
101
|
+
private
|
102
|
+
|
103
|
+
def app
|
104
|
+
Rails.application
|
105
|
+
end
|
106
|
+
end
|
data/lib/devise.rb
CHANGED
@@ -1,28 +1,32 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'rails'
|
2
4
|
require 'active_support/core_ext/numeric/time'
|
3
5
|
require 'active_support/dependencies'
|
4
6
|
require 'orm_adapter'
|
5
7
|
require 'set'
|
6
8
|
require 'securerandom'
|
9
|
+
require 'responders'
|
7
10
|
|
8
11
|
module Devise
|
9
12
|
autoload :Delegator, 'devise/delegator'
|
13
|
+
autoload :Encryptor, 'devise/encryptor'
|
10
14
|
autoload :FailureApp, 'devise/failure_app'
|
11
15
|
autoload :OmniAuth, 'devise/omniauth'
|
12
16
|
autoload :ParameterFilter, 'devise/parameter_filter'
|
13
|
-
autoload :BaseSanitizer, 'devise/parameter_sanitizer'
|
14
17
|
autoload :ParameterSanitizer, 'devise/parameter_sanitizer'
|
15
18
|
autoload :TestHelpers, 'devise/test_helpers'
|
16
19
|
autoload :TimeInflector, 'devise/time_inflector'
|
17
20
|
autoload :TokenGenerator, 'devise/token_generator'
|
21
|
+
autoload :SecretKeyFinder, 'devise/secret_key_finder'
|
18
22
|
|
19
23
|
module Controllers
|
20
|
-
autoload :Helpers,
|
21
|
-
autoload :Rememberable,
|
22
|
-
autoload :ScopedViews,
|
23
|
-
autoload :SignInOut,
|
24
|
-
autoload :StoreLocation,
|
25
|
-
autoload :UrlHelpers,
|
24
|
+
autoload :Helpers, 'devise/controllers/helpers'
|
25
|
+
autoload :Rememberable, 'devise/controllers/rememberable'
|
26
|
+
autoload :ScopedViews, 'devise/controllers/scoped_views'
|
27
|
+
autoload :SignInOut, 'devise/controllers/sign_in_out'
|
28
|
+
autoload :StoreLocation, 'devise/controllers/store_location'
|
29
|
+
autoload :UrlHelpers, 'devise/controllers/url_helpers'
|
26
30
|
end
|
27
31
|
|
28
32
|
module Hooks
|
@@ -34,17 +38,22 @@ module Devise
|
|
34
38
|
end
|
35
39
|
|
36
40
|
module Strategies
|
37
|
-
autoload :Base,
|
41
|
+
autoload :Base, 'devise/strategies/base'
|
38
42
|
autoload :Authenticatable, 'devise/strategies/authenticatable'
|
39
43
|
end
|
40
44
|
|
45
|
+
module Test
|
46
|
+
autoload :ControllerHelpers, 'devise/test/controller_helpers'
|
47
|
+
autoload :IntegrationHelpers, 'devise/test/integration_helpers'
|
48
|
+
end
|
49
|
+
|
41
50
|
# Constants which holds devise configuration for extensions. Those should
|
42
51
|
# not be modified by the "end user" (this is why they are constants).
|
43
52
|
ALL = []
|
44
|
-
CONTROLLERS =
|
45
|
-
ROUTES =
|
46
|
-
STRATEGIES =
|
47
|
-
URL_HELPERS =
|
53
|
+
CONTROLLERS = {}
|
54
|
+
ROUTES = {}
|
55
|
+
STRATEGIES = {}
|
56
|
+
URL_HELPERS = {}
|
48
57
|
|
49
58
|
# Strategies that do not require user input.
|
50
59
|
NO_INPUT = []
|
@@ -56,29 +65,13 @@ module Devise
|
|
56
65
|
mattr_accessor :secret_key
|
57
66
|
@@secret_key = nil
|
58
67
|
|
59
|
-
[ :allow_insecure_token_lookup,
|
60
|
-
:allow_insecure_sign_in_after_confirmation,
|
61
|
-
:token_authentication_key ].each do |method|
|
62
|
-
class_eval <<-RUBY
|
63
|
-
def self.#{method}
|
64
|
-
ActiveSupport::Deprecation.warn "Devise.#{method} is deprecated " \
|
65
|
-
"and has no effect"
|
66
|
-
end
|
67
|
-
|
68
|
-
def self.#{method}=(val)
|
69
|
-
ActiveSupport::Deprecation.warn "Devise.#{method}= is deprecated " \
|
70
|
-
"and has no effect"
|
71
|
-
end
|
72
|
-
RUBY
|
73
|
-
end
|
74
|
-
|
75
68
|
# Custom domain or key for cookies. Not set by default
|
76
69
|
mattr_accessor :rememberable_options
|
77
70
|
@@rememberable_options = {}
|
78
71
|
|
79
|
-
# The number of times to
|
72
|
+
# The number of times to hash the password.
|
80
73
|
mattr_accessor :stretches
|
81
|
-
@@stretches =
|
74
|
+
@@stretches = 11
|
82
75
|
|
83
76
|
# The default key used when authenticating over http auth.
|
84
77
|
mattr_accessor :http_authentication_key
|
@@ -86,7 +79,7 @@ module Devise
|
|
86
79
|
|
87
80
|
# Keys used when authenticating a user.
|
88
81
|
mattr_accessor :authentication_keys
|
89
|
-
@@authentication_keys = [
|
82
|
+
@@authentication_keys = [:email]
|
90
83
|
|
91
84
|
# Request keys used when authenticating a user.
|
92
85
|
mattr_accessor :request_keys
|
@@ -94,11 +87,11 @@ module Devise
|
|
94
87
|
|
95
88
|
# Keys that should be case-insensitive.
|
96
89
|
mattr_accessor :case_insensitive_keys
|
97
|
-
@@case_insensitive_keys = [
|
90
|
+
@@case_insensitive_keys = [:email]
|
98
91
|
|
99
92
|
# Keys that should have whitespace stripped.
|
100
93
|
mattr_accessor :strip_whitespace_keys
|
101
|
-
@@strip_whitespace_keys = []
|
94
|
+
@@strip_whitespace_keys = [:email]
|
102
95
|
|
103
96
|
# If http authentication is enabled by default.
|
104
97
|
mattr_accessor :http_authenticatable
|
@@ -116,11 +109,11 @@ module Devise
|
|
116
109
|
mattr_accessor :http_authentication_realm
|
117
110
|
@@http_authentication_realm = "Application"
|
118
111
|
|
119
|
-
# Email regex used to validate email formats. It
|
120
|
-
#
|
121
|
-
#
|
112
|
+
# Email regex used to validate email formats. It asserts that there are no
|
113
|
+
# @ symbols or whitespaces in either the localpart or the domain, and that
|
114
|
+
# there is a single @ symbol separating the localpart and the domain.
|
122
115
|
mattr_accessor :email_regexp
|
123
|
-
@@email_regexp = /\A[^@\s]+@
|
116
|
+
@@email_regexp = /\A[^@\s]+@[^@\s]+\z/
|
124
117
|
|
125
118
|
# Range validation for password length
|
126
119
|
mattr_accessor :password_length
|
@@ -134,6 +127,10 @@ module Devise
|
|
134
127
|
mattr_accessor :extend_remember_period
|
135
128
|
@@extend_remember_period = false
|
136
129
|
|
130
|
+
# If true, all the remember me tokens are going to be invalidated when the user signs out.
|
131
|
+
mattr_accessor :expire_all_remember_me_on_sign_out
|
132
|
+
@@expire_all_remember_me_on_sign_out = true
|
133
|
+
|
137
134
|
# Time interval you can access your account before confirming your account.
|
138
135
|
# nil - allows unconfirmed access for unlimited time
|
139
136
|
mattr_accessor :allow_unconfirmed_access_for
|
@@ -145,25 +142,28 @@ module Devise
|
|
145
142
|
|
146
143
|
# Defines which key will be used when confirming an account.
|
147
144
|
mattr_accessor :confirmation_keys
|
148
|
-
@@confirmation_keys = [
|
145
|
+
@@confirmation_keys = [:email]
|
149
146
|
|
150
147
|
# Defines if email should be reconfirmable.
|
151
|
-
# False by default for backwards compatibility.
|
152
148
|
mattr_accessor :reconfirmable
|
153
|
-
@@reconfirmable =
|
149
|
+
@@reconfirmable = true
|
154
150
|
|
155
151
|
# Time interval to timeout the user session without activity.
|
156
152
|
mattr_accessor :timeout_in
|
157
153
|
@@timeout_in = 30.minutes
|
158
154
|
|
159
|
-
#
|
160
|
-
mattr_accessor :expire_auth_token_on_timeout
|
161
|
-
@@expire_auth_token_on_timeout = false
|
162
|
-
|
163
|
-
# Used to encrypt password. Please generate one with rake secret.
|
155
|
+
# Used to hash the password. Please generate one with rails secret.
|
164
156
|
mattr_accessor :pepper
|
165
157
|
@@pepper = nil
|
166
158
|
|
159
|
+
# Used to send notification to the original user email when their email is changed.
|
160
|
+
mattr_accessor :send_email_changed_notification
|
161
|
+
@@send_email_changed_notification = false
|
162
|
+
|
163
|
+
# Used to enable sending notification to user when their password is changed.
|
164
|
+
mattr_accessor :send_password_change_notification
|
165
|
+
@@send_password_change_notification = false
|
166
|
+
|
167
167
|
# Scoped views. Since it relies on fallbacks to render default views, it's
|
168
168
|
# turned off by default.
|
169
169
|
mattr_accessor :scoped_views
|
@@ -176,7 +176,7 @@ module Devise
|
|
176
176
|
|
177
177
|
# Defines which key will be used when locking and unlocking an account
|
178
178
|
mattr_accessor :unlock_keys
|
179
|
-
@@unlock_keys = [
|
179
|
+
@@unlock_keys = [:email]
|
180
180
|
|
181
181
|
# Defines which strategy can be used to unlock an account.
|
182
182
|
# Values: :email, :time, :both
|
@@ -193,12 +193,16 @@ module Devise
|
|
193
193
|
|
194
194
|
# Defines which key will be used when recovering the password for an account
|
195
195
|
mattr_accessor :reset_password_keys
|
196
|
-
@@reset_password_keys = [
|
196
|
+
@@reset_password_keys = [:email]
|
197
197
|
|
198
198
|
# Time interval you can reset your password with a reset password key
|
199
199
|
mattr_accessor :reset_password_within
|
200
200
|
@@reset_password_within = 6.hours
|
201
201
|
|
202
|
+
# When set to false, resetting a password does not automatically sign in a user
|
203
|
+
mattr_accessor :sign_in_after_reset_password
|
204
|
+
@@sign_in_after_reset_password = true
|
205
|
+
|
202
206
|
# The default scope which is used by warden.
|
203
207
|
mattr_accessor :default_scope
|
204
208
|
@@default_scope = nil
|
@@ -209,7 +213,7 @@ module Devise
|
|
209
213
|
|
210
214
|
# Skip session storage for the following strategies
|
211
215
|
mattr_accessor :skip_session_storage
|
212
|
-
@@skip_session_storage = []
|
216
|
+
@@skip_session_storage = [:http_auth]
|
213
217
|
|
214
218
|
# Which formats should be treated as navigational.
|
215
219
|
mattr_accessor :navigational_formats
|
@@ -221,7 +225,7 @@ module Devise
|
|
221
225
|
|
222
226
|
# The default method used while signing out
|
223
227
|
mattr_accessor :sign_out_via
|
224
|
-
@@sign_out_via = :
|
228
|
+
@@sign_out_via = :delete
|
225
229
|
|
226
230
|
# The parent controller all Devise controllers inherits from.
|
227
231
|
# Defaults to ApplicationController. This should be set early
|
@@ -236,12 +240,12 @@ module Devise
|
|
236
240
|
@@parent_mailer = "ActionMailer::Base"
|
237
241
|
|
238
242
|
# The router Devise should use to generate routes. Defaults
|
239
|
-
# to :main_app. Should be
|
243
|
+
# to :main_app. Should be overridden by engines in order
|
240
244
|
# to provide custom routes.
|
241
245
|
mattr_accessor :router_name
|
242
246
|
@@router_name = nil
|
243
247
|
|
244
|
-
# Set the
|
248
|
+
# Set the OmniAuth path prefix so it can be overridden when
|
245
249
|
# Devise is used in a mountable engine
|
246
250
|
mattr_accessor :omniauth_path_prefix
|
247
251
|
@@omniauth_path_prefix = nil
|
@@ -250,15 +254,22 @@ module Devise
|
|
250
254
|
mattr_accessor :clean_up_csrf_token_on_authentication
|
251
255
|
@@clean_up_csrf_token_on_authentication = true
|
252
256
|
|
257
|
+
# When false, Devise will not attempt to reload routes on eager load.
|
258
|
+
# This can reduce the time taken to boot the app but if your application
|
259
|
+
# requires the Devise mappings to be loaded during boot time the application
|
260
|
+
# won't boot properly.
|
261
|
+
mattr_accessor :reload_routes
|
262
|
+
@@reload_routes = true
|
263
|
+
|
253
264
|
# PRIVATE CONFIGURATION
|
254
265
|
|
255
266
|
# Store scopes mappings.
|
256
267
|
mattr_reader :mappings
|
257
|
-
@@mappings =
|
268
|
+
@@mappings = {}
|
258
269
|
|
259
|
-
#
|
270
|
+
# OmniAuth configurations.
|
260
271
|
mattr_reader :omniauth_configs
|
261
|
-
@@omniauth_configs =
|
272
|
+
@@omniauth_configs = {}
|
262
273
|
|
263
274
|
# Define a set of modules that are called when a mapping is added.
|
264
275
|
mattr_reader :helpers
|
@@ -268,28 +279,36 @@ module Devise
|
|
268
279
|
# Private methods to interface with Warden.
|
269
280
|
mattr_accessor :warden_config
|
270
281
|
@@warden_config = nil
|
271
|
-
@@
|
282
|
+
@@warden_config_blocks = []
|
272
283
|
|
273
284
|
# When true, enter in paranoid mode to avoid user enumeration.
|
274
285
|
mattr_accessor :paranoid
|
275
286
|
@@paranoid = false
|
276
287
|
|
277
|
-
# When true, warn user if
|
288
|
+
# When true, warn user if they just used next-to-last attempt of authentication
|
278
289
|
mattr_accessor :last_attempt_warning
|
279
|
-
@@last_attempt_warning =
|
290
|
+
@@last_attempt_warning = true
|
280
291
|
|
281
292
|
# Stores the token generator
|
282
293
|
mattr_accessor :token_generator
|
283
294
|
@@token_generator = nil
|
284
295
|
|
285
|
-
|
296
|
+
def self.rails51? # :nodoc:
|
297
|
+
Rails.gem_version >= Gem::Version.new("5.1.x")
|
298
|
+
end
|
299
|
+
|
300
|
+
def self.activerecord51? # :nodoc:
|
301
|
+
defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
|
302
|
+
end
|
303
|
+
|
304
|
+
# Default way to set up Devise. Run rails generate devise_install to create
|
286
305
|
# a fresh initializer with all configuration values.
|
287
306
|
def self.setup
|
288
307
|
yield self
|
289
308
|
end
|
290
309
|
|
291
310
|
class Getter
|
292
|
-
def initialize
|
311
|
+
def initialize(name)
|
293
312
|
@name = name
|
294
313
|
end
|
295
314
|
|
@@ -299,12 +318,8 @@ module Devise
|
|
299
318
|
end
|
300
319
|
|
301
320
|
def self.ref(arg)
|
302
|
-
|
303
|
-
|
304
|
-
Getter.new(arg)
|
305
|
-
else
|
306
|
-
ActiveSupport::Dependencies.ref(arg)
|
307
|
-
end
|
321
|
+
ActiveSupport::Dependencies.reference(arg)
|
322
|
+
Getter.new(arg)
|
308
323
|
end
|
309
324
|
|
310
325
|
def self.available_router_name
|
@@ -335,7 +350,12 @@ module Devise
|
|
335
350
|
mapping
|
336
351
|
end
|
337
352
|
|
338
|
-
#
|
353
|
+
# Register available devise modules. For the standard modules that Devise provides, this method is
|
354
|
+
# called from lib/devise/modules.rb. Third-party modules need to be added explicitly using this method.
|
355
|
+
#
|
356
|
+
# Note that adding a module using this method does not cause it to be used in the authentication
|
357
|
+
# process. That requires that the module be listed in the arguments passed to the 'devise' method
|
358
|
+
# in the model class definition.
|
339
359
|
#
|
340
360
|
# == Options:
|
341
361
|
#
|
@@ -343,6 +363,7 @@ module Devise
|
|
343
363
|
# +controller+ - Symbol representing the name of an existing or custom *controller* for this module.
|
344
364
|
# +route+ - Symbol representing the named *route* helper for this module.
|
345
365
|
# +strategy+ - Symbol representing if this module got a custom *strategy*.
|
366
|
+
# +insert_at+ - Integer representing the order in which this module's model will be included
|
346
367
|
#
|
347
368
|
# All values, except :model, accept also a boolean and will have the same name as the given module
|
348
369
|
# name.
|
@@ -350,12 +371,14 @@ module Devise
|
|
350
371
|
# == Examples:
|
351
372
|
#
|
352
373
|
# Devise.add_module(:party_module)
|
353
|
-
# Devise.add_module(:party_module, :
|
354
|
-
# Devise.add_module(:party_module, :
|
374
|
+
# Devise.add_module(:party_module, strategy: true, controller: :sessions)
|
375
|
+
# Devise.add_module(:party_module, model: 'party_module/model')
|
376
|
+
# Devise.add_module(:party_module, insert_at: 0)
|
355
377
|
#
|
356
378
|
def self.add_module(module_name, options = {})
|
357
|
-
|
358
|
-
|
379
|
+
options.assert_valid_keys(:strategy, :model, :controller, :route, :no_input, :insert_at)
|
380
|
+
|
381
|
+
ALL.insert (options[:insert_at] || -1), module_name
|
359
382
|
|
360
383
|
if strategy = options[:strategy]
|
361
384
|
strategy = (strategy == true ? module_name : strategy)
|
@@ -400,7 +423,7 @@ module Devise
|
|
400
423
|
# Sets warden configuration using a block that will be invoked on warden
|
401
424
|
# initialization.
|
402
425
|
#
|
403
|
-
# Devise.
|
426
|
+
# Devise.setup do |config|
|
404
427
|
# config.allow_unconfirmed_access_for = 2.days
|
405
428
|
#
|
406
429
|
# config.warden do |manager|
|
@@ -409,15 +432,14 @@ module Devise
|
|
409
432
|
# end
|
410
433
|
# end
|
411
434
|
def self.warden(&block)
|
412
|
-
@@
|
435
|
+
@@warden_config_blocks << block
|
413
436
|
end
|
414
437
|
|
415
|
-
# Specify an
|
438
|
+
# Specify an OmniAuth provider.
|
416
439
|
#
|
417
440
|
# config.omniauth :github, APP_ID, APP_SECRET
|
418
441
|
#
|
419
442
|
def self.omniauth(provider, *args)
|
420
|
-
@@helpers << Devise::OmniAuth::UrlHelpers
|
421
443
|
config = Devise::OmniAuth::Config.new(provider, args)
|
422
444
|
@@omniauth_configs[config.strategy_name.to_sym] = config
|
423
445
|
end
|
@@ -440,8 +462,8 @@ module Devise
|
|
440
462
|
Devise::Controllers::UrlHelpers.generate_helpers!
|
441
463
|
end
|
442
464
|
|
443
|
-
# A method used internally to setup warden manager
|
444
|
-
#
|
465
|
+
# A method used internally to complete the setup of warden manager after routes are loaded.
|
466
|
+
# See lib/devise/rails/routes.rb - ActionDispatch::Routing::RouteSet#finalize_with_devise!
|
445
467
|
def self.configure_warden! #:nodoc:
|
446
468
|
@@warden_configured ||= begin
|
447
469
|
warden_config.failure_app = Devise::Delegator.new
|
@@ -449,28 +471,29 @@ module Devise
|
|
449
471
|
warden_config.intercept_401 = false
|
450
472
|
|
451
473
|
Devise.mappings.each_value do |mapping|
|
452
|
-
warden_config.scope_defaults mapping.name, :
|
474
|
+
warden_config.scope_defaults mapping.name, strategies: mapping.strategies
|
453
475
|
|
454
476
|
warden_config.serialize_into_session(mapping.name) do |record|
|
455
477
|
mapping.to.serialize_into_session(record)
|
456
478
|
end
|
457
479
|
|
458
|
-
warden_config.serialize_from_session(mapping.name) do |
|
459
|
-
# Previous versions contained an additional entry at the beginning of
|
460
|
-
# key with the record's class name.
|
461
|
-
args = key[-2, 2]
|
480
|
+
warden_config.serialize_from_session(mapping.name) do |args|
|
462
481
|
mapping.to.serialize_from_session(*args)
|
463
482
|
end
|
464
483
|
end
|
465
484
|
|
466
|
-
@@
|
485
|
+
@@warden_config_blocks.map { |block| block.call Devise.warden_config }
|
467
486
|
true
|
468
487
|
end
|
469
488
|
end
|
470
489
|
|
471
490
|
# Generate a friendly string randomly to be used as token.
|
472
|
-
|
473
|
-
|
491
|
+
# By default, length is 20 characters.
|
492
|
+
def self.friendly_token(length = 20)
|
493
|
+
# To calculate real characters, we must perform this operation.
|
494
|
+
# See SecureRandom.urlsafe_base64
|
495
|
+
rlength = (length * 3) / 4
|
496
|
+
SecureRandom.urlsafe_base64(rlength).tr('lIO0', 'sxyz')
|
474
497
|
end
|
475
498
|
|
476
499
|
# constant-time comparison algorithm to prevent timing attacks
|