devise 3.2.3 → 3.2.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/Gemfile +2 -2
- data/Gemfile.lock +6 -6
- data/README.md +7 -0
- data/Rakefile +1 -1
- data/app/controllers/devise/confirmations_controller.rb +2 -2
- data/app/controllers/devise/omniauth_callbacks_controller.rb +2 -2
- data/app/controllers/devise/passwords_controller.rb +3 -3
- data/app/controllers/devise/registrations_controller.rb +7 -7
- data/app/controllers/devise/sessions_controller.rb +6 -6
- data/app/controllers/devise/unlocks_controller.rb +2 -2
- data/app/controllers/devise_controller.rb +3 -3
- data/app/helpers/devise_helper.rb +2 -2
- data/app/views/devise/confirmations/new.html.erb +2 -2
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +3 -3
- data/app/views/devise/passwords/new.html.erb +2 -2
- data/app/views/devise/registrations/edit.html.erb +6 -6
- data/app/views/devise/registrations/new.html.erb +4 -4
- data/app/views/devise/sessions/new.html.erb +3 -3
- data/app/views/devise/unlocks/new.html.erb +2 -2
- data/devise.gemspec +1 -1
- data/gemfiles/Gemfile.rails-3.2-stable +3 -3
- data/gemfiles/Gemfile.rails-4.0-stable +3 -3
- data/gemfiles/Gemfile.rails-head +3 -3
- data/lib/devise.rb +3 -3
- data/lib/devise/controllers/helpers.rb +5 -5
- data/lib/devise/controllers/rememberable.rb +3 -3
- data/lib/devise/controllers/sign_in_out.rb +8 -8
- data/lib/devise/failure_app.rb +3 -3
- data/lib/devise/hooks/activatable.rb +1 -1
- data/lib/devise/hooks/lockable.rb +1 -1
- data/lib/devise/hooks/proxy.rb +1 -1
- data/lib/devise/hooks/rememberable.rb +1 -1
- data/lib/devise/hooks/timeoutable.rb +1 -1
- data/lib/devise/hooks/trackable.rb +1 -1
- data/lib/devise/mailers/helpers.rb +8 -8
- data/lib/devise/models/authenticatable.rb +3 -3
- data/lib/devise/models/confirmable.rb +9 -9
- data/lib/devise/models/database_authenticatable.rb +1 -1
- data/lib/devise/models/lockable.rb +6 -6
- data/lib/devise/models/omniauthable.rb +1 -1
- data/lib/devise/models/recoverable.rb +1 -1
- data/lib/devise/models/rememberable.rb +3 -3
- data/lib/devise/models/trackable.rb +1 -1
- data/lib/devise/models/validatable.rb +6 -6
- data/lib/devise/modules.rb +9 -9
- data/lib/devise/omniauth/url_helpers.rb +2 -2
- data/lib/devise/rails.rb +1 -1
- data/lib/devise/rails/routes.rb +81 -81
- data/lib/devise/test_helpers.rb +2 -2
- data/lib/devise/time_inflector.rb +1 -1
- data/lib/devise/version.rb +1 -1
- data/lib/generators/active_record/devise_generator.rb +6 -6
- data/lib/generators/active_record/templates/migration.rb +4 -4
- data/lib/generators/active_record/templates/migration_existing.rb +4 -4
- data/lib/generators/devise/devise_generator.rb +3 -3
- data/lib/generators/devise/views_generator.rb +29 -18
- data/lib/generators/mongoid/devise_generator.rb +19 -19
- data/lib/generators/templates/README +2 -2
- data/lib/generators/templates/devise.rb +9 -7
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +2 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +6 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +4 -4
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +2 -2
- data/test/controllers/helpers_test.rb +31 -31
- data/test/controllers/internal_helpers_test.rb +6 -6
- data/test/controllers/sessions_controller_test.rb +18 -18
- data/test/controllers/url_helpers_test.rb +4 -4
- data/test/delegator_test.rb +1 -1
- data/test/devise_test.rb +3 -3
- data/test/failure_app_test.rb +21 -21
- data/test/generators/active_record_generator_test.rb +4 -4
- data/test/generators/devise_generator_test.rb +2 -2
- data/test/generators/mongoid_generator_test.rb +1 -1
- data/test/generators/views_generator_test.rb +30 -1
- data/test/helpers/devise_helper_test.rb +11 -11
- data/test/integration/authenticatable_test.rb +42 -42
- data/test/integration/confirmable_test.rb +46 -46
- data/test/integration/database_authenticatable_test.rb +16 -16
- data/test/integration/http_authenticatable_test.rb +11 -11
- data/test/integration/lockable_test.rb +37 -37
- data/test/integration/omniauthable_test.rb +3 -3
- data/test/integration/recoverable_test.rb +41 -41
- data/test/integration/registerable_test.rb +49 -49
- data/test/integration/rememberable_test.rb +13 -13
- data/test/integration/timeoutable_test.rb +7 -7
- data/test/integration/trackable_test.rb +2 -2
- data/test/mailers/confirmation_instructions_test.rb +4 -4
- data/test/mailers/reset_password_instructions_test.rb +3 -3
- data/test/mailers/unlock_instructions_test.rb +2 -2
- data/test/models/authenticatable_test.rb +3 -3
- data/test/models/confirmable_test.rb +31 -31
- data/test/models/database_authenticatable_test.rb +27 -27
- data/test/models/lockable_test.rb +29 -29
- data/test/models/recoverable_test.rb +19 -19
- data/test/models/rememberable_test.rb +8 -8
- data/test/models/serializable_test.rb +8 -8
- data/test/models/timeoutable_test.rb +1 -1
- data/test/models/validatable_test.rb +11 -11
- data/test/omniauth/config_test.rb +3 -3
- data/test/omniauth/url_helpers_test.rb +3 -3
- data/test/parameter_sanitizer_test.rb +1 -1
- data/test/rails_app/app/controllers/admins_controller.rb +1 -1
- data/test/rails_app/app/controllers/application_controller.rb +2 -2
- data/test/rails_app/app/controllers/home_controller.rb +1 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +2 -2
- data/test/rails_app/app/controllers/users_controller.rb +5 -5
- data/test/rails_app/app/mailers/users/mailer.rb +4 -4
- data/test/rails_app/app/mongoid/admin.rb +11 -11
- data/test/rails_app/app/mongoid/shim.rb +2 -2
- data/test/rails_app/app/mongoid/user.rb +19 -19
- data/test/rails_app/app/views/admins/sessions/new.html.erb +1 -1
- data/test/rails_app/app/views/layouts/application.html.erb +1 -1
- data/test/rails_app/config/application.rb +2 -2
- data/test/rails_app/config/initializers/devise.rb +3 -3
- data/test/rails_app/config/initializers/secret_token.rb +1 -1
- data/test/rails_app/config/routes.rb +43 -43
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +7 -7
- data/test/rails_app/lib/shared_admin.rb +4 -4
- data/test/routes_test.rb +59 -59
- data/test/support/helpers.rb +4 -4
- data/test/support/integration.rb +12 -12
- data/test/test_helpers_test.rb +3 -3
- data/test/test_models.rb +5 -5
- metadata +4 -4
@@ -10,7 +10,7 @@ module Devise
|
|
10
10
|
#
|
11
11
|
# * +omniauth_providers+: Which providers are available to this model. It expects an array:
|
12
12
|
#
|
13
|
-
# devise_for :database_authenticatable, :omniauthable, :
|
13
|
+
# devise_for :database_authenticatable, :omniauthable, omniauth_providers: [:twitter]
|
14
14
|
#
|
15
15
|
module Omniauthable
|
16
16
|
extend ActiveSupport::Concern
|
@@ -50,7 +50,7 @@ module Devise
|
|
50
50
|
def remember_me!(extend_period=false)
|
51
51
|
self.remember_token = self.class.remember_token if generate_remember_token?
|
52
52
|
self.remember_created_at = Time.now.utc if generate_remember_timestamp?(extend_period)
|
53
|
-
save(:
|
53
|
+
save(validate: false) if self.changed?
|
54
54
|
end
|
55
55
|
|
56
56
|
# If the record is persisted, remove the remember token (but only if
|
@@ -59,7 +59,7 @@ module Devise
|
|
59
59
|
return unless persisted?
|
60
60
|
self.remember_token = nil if respond_to?(:remember_token=)
|
61
61
|
self.remember_created_at = nil
|
62
|
-
save(:
|
62
|
+
save(validate: false)
|
63
63
|
end
|
64
64
|
|
65
65
|
# Remember token should be expired if expiration time not overpass now.
|
@@ -118,7 +118,7 @@ module Devise
|
|
118
118
|
def remember_token #:nodoc:
|
119
119
|
loop do
|
120
120
|
token = Devise.friendly_token
|
121
|
-
break token unless to_adapter.find_first({ :
|
121
|
+
break token unless to_adapter.find_first({ remember_token: token })
|
122
122
|
end
|
123
123
|
end
|
124
124
|
|
@@ -27,7 +27,7 @@ module Devise
|
|
27
27
|
self.sign_in_count ||= 0
|
28
28
|
self.sign_in_count += 1
|
29
29
|
|
30
|
-
save(:
|
30
|
+
save(validate: false) or raise "Devise trackable could not save #{inspect}." \
|
31
31
|
"Please make sure a model using trackable can be saved at sign in."
|
32
32
|
end
|
33
33
|
end
|
@@ -26,13 +26,13 @@ module Devise
|
|
26
26
|
assert_validations_api!(base)
|
27
27
|
|
28
28
|
base.class_eval do
|
29
|
-
validates_presence_of :email, :
|
30
|
-
validates_uniqueness_of :email, :
|
31
|
-
validates_format_of :email, :
|
29
|
+
validates_presence_of :email, if: :email_required?
|
30
|
+
validates_uniqueness_of :email, allow_blank: true, if: :email_changed?
|
31
|
+
validates_format_of :email, with: email_regexp, allow_blank: true, if: :email_changed?
|
32
32
|
|
33
|
-
validates_presence_of :password, :
|
34
|
-
validates_confirmation_of :password, :
|
35
|
-
validates_length_of :password, :
|
33
|
+
validates_presence_of :password, if: :password_required?
|
34
|
+
validates_confirmation_of :password, if: :password_required?
|
35
|
+
validates_length_of :password, within: password_length, allow_blank: true
|
36
36
|
end
|
37
37
|
end
|
38
38
|
|
data/lib/devise/modules.rb
CHANGED
@@ -1,26 +1,26 @@
|
|
1
1
|
require 'active_support/core_ext/object/with_options'
|
2
2
|
|
3
|
-
Devise.with_options :
|
3
|
+
Devise.with_options model: true do |d|
|
4
4
|
# Strategies first
|
5
|
-
d.with_options :
|
5
|
+
d.with_options strategy: true do |s|
|
6
6
|
routes = [nil, :new, :destroy]
|
7
|
-
s.add_module :database_authenticatable, :
|
8
|
-
s.add_module :rememberable, :
|
7
|
+
s.add_module :database_authenticatable, controller: :sessions, route: { session: routes }
|
8
|
+
s.add_module :rememberable, no_input: true
|
9
9
|
end
|
10
10
|
|
11
11
|
# Other authentications
|
12
|
-
d.add_module :omniauthable, :
|
12
|
+
d.add_module :omniauthable, controller: :omniauth_callbacks, route: :omniauth_callback
|
13
13
|
|
14
14
|
# Misc after
|
15
15
|
routes = [nil, :new, :edit]
|
16
|
-
d.add_module :recoverable, :
|
17
|
-
d.add_module :registerable, :
|
16
|
+
d.add_module :recoverable, controller: :passwords, route: { password: routes }
|
17
|
+
d.add_module :registerable, controller: :registrations, route: { registration: (routes << :cancel) }
|
18
18
|
d.add_module :validatable
|
19
19
|
|
20
20
|
# The ones which can sign out after
|
21
21
|
routes = [nil, :new]
|
22
|
-
d.add_module :confirmable, :
|
23
|
-
d.add_module :lockable, :
|
22
|
+
d.add_module :confirmable, controller: :confirmations, route: { confirmation: routes }
|
23
|
+
d.add_module :lockable, controller: :unlocks, route: { unlock: routes }
|
24
24
|
d.add_module :timeoutable
|
25
25
|
|
26
26
|
# Stats for last, so we make sure the user is really signed in
|
@@ -6,12 +6,12 @@ module Devise
|
|
6
6
|
|
7
7
|
def omniauth_authorize_path(resource_or_scope, *args)
|
8
8
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
9
|
-
send("#{scope}_omniauth_authorize_path", *args)
|
9
|
+
_devise_route_context.send("#{scope}_omniauth_authorize_path", *args)
|
10
10
|
end
|
11
11
|
|
12
12
|
def omniauth_callback_path(resource_or_scope, *args)
|
13
13
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
14
|
-
send("#{scope}_omniauth_callback_path", *args)
|
14
|
+
_devise_route_context.send("#{scope}_omniauth_callback_path", *args)
|
15
15
|
end
|
16
16
|
end
|
17
17
|
end
|
data/lib/devise/rails.rb
CHANGED
data/lib/devise/rails/routes.rb
CHANGED
@@ -43,20 +43,20 @@ module ActionDispatch::Routing
|
|
43
43
|
# needed routes:
|
44
44
|
#
|
45
45
|
# # Session routes for Authenticatable (default)
|
46
|
-
# new_user_session GET /users/sign_in {:
|
47
|
-
# user_session POST /users/sign_in {:
|
48
|
-
# destroy_user_session DELETE /users/sign_out {:
|
46
|
+
# new_user_session GET /users/sign_in {controller:"devise/sessions", action:"new"}
|
47
|
+
# user_session POST /users/sign_in {controller:"devise/sessions", action:"create"}
|
48
|
+
# destroy_user_session DELETE /users/sign_out {controller:"devise/sessions", action:"destroy"}
|
49
49
|
#
|
50
50
|
# # Password routes for Recoverable, if User model has :recoverable configured
|
51
|
-
# new_user_password GET /users/password/new(.:format) {:
|
52
|
-
# edit_user_password GET /users/password/edit(.:format) {:
|
53
|
-
# user_password PUT /users/password(.:format) {:
|
54
|
-
# POST /users/password(.:format) {:
|
51
|
+
# new_user_password GET /users/password/new(.:format) {controller:"devise/passwords", action:"new"}
|
52
|
+
# edit_user_password GET /users/password/edit(.:format) {controller:"devise/passwords", action:"edit"}
|
53
|
+
# user_password PUT /users/password(.:format) {controller:"devise/passwords", action:"update"}
|
54
|
+
# POST /users/password(.:format) {controller:"devise/passwords", action:"create"}
|
55
55
|
#
|
56
56
|
# # Confirmation routes for Confirmable, if User model has :confirmable configured
|
57
|
-
# new_user_confirmation GET /users/confirmation/new(.:format) {:
|
58
|
-
# user_confirmation GET /users/confirmation(.:format) {:
|
59
|
-
# POST /users/confirmation(.:format) {:
|
57
|
+
# new_user_confirmation GET /users/confirmation/new(.:format) {controller:"devise/confirmations", action:"new"}
|
58
|
+
# user_confirmation GET /users/confirmation(.:format) {controller:"devise/confirmations", action:"show"}
|
59
|
+
# POST /users/confirmation(.:format) {controller:"devise/confirmations", action:"create"}
|
60
60
|
#
|
61
61
|
# ==== Routes integration
|
62
62
|
#
|
@@ -84,22 +84,22 @@ module ActionDispatch::Routing
|
|
84
84
|
#
|
85
85
|
# You can configure your routes with some options:
|
86
86
|
#
|
87
|
-
# * :
|
87
|
+
# * class_name: setup a different class to be looked up by devise, if it cannot be
|
88
88
|
# properly found by the route name.
|
89
89
|
#
|
90
|
-
# devise_for :users, :
|
90
|
+
# devise_for :users, class_name: 'Account'
|
91
91
|
#
|
92
|
-
# * :
|
92
|
+
# * path: allows you to setup path name that will be used, as rails routes does.
|
93
93
|
# The following route configuration would setup your route as /accounts instead of /users:
|
94
94
|
#
|
95
|
-
# devise_for :users, :
|
95
|
+
# devise_for :users, path: 'accounts'
|
96
96
|
#
|
97
|
-
# * :
|
97
|
+
# * singular: setup the singular name for the given resource. This is used as the instance variable
|
98
98
|
# name in controller, as the name in routes and the scope given to warden.
|
99
99
|
#
|
100
|
-
# devise_for :users, :
|
100
|
+
# devise_for :users, singular: :user
|
101
101
|
#
|
102
|
-
# * :
|
102
|
+
# * path_names: configure different path names to overwrite defaults :sign_in, :sign_out, :sign_up,
|
103
103
|
# :password, :confirmation, :unlock.
|
104
104
|
#
|
105
105
|
# devise_for :users, path_names: {
|
@@ -108,50 +108,50 @@ module ActionDispatch::Routing
|
|
108
108
|
# registration: 'register', edit: 'edit/profile'
|
109
109
|
# }
|
110
110
|
#
|
111
|
-
# * :
|
111
|
+
# * controllers: the controller which should be used. All routes by default points to Devise controllers.
|
112
112
|
# However, if you want them to point to custom controller, you should do:
|
113
113
|
#
|
114
|
-
# devise_for :users, :
|
114
|
+
# devise_for :users, controllers: { sessions: "users/sessions" }
|
115
115
|
#
|
116
|
-
# * :
|
116
|
+
# * failure_app: a rack app which is invoked whenever there is a failure. Strings representing a given
|
117
117
|
# are also allowed as parameter.
|
118
118
|
#
|
119
|
-
# * :
|
119
|
+
# * sign_out_via: the HTTP method(s) accepted for the :sign_out action (default: :get),
|
120
120
|
# if you wish to restrict this to accept only :post or :delete requests you should do:
|
121
121
|
#
|
122
|
-
# devise_for :users, :
|
122
|
+
# devise_for :users, sign_out_via: [ :post, :delete ]
|
123
123
|
#
|
124
124
|
# You need to make sure that your sign_out controls trigger a request with a matching HTTP method.
|
125
125
|
#
|
126
|
-
# * :
|
126
|
+
# * module: the namespace to find controllers (default: "devise", thus
|
127
127
|
# accessing devise/sessions, devise/registrations, and so on). If you want
|
128
128
|
# to namespace all at once, use module:
|
129
129
|
#
|
130
|
-
# devise_for :users, :
|
130
|
+
# devise_for :users, module: "users"
|
131
131
|
#
|
132
|
-
# * :
|
132
|
+
# * skip: tell which controller you want to skip routes from being created:
|
133
133
|
#
|
134
|
-
# devise_for :users, :
|
134
|
+
# devise_for :users, skip: :sessions
|
135
135
|
#
|
136
|
-
# * :
|
136
|
+
# * only: the opposite of :skip, tell which controllers only to generate routes to:
|
137
137
|
#
|
138
|
-
# devise_for :users, :
|
138
|
+
# devise_for :users, only: :sessions
|
139
139
|
#
|
140
|
-
# * :
|
140
|
+
# * skip_helpers: skip generating Devise url helpers like new_session_path(@user).
|
141
141
|
# This is useful to avoid conflicts with previous routes and is false by default.
|
142
142
|
# It accepts true as option, meaning it will skip all the helpers for the controllers
|
143
143
|
# given in :skip but it also accepts specific helpers to be skipped:
|
144
144
|
#
|
145
|
-
# devise_for :users, :
|
146
|
-
# devise_for :users, :
|
145
|
+
# devise_for :users, skip: [:registrations, :confirmations], skip_helpers: true
|
146
|
+
# devise_for :users, skip_helpers: [:registrations, :confirmations]
|
147
147
|
#
|
148
|
-
# * :
|
148
|
+
# * format: include "(.:format)" in the generated routes? true by default, set to false to disable:
|
149
149
|
#
|
150
|
-
# devise_for :users, :
|
150
|
+
# devise_for :users, format: false
|
151
151
|
#
|
152
|
-
# * :
|
152
|
+
# * constraints: works the same as Rails' constraints
|
153
153
|
#
|
154
|
-
# * :
|
154
|
+
# * defaults: works the same as Rails' defaults
|
155
155
|
#
|
156
156
|
# ==== Scoping
|
157
157
|
#
|
@@ -173,7 +173,7 @@ module ActionDispatch::Routing
|
|
173
173
|
#
|
174
174
|
# class ApplicationController < ActionController::Base
|
175
175
|
# def self.default_url_options
|
176
|
-
# { :
|
176
|
+
# { locale: I18n.locale }
|
177
177
|
# end
|
178
178
|
# end
|
179
179
|
#
|
@@ -198,7 +198,7 @@ module ActionDispatch::Routing
|
|
198
198
|
# In order to get Devise to recognize the deactivate action, your devise_scope entry should look like this:
|
199
199
|
#
|
200
200
|
# devise_scope :owner do
|
201
|
-
# post "deactivate", :
|
201
|
+
# post "deactivate", to: "registrations#deactivate", as: "deactivate_registration"
|
202
202
|
# end
|
203
203
|
#
|
204
204
|
def devise_for(*resources)
|
@@ -263,7 +263,7 @@ module ActionDispatch::Routing
|
|
263
263
|
# end
|
264
264
|
#
|
265
265
|
# authenticate :user, lambda {|u| u.role == "admin"} do
|
266
|
-
# root :
|
266
|
+
# root to: "admin/dashboard#show", as: :user_root
|
267
267
|
# end
|
268
268
|
#
|
269
269
|
def authenticate(scope=nil, block=nil)
|
@@ -277,18 +277,18 @@ module ActionDispatch::Routing
|
|
277
277
|
# a model and allows extra constraints to be done on the instance.
|
278
278
|
#
|
279
279
|
# authenticated :admin do
|
280
|
-
# root :
|
280
|
+
# root to: 'admin/dashboard#show', as: :admin_root
|
281
281
|
# end
|
282
282
|
#
|
283
283
|
# authenticated do
|
284
|
-
# root :
|
284
|
+
# root to: 'dashboard#show', as: :authenticated_root
|
285
285
|
# end
|
286
286
|
#
|
287
287
|
# authenticated :user, lambda {|u| u.role == "admin"} do
|
288
|
-
# root :
|
288
|
+
# root to: "admin/dashboard#show", as: :user_root
|
289
289
|
# end
|
290
290
|
#
|
291
|
-
# root :
|
291
|
+
# root to: 'landing#show'
|
292
292
|
#
|
293
293
|
def authenticated(scope=nil, block=nil)
|
294
294
|
constraints_for(:authenticate?, scope, block) do
|
@@ -301,15 +301,15 @@ module ActionDispatch::Routing
|
|
301
301
|
#
|
302
302
|
# unauthenticated do
|
303
303
|
# as :user do
|
304
|
-
# root :
|
304
|
+
# root to: 'devise/registrations#new'
|
305
305
|
# end
|
306
306
|
# end
|
307
307
|
#
|
308
|
-
# root :
|
308
|
+
# root to: 'dashboard#show'
|
309
309
|
#
|
310
310
|
def unauthenticated(scope=nil)
|
311
311
|
constraint = lambda do |request|
|
312
|
-
not request.env["warden"].authenticate? :
|
312
|
+
not request.env["warden"].authenticate? scope: scope
|
313
313
|
end
|
314
314
|
|
315
315
|
constraints(constraint) do
|
@@ -322,7 +322,7 @@ module ActionDispatch::Routing
|
|
322
322
|
# to which controller it is targetted.
|
323
323
|
#
|
324
324
|
# as :user do
|
325
|
-
# get "sign_in", :
|
325
|
+
# get "sign_in", to: "devise/sessions#new"
|
326
326
|
# end
|
327
327
|
#
|
328
328
|
# Notice you cannot have two scopes mapping to the same URL. And remember, if
|
@@ -354,42 +354,42 @@ module ActionDispatch::Routing
|
|
354
354
|
protected
|
355
355
|
|
356
356
|
def devise_session(mapping, controllers) #:nodoc:
|
357
|
-
resource :session, :
|
358
|
-
get :new, :
|
359
|
-
post :create, :
|
360
|
-
match :destroy, :
|
357
|
+
resource :session, only: [], controller: controllers[:sessions], path: "" do
|
358
|
+
get :new, path: mapping.path_names[:sign_in], as: "new"
|
359
|
+
post :create, path: mapping.path_names[:sign_in]
|
360
|
+
match :destroy, path: mapping.path_names[:sign_out], as: "destroy", via: mapping.sign_out_via
|
361
361
|
end
|
362
362
|
end
|
363
363
|
|
364
364
|
def devise_password(mapping, controllers) #:nodoc:
|
365
|
-
resource :password, :
|
366
|
-
:
|
365
|
+
resource :password, only: [:new, :create, :edit, :update],
|
366
|
+
path: mapping.path_names[:password], controller: controllers[:passwords]
|
367
367
|
end
|
368
368
|
|
369
369
|
def devise_confirmation(mapping, controllers) #:nodoc:
|
370
|
-
resource :confirmation, :
|
371
|
-
:
|
370
|
+
resource :confirmation, only: [:new, :create, :show],
|
371
|
+
path: mapping.path_names[:confirmation], controller: controllers[:confirmations]
|
372
372
|
end
|
373
373
|
|
374
374
|
def devise_unlock(mapping, controllers) #:nodoc:
|
375
375
|
if mapping.to.unlock_strategy_enabled?(:email)
|
376
|
-
resource :unlock, :
|
377
|
-
:
|
376
|
+
resource :unlock, only: [:new, :create, :show],
|
377
|
+
path: mapping.path_names[:unlock], controller: controllers[:unlocks]
|
378
378
|
end
|
379
379
|
end
|
380
380
|
|
381
381
|
def devise_registration(mapping, controllers) #:nodoc:
|
382
382
|
path_names = {
|
383
|
-
:
|
384
|
-
:
|
385
|
-
:
|
383
|
+
new: mapping.path_names[:sign_up],
|
384
|
+
edit: mapping.path_names[:edit],
|
385
|
+
cancel: mapping.path_names[:cancel]
|
386
386
|
}
|
387
387
|
|
388
388
|
options = {
|
389
|
-
:
|
390
|
-
:
|
391
|
-
:
|
392
|
-
:
|
389
|
+
only: [:new, :create, :edit, :update, :destroy],
|
390
|
+
path: mapping.path_names[:registration],
|
391
|
+
path_names: path_names,
|
392
|
+
controller: controllers[:registrations]
|
393
393
|
}
|
394
394
|
|
395
395
|
resource :registration, options do
|
@@ -405,16 +405,16 @@ and you have set #{mapping.fullpath.inspect}. You can work around by passing
|
|
405
405
|
`skip: :omniauth_callbacks` and manually defining the routes. Here is an example:
|
406
406
|
|
407
407
|
match "/users/auth/:provider",
|
408
|
-
:
|
409
|
-
:
|
410
|
-
:
|
411
|
-
:
|
408
|
+
constraints: { provider: /google|facebook/ },
|
409
|
+
to: "devise/omniauth_callbacks#passthru",
|
410
|
+
as: :omniauth_authorize,
|
411
|
+
via: [:get, :post]
|
412
412
|
|
413
413
|
match "/users/auth/:action/callback",
|
414
|
-
:
|
415
|
-
:
|
416
|
-
:
|
417
|
-
:
|
414
|
+
constraints: { action: /google|facebook/ },
|
415
|
+
to: "devise/omniauth_callbacks",
|
416
|
+
as: :omniauth_callback,
|
417
|
+
via: [:get, :post]
|
418
418
|
ERROR
|
419
419
|
end
|
420
420
|
|
@@ -426,16 +426,16 @@ ERROR
|
|
426
426
|
providers = Regexp.union(mapping.to.omniauth_providers.map(&:to_s))
|
427
427
|
|
428
428
|
match "#{path_prefix}/:provider",
|
429
|
-
:
|
430
|
-
:
|
431
|
-
:
|
432
|
-
:
|
429
|
+
constraints: { provider: providers },
|
430
|
+
to: "#{controllers[:omniauth_callbacks]}#passthru",
|
431
|
+
as: :omniauth_authorize,
|
432
|
+
via: [:get, :post]
|
433
433
|
|
434
434
|
match "#{path_prefix}/:action/callback",
|
435
|
-
:
|
436
|
-
:
|
437
|
-
:
|
438
|
-
:
|
435
|
+
constraints: { action: providers },
|
436
|
+
to: controllers[:omniauth_callbacks],
|
437
|
+
as: :omniauth_callback,
|
438
|
+
via: [:get, :post]
|
439
439
|
ensure
|
440
440
|
@scope[:path] = path
|
441
441
|
end
|
@@ -446,7 +446,7 @@ ERROR
|
|
446
446
|
old = {}
|
447
447
|
DEVISE_SCOPE_KEYS.each { |k| old[k] = @scope[k] }
|
448
448
|
|
449
|
-
new = { :
|
449
|
+
new = { as: new_as, path: new_path, module: nil }
|
450
450
|
new.merge!(options.slice(:constraints, :defaults, :options))
|
451
451
|
|
452
452
|
@scope.merge!(new)
|
@@ -457,7 +457,7 @@ ERROR
|
|
457
457
|
|
458
458
|
def constraints_for(method_to_apply, scope=nil, block=nil)
|
459
459
|
constraint = lambda do |request|
|
460
|
-
request.env['warden'].send(method_to_apply, :
|
460
|
+
request.env['warden'].send(method_to_apply, scope: scope) &&
|
461
461
|
(block.nil? || block.call(request.env["warden"].user(scope)))
|
462
462
|
end
|
463
463
|
|