devise 3.2.3 → 3.2.4

data/app/views/devise/unlocks/new.html.erb

@@ -1,10 +1,10 @@
 <h2>Resend unlock instructions</h2>
 
-<%= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f| %>
+<%= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f| %>
   <%= devise_error_messages! %>
 
   <div><%= f.label :email %><br />
-  <%= f.email_field :email, :autofocus => true %></div>
+  <%= f.email_field :email, autofocus: true %></div>
 
   <div><%= f.submit "Resend unlock instructions" %></div>
 <% end %>

data/devise.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency("warden", "~> 1.2.3")
   s.add_dependency("orm_adapter", "~> 0.1")
-  s.add_dependency("bcrypt-ruby", "~> 3.0")
+  s.add_dependency("bcrypt", "~> 3.0")
   s.add_dependency("thread_safe", "~> 0.1")
   s.add_dependency("railties", ">= 3.2.6", "< 5")
 end

data/gemfiles/Gemfile.rails-3.2-stable

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gemspec :path => '..'
+gemspec path: '..'
 
 gem "rails", github: 'rails/rails', branch: '3-2-stable'
 gem "omniauth", "~> 1.0.0"
@@ -10,8 +10,8 @@ gem "rdoc"
 group :test do
   gem "omniauth-facebook"
   gem "omniauth-openid", "~> 1.0.1"
-  gem "webrat", "0.7.3", :require => false
-  gem "mocha", "~> 0.13.1", :require => false
+  gem "webrat", "0.7.3", require: false
+  gem "mocha", "~> 1.0.0", require: false
 end
 
 platforms :jruby do

data/gemfiles/Gemfile.rails-4.0-stable

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gemspec :path => '..'
+gemspec path: '..'
 
 gem "rails", github: 'rails/rails', branch: '4-0-stable'
 gem "omniauth", "~> 1.0.0"
@@ -10,8 +10,8 @@ gem "rdoc"
 group :test do
   gem "omniauth-facebook"
   gem "omniauth-openid", "~> 1.0.1"
-  gem "webrat", "0.7.3", :require => false
-  gem "mocha", "~> 0.13.1", :require => false
+  gem "webrat", "0.7.3", require: false
+  gem "mocha", "~> 1.0.0", require: false
 end
 
 platforms :jruby do

data/gemfiles/Gemfile.rails-head

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gemspec :path => '..'
+gemspec path: '..'
 
 gem "rails", github: 'rails/rails'
 gem "omniauth", "~> 1.0.0"
@@ -10,8 +10,8 @@ gem "rdoc"
 group :test do
   gem "omniauth-facebook"
   gem "omniauth-openid", "~> 1.0.1"
-  gem "webrat", "0.7.3", :require => false
-  gem "mocha", "~> 0.14", :require => false
+  gem "webrat", "0.7.3", require: false
+  gem "mocha", "~> 1.0.0", require: false
 end
 
 platforms :jruby do

data/lib/devise.rb

@@ -350,8 +350,8 @@ module Devise
   # == Examples:
   #
   #   Devise.add_module(:party_module)
-  #   Devise.add_module(:party_module, :strategy => true, :controller => :sessions)
-  #   Devise.add_module(:party_module, :model => 'party_module/model')
+  #   Devise.add_module(:party_module, strategy: true, controller: :sessions)
+  #   Devise.add_module(:party_module, model: 'party_module/model')
   #
   def self.add_module(module_name, options = {})
     ALL << module_name
@@ -449,7 +449,7 @@ module Devise
       warden_config.intercept_401 = false
 
       Devise.mappings.each_value do |mapping|
-        warden_config.scope_defaults mapping.name, :strategies => mapping.strategies
+        warden_config.scope_defaults mapping.name, strategies: mapping.strategies
 
         warden_config.serialize_into_session(mapping.name) do |record|
           mapping.to.serialize_into_session(record)

data/lib/devise/controllers/helpers.rb

@@ -55,7 +55,7 @@ module Devise
           end
 
           def current_#{mapping}
-            @current_#{mapping} ||= warden.authenticate(:scope => :#{mapping})
+            @current_#{mapping} ||= warden.authenticate(scope: :#{mapping})
           end
 
           def #{mapping}_session
@@ -77,9 +77,9 @@ module Devise
       # the controllers defined inside devise. Useful if you want to apply a before
       # filter to all controllers, except the ones in devise:
       #
-      #   before_filter :my_filter, :unless => :devise_controller?
+      #   before_filter :my_filter, unless: :devise_controller?
       def devise_controller?
-        is_a?(DeviseController)
+        is_a?(::DeviseController)
       end
 
       # Setup a param sanitizer to filter parameters using strong_parameters. See
@@ -121,10 +121,10 @@ module Devise
       # root path. For a user scope, you can define the default url in
       # the following way:
       #
-      #   map.user_root '/users', :controller => 'users' # creates user_root_path
+      #   map.user_root '/users', controller: 'users' # creates user_root_path
       #
       #   map.namespace :user do |user|
-      #     user.root :controller => 'users' # creates user_root_path
+      #     user.root controller: 'users' # creates user_root_path
       #   end
       #
       # If the resource root path is not defined, root_path is used. However,

data/lib/devise/controllers/rememberable.rb

@@ -31,11 +31,11 @@ module Devise
       end
 
       def remember_cookie_values(resource)
-        options = { :httponly => true }
+        options = { httponly: true }
         options.merge!(forget_cookie_values(resource))
         options.merge!(
-          :value => resource.class.serialize_into_cookie(resource),
-          :expires => resource.remember_expires_at
+          value: resource.class.serialize_into_cookie(resource),
+          expires: resource.remember_expires_at
         )
       end
 

data/lib/devise/controllers/sign_in_out.rb

@@ -7,7 +7,7 @@ module Devise
       # true if any scope is signed in. Does not run authentication hooks.
       def signed_in?(scope=nil)
         [ scope || Devise.mappings.keys ].flatten.any? do |_scope|
-          warden.authenticate?(:scope => _scope)
+          warden.authenticate?(scope: _scope)
         end
       end
 
@@ -23,9 +23,9 @@ module Devise
       #
       #   sign_in :user, @user                      # sign_in(scope, resource)
       #   sign_in @user                             # sign_in(resource)
-      #   sign_in @user, :event => :authentication  # sign_in(resource, options)
-      #   sign_in @user, :store => false            # sign_in(resource, options)
-      #   sign_in @user, :bypass => true            # sign_in(resource, options)
+      #   sign_in @user, event: :authentication  # sign_in(resource, options)
+      #   sign_in @user, store: false            # sign_in(resource, options)
+      #   sign_in @user, bypass: true            # sign_in(resource, options)
       #
       def sign_in(resource_or_scope, *args)
         options  = args.extract_options!
@@ -40,7 +40,7 @@ module Devise
           # Do nothing. User already signed in and we are not forcing it.
           true
         else
-          warden.set_user(resource, options.merge!(:scope => scope))
+          warden.set_user(resource, options.merge!(scope: scope))
         end
       end
 
@@ -56,11 +56,11 @@ module Devise
       def sign_out(resource_or_scope=nil)
         return sign_out_all_scopes unless resource_or_scope
         scope = Devise::Mapping.find_scope!(resource_or_scope)
-        user = warden.user(:scope => scope, :run_callbacks => false) # If there is no user
+        user = warden.user(scope: scope, run_callbacks: false) # If there is no user
 
         warden.raw_session.inspect # Without this inspect here. The session does not clear.
         warden.logout(scope)
-        warden.clear_strategies_cache!(:scope => scope)
+        warden.clear_strategies_cache!(scope: scope)
         instance_variable_set(:"@current_#{scope}", nil)
 
         !!user
@@ -70,7 +70,7 @@ module Devise
       # in one click. This signs out ALL scopes in warden. Returns true if there was at least one logout
       # and false if there was no user logged in on all scopes.
       def sign_out_all_scopes(lock=true)
-        users = Devise.mappings.keys.map { |s| warden.user(:scope => s, :run_callbacks => false) }
+        users = Devise.mappings.keys.map { |s| warden.user(scope: s, run_callbacks: false) }
 
         warden.raw_session.inspect
         warden.logout

data/lib/devise/failure_app.rb

@@ -15,7 +15,7 @@ module Devise
 
     include Devise::Controllers::StoreLocation
 
-    delegate :flash, :to => :request
+    delegate :flash, to: :request
 
     def self.call(env)
       @respond ||= action(:respond)
@@ -151,9 +151,9 @@ module Devise
       return i18n_message unless request_format
       method = "to_#{request_format}"
       if method == "to_xml"
-        { :error => i18n_message }.to_xml(:root => "errors")
+        { error: i18n_message }.to_xml(root: "errors")
       elsif {}.respond_to?(method)
-        { :error => i18n_message }.send(method)
+        { error: i18n_message }.send(method)
       else
         i18n_message
       end

data/lib/devise/hooks/activatable.rb

@@ -6,6 +6,6 @@ Warden::Manager.after_set_user do |record, warden, options|
   if record && record.respond_to?(:active_for_authentication?) && !record.active_for_authentication?
     scope = options[:scope]
     warden.logout(scope)
-    throw :warden, :scope => scope, :message => record.inactive_message
+    throw :warden, scope: scope, message: record.inactive_message
   end
 end

data/lib/devise/hooks/lockable.rb

@@ -1,6 +1,6 @@
 # After each sign in, if resource responds to failed_attempts, sets it to 0
 # This is only triggered when the user is explicitly set (with set_user)
-Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
+Warden::Manager.after_set_user except: :fetch do |record, warden, options|
   if record.respond_to?(:failed_attempts) && warden.authenticated?(options[:scope])
     record.update_attribute(:failed_attempts, 0) unless record.failed_attempts.to_i.zero?
   end

data/lib/devise/hooks/proxy.rb

@@ -7,7 +7,7 @@ module Devise
       include Devise::Controllers::SignInOut
 
       attr_reader :warden
-      delegate :cookies, :env, :to => :warden
+      delegate :cookies, :env, to: :warden
 
       def initialize(warden)
         @warden = warden

data/lib/devise/hooks/rememberable.rb

@@ -1,4 +1,4 @@
-Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
+Warden::Manager.after_set_user except: :fetch do |record, warden, options|
   scope = options[:scope]
   if record.respond_to?(:remember_me) && options[:store] != false &&
      record.remember_me && warden.authenticated?(scope)

data/lib/devise/hooks/timeoutable.rb

@@ -18,7 +18,7 @@ Warden::Manager.after_set_user do |record, warden, options|
         record.reset_authentication_token!
       end
 
-      throw :warden, :scope => scope, :message => :timeout
+      throw :warden, scope: scope, message: :timeout
     end
 
     unless env['devise.skip_trackable']

data/lib/devise/hooks/trackable.rb

@@ -2,7 +2,7 @@
 # This is only triggered when the user is explicitly set (with set_user)
 # and on authentication. Retrieving the user from session (:fetch) does
 # not trigger it.
-Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
+Warden::Manager.after_set_user except: :fetch do |record, warden, options|
   if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope]) && !warden.request.env['devise.skip_trackable']
     record.update_tracked_fields!(warden.request)
   end

data/lib/devise/mailers/helpers.rb

@@ -27,12 +27,12 @@ module Devise
 
       def headers_for(action, opts)
         headers = {
-          :subject       => subject_for(action),
-          :to            => resource.email,
-          :from          => mailer_sender(devise_mapping),
-          :reply_to      => mailer_reply_to(devise_mapping),
-          :template_path => template_paths,
-          :template_name => action
+          subject: subject_for(action),
+          to: resource.email,
+          from: mailer_sender(devise_mapping),
+          reply_to: mailer_reply_to(devise_mapping),
+          template_path: template_paths,
+          template_name: action
         }.merge(opts)
 
         @email = headers[:to]
@@ -82,8 +82,8 @@ module Devise
       #           subject: '...'
       #
       def subject_for(key)
-        I18n.t(:"#{devise_mapping.name}_subject", :scope => [:devise, :mailer, key],
-          :default => [:subject, key.to_s.humanize])
+        I18n.t(:"#{devise_mapping.name}_subject", scope: [:devise, :mailer, key],
+          default: [:subject, key.to_s.humanize])
       end
     end
   end

data/lib/devise/models/authenticatable.rb

@@ -29,7 +29,7 @@ module Devise
     #     It also accepts an array specifying the strategies that should allow params authentication.
     #
     #   * +skip_session_storage+: By default Devise will store the user in session.
-    #     By default is set to :skip_session_storage => [:http_auth].
+    #     By default is set to skip_session_storage: [:http_auth].
     #
     # == active_for_authentication?
     #
@@ -59,7 +59,7 @@ module Devise
         :remember_token, :unconfirmed_email, :failed_attempts, :unlock_token, :locked_at]
 
       included do
-        class_attribute :devise_modules, :instance_writer => false
+        class_attribute :devise_modules, instance_writer: false
         self.devise_modules ||= []
 
         before_validation :downcase_keys
@@ -231,7 +231,7 @@ module Devise
         # Example:
         #
         #   def self.find_for_authentication(tainted_conditions)
-        #     find_first_by_auth_conditions(tainted_conditions, :active => true)
+        #     find_first_by_auth_conditions(tainted_conditions, active: true)
         #   end
         #
         # Finally, notice that Devise also queries for users in other scenarios

data/lib/devise/models/confirmable.rb

@@ -33,10 +33,10 @@ module Devise
       include ActionView::Helpers::DateHelper
 
       included do
-        before_create :generate_confirmation_token, :if => :confirmation_required?
-        after_create  :send_on_create_confirmation_instructions, :if => :send_confirmation_notification?
-        before_update :postpone_email_change_until_confirmation_and_regenerate_confirmation_token, :if => :postpone_email_change?
-        after_update  :send_reconfirmation_instructions,  :if => :reconfirmation_required?
+        before_create :generate_confirmation_token, if: :confirmation_required?
+        after_create  :send_on_create_confirmation_instructions, if: :send_confirmation_notification?
+        before_update :postpone_email_change_until_confirmation_and_regenerate_confirmation_token, if: :postpone_email_change?
+        after_update  :send_reconfirmation_instructions,  if: :reconfirmation_required?
       end
 
       def initialize(*args, &block)
@@ -60,7 +60,7 @@ module Devise
         pending_any_confirmation do
           if confirmation_period_expired?
             self.errors.add(:email, :confirmation_period_expired,
-              :period => Devise::TimeInflector.time_ago_in_words(self.class.confirm_within.ago))
+              period: Devise::TimeInflector.time_ago_in_words(self.class.confirm_within.ago))
             return false
           end
 
@@ -73,9 +73,9 @@ module Devise
             self.unconfirmed_email = nil
 
             # We need to validate in such cases to enforce e-mail uniqueness
-            save(:validate => true)
+            save(validate: true)
           else
-            save(:validate => false)
+            save(validate: false)
           end
 
           after_confirmation if saved
@@ -98,7 +98,7 @@ module Devise
           generate_confirmation_token!
         end
 
-        opts = pending_reconfirmation? ? { :to => unconfirmed_email } : { }
+        opts = pending_reconfirmation? ? { to: unconfirmed_email } : { }
         send_devise_notification(:confirmation_instructions, @raw_confirmation_token, opts)
       end
 
@@ -225,7 +225,7 @@ module Devise
         end
 
         def generate_confirmation_token!
-          generate_confirmation_token && save(:validate => false)
+          generate_confirmation_token && save(validate: false)
         end
 
         def postpone_email_change_until_confirmation_and_regenerate_confirmation_token

data/lib/devise/models/database_authenticatable.rb

@@ -4,7 +4,7 @@ require 'bcrypt'
 module Devise
   # Digests the password using bcrypt.
   def self.bcrypt(klass, password)
-    ::BCrypt::Password.create("#{password}#{klass.pepper}", :cost => klass.stretches).to_s
+    ::BCrypt::Password.create("#{password}#{klass.pepper}", cost: klass.stretches).to_s
   end
 
   module Models

data/lib/devise/models/lockable.rb

@@ -22,7 +22,7 @@ module Devise
     module Lockable
       extend  ActiveSupport::Concern
 
-      delegate :lock_strategy_enabled?, :unlock_strategy_enabled?, :to => "self.class"
+      delegate :lock_strategy_enabled?, :unlock_strategy_enabled?, to: "self.class"
 
       def self.required_fields(klass)
         attributes = []
@@ -36,14 +36,14 @@ module Devise
       # Lock a user setting its locked_at to actual time.
       # * +opts+: Hash options if you don't want to send email
       #   when you lock access, you could pass the next hash
-      #   `{ :send_instructions => false } as option`.
+      #   `{ send_instructions: false } as option`.
       def lock_access!(opts = { })
         self.locked_at = Time.now.utc
 
         if unlock_strategy_enabled?(:email) && opts.fetch(:send_instructions, true)
           send_unlock_instructions
         else
-          save(:validate => false)
+          save(validate: false)
         end
       end
 
@@ -52,7 +52,7 @@ module Devise
         self.locked_at = nil
         self.failed_attempts = 0 if respond_to?(:failed_attempts=)
         self.unlock_token = nil  if respond_to?(:unlock_token=)
-        save(:validate => false)
+        save(validate: false)
       end
 
       # Verifies whether a user is locked or not.
@@ -64,7 +64,7 @@ module Devise
       def send_unlock_instructions
         raw, enc = Devise.token_generator.generate(self.class, :unlock_token)
         self.unlock_token = enc
-        self.save(:validate => false)
+        self.save(validate: false)
         send_devise_notification(:unlock_instructions, raw, {})
         raw
       end
@@ -104,7 +104,7 @@ module Devise
           if attempts_exceeded?
             lock_access! unless access_locked?
           else
-            save(:validate => false)
+            save(validate: false)
           end
           false
         end