devise 3.2.4 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gitignore +0 -1
- data/.travis.yml +33 -17
- data/CHANGELOG.md +57 -1033
- data/CODE_OF_CONDUCT.md +22 -0
- data/CONTRIBUTING.md +2 -0
- data/Gemfile +5 -5
- data/Gemfile.lock +138 -115
- data/MIT-LICENSE +1 -1
- data/README.md +124 -65
- data/Rakefile +2 -1
- data/app/controllers/devise/confirmations_controller.rb +7 -3
- data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -4
- data/app/controllers/devise/passwords_controller.rb +16 -6
- data/app/controllers/devise/registrations_controller.rb +22 -10
- data/app/controllers/devise/sessions_controller.rb +42 -14
- data/app/controllers/devise/unlocks_controller.rb +5 -2
- data/app/controllers/devise_controller.rb +63 -29
- data/app/mailers/devise/mailer.rb +4 -0
- data/app/views/devise/confirmations/new.html.erb +7 -3
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/passwords/edit.html.erb +14 -5
- data/app/views/devise/passwords/new.html.erb +7 -3
- data/app/views/devise/registrations/edit.html.erb +19 -9
- data/app/views/devise/registrations/new.html.erb +18 -7
- data/app/views/devise/sessions/new.html.erb +16 -7
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +2 -2
- data/app/views/devise/unlocks/new.html.erb +7 -3
- data/bin/test +13 -0
- data/config/locales/en.yml +19 -16
- data/devise.gemspec +3 -4
- data/gemfiles/{Gemfile.rails-3.2-stable → Gemfile.rails-4.1-stable} +6 -6
- data/gemfiles/Gemfile.rails-4.1-stable.lock +167 -0
- data/gemfiles/{Gemfile.rails-head → Gemfile.rails-4.2-stable} +6 -6
- data/gemfiles/Gemfile.rails-4.2-stable.lock +189 -0
- data/gemfiles/Gemfile.rails-5.0-beta +37 -0
- data/gemfiles/Gemfile.rails-5.0-beta.lock +199 -0
- data/lib/devise/controllers/helpers.rb +94 -27
- data/lib/devise/controllers/rememberable.rb +9 -2
- data/lib/devise/controllers/sign_in_out.rb +2 -9
- data/lib/devise/controllers/store_location.rb +11 -3
- data/lib/devise/controllers/url_helpers.rb +7 -7
- data/lib/devise/encryptor.rb +22 -0
- data/lib/devise/failure_app.rb +72 -23
- data/lib/devise/hooks/activatable.rb +3 -4
- data/lib/devise/hooks/csrf_cleaner.rb +3 -1
- data/lib/devise/hooks/timeoutable.rb +13 -8
- data/lib/devise/mailers/helpers.rb +1 -1
- data/lib/devise/mapping.rb +6 -2
- data/lib/devise/models/authenticatable.rb +32 -28
- data/lib/devise/models/confirmable.rb +55 -22
- data/lib/devise/models/database_authenticatable.rb +32 -19
- data/lib/devise/models/lockable.rb +5 -5
- data/lib/devise/models/recoverable.rb +44 -20
- data/lib/devise/models/rememberable.rb +54 -27
- data/lib/devise/models/timeoutable.rb +0 -6
- data/lib/devise/models/trackable.rb +5 -3
- data/lib/devise/models/validatable.rb +3 -3
- data/lib/devise/models.rb +1 -1
- data/lib/devise/omniauth/url_helpers.rb +62 -4
- data/lib/devise/parameter_sanitizer.rb +176 -61
- data/lib/devise/rails/routes.rb +76 -59
- data/lib/devise/rails/warden_compat.rb +1 -10
- data/lib/devise/rails.rb +2 -11
- data/lib/devise/strategies/authenticatable.rb +15 -6
- data/lib/devise/strategies/database_authenticatable.rb +5 -4
- data/lib/devise/strategies/rememberable.rb +13 -3
- data/lib/devise/test_helpers.rb +12 -7
- data/lib/devise/token_generator.rb +1 -41
- data/lib/devise/version.rb +1 -1
- data/lib/devise.rb +150 -58
- data/lib/generators/active_record/devise_generator.rb +28 -4
- data/lib/generators/active_record/templates/migration.rb +3 -3
- data/lib/generators/active_record/templates/migration_existing.rb +3 -3
- data/lib/generators/devise/controllers_generator.rb +44 -0
- data/lib/generators/devise/install_generator.rb +15 -0
- data/lib/generators/devise/orm_helpers.rb +1 -18
- data/lib/generators/devise/views_generator.rb +14 -3
- data/lib/generators/templates/README +1 -1
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +28 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +28 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +32 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +60 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +25 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +28 -0
- data/lib/generators/templates/devise.rb +36 -28
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +1 -1
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +1 -1
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +2 -2
- data/test/controllers/custom_registrations_controller_test.rb +40 -0
- data/test/controllers/custom_strategy_test.rb +7 -5
- data/test/controllers/helper_methods_test.rb +22 -0
- data/test/controllers/helpers_test.rb +41 -1
- data/test/controllers/inherited_controller_i18n_messages_test.rb +51 -0
- data/test/controllers/internal_helpers_test.rb +19 -15
- data/test/controllers/load_hooks_controller_test.rb +19 -0
- data/test/controllers/passwords_controller_test.rb +5 -4
- data/test/controllers/sessions_controller_test.rb +24 -21
- data/test/controllers/url_helpers_test.rb +7 -1
- data/test/devise_test.rb +48 -8
- data/test/failure_app_test.rb +107 -19
- data/test/generators/active_record_generator_test.rb +6 -26
- data/test/generators/controllers_generator_test.rb +48 -0
- data/test/generators/install_generator_test.rb +14 -3
- data/test/generators/views_generator_test.rb +8 -1
- data/test/helpers/devise_helper_test.rb +10 -12
- data/test/integration/authenticatable_test.rb +37 -21
- data/test/integration/confirmable_test.rb +54 -14
- data/test/integration/database_authenticatable_test.rb +12 -1
- data/test/integration/http_authenticatable_test.rb +4 -5
- data/test/integration/lockable_test.rb +10 -9
- data/test/integration/omniauthable_test.rb +13 -11
- data/test/integration/recoverable_test.rb +28 -15
- data/test/integration/registerable_test.rb +41 -33
- data/test/integration/rememberable_test.rb +51 -7
- data/test/integration/timeoutable_test.rb +23 -22
- data/test/integration/trackable_test.rb +3 -3
- data/test/mailers/confirmation_instructions_test.rb +10 -10
- data/test/mailers/reset_password_instructions_test.rb +8 -8
- data/test/mailers/unlock_instructions_test.rb +8 -8
- data/test/mapping_test.rb +7 -0
- data/test/models/authenticatable_test.rb +11 -1
- data/test/models/confirmable_test.rb +91 -42
- data/test/models/database_authenticatable_test.rb +26 -6
- data/test/models/lockable_test.rb +29 -17
- data/test/models/recoverable_test.rb +74 -7
- data/test/models/rememberable_test.rb +68 -94
- data/test/models/trackable_test.rb +28 -0
- data/test/models/validatable_test.rb +9 -17
- data/test/models_test.rb +15 -6
- data/test/omniauth/url_helpers_test.rb +4 -7
- data/test/orm/active_record.rb +6 -1
- data/test/parameter_sanitizer_test.rb +103 -53
- data/test/rails_app/app/active_record/user.rb +1 -0
- data/test/rails_app/app/active_record/user_on_engine.rb +7 -0
- data/test/rails_app/app/active_record/user_on_main_app.rb +7 -0
- data/test/rails_app/app/active_record/user_without_email.rb +8 -0
- data/test/rails_app/app/controllers/admins_controller.rb +1 -6
- data/test/rails_app/app/controllers/application_controller.rb +5 -2
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +30 -0
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +31 -0
- data/test/rails_app/app/controllers/home_controller.rb +5 -1
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +3 -3
- data/test/rails_app/app/controllers/users_controller.rb +6 -6
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +3 -0
- data/test/rails_app/app/mailers/users/mailer.rb +0 -9
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +4 -0
- data/test/rails_app/app/mongoid/user_on_engine.rb +39 -0
- data/test/rails_app/app/mongoid/user_on_main_app.rb +39 -0
- data/test/rails_app/app/mongoid/user_without_email.rb +33 -0
- data/test/rails_app/config/application.rb +3 -3
- data/test/rails_app/config/boot.rb +4 -4
- data/test/rails_app/config/environments/production.rb +6 -2
- data/test/rails_app/config/environments/test.rb +13 -3
- data/test/rails_app/config/initializers/devise.rb +15 -16
- data/test/rails_app/config/initializers/secret_token.rb +1 -6
- data/test/rails_app/config/routes.rb +23 -3
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +2 -2
- data/test/rails_app/lib/shared_user.rb +1 -1
- data/test/rails_app/lib/shared_user_without_email.rb +26 -0
- data/test/rails_app/lib/shared_user_without_omniauth.rb +13 -0
- data/test/rails_test.rb +9 -0
- data/test/routes_test.rb +33 -16
- data/test/support/assertions.rb +2 -3
- data/test/support/helpers.rb +13 -6
- data/test/support/http_method_compatibility.rb +51 -0
- data/test/support/integration.rb +4 -4
- data/test/support/webrat/integrations/rails.rb +9 -0
- data/test/test_helper.rb +7 -0
- data/test/test_helpers_test.rb +43 -38
- data/test/test_models.rb +3 -3
- metadata +77 -23
- data/gemfiles/Gemfile.rails-4.0-stable +0 -29
@@ -1,81 +1,131 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
require 'devise/parameter_sanitizer'
|
3
3
|
|
4
|
-
class
|
4
|
+
class ParameterSanitizerTest < ActiveSupport::TestCase
|
5
5
|
def sanitizer(params)
|
6
|
-
|
6
|
+
params = ActionController::Parameters.new(params)
|
7
|
+
Devise::ParameterSanitizer.new(User, :user, params)
|
7
8
|
end
|
8
9
|
|
9
|
-
test '
|
10
|
-
sanitizer = sanitizer(user
|
11
|
-
|
10
|
+
test 'permits the default parameters for sign in' do
|
11
|
+
sanitizer = sanitizer('user' => { 'email' => 'jose' })
|
12
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
13
|
+
|
14
|
+
assert_equal({ 'email' => 'jose' }, sanitized)
|
12
15
|
end
|
13
|
-
end
|
14
16
|
|
15
|
-
|
16
|
-
|
17
|
+
test 'permits the default parameters for sign up' do
|
18
|
+
sanitizer = sanitizer('user' => { 'email' => 'jose', 'role' => 'invalid' })
|
19
|
+
sanitized = sanitizer.sanitize(:sign_up)
|
17
20
|
|
18
|
-
|
19
|
-
|
20
|
-
params = ActionController::Parameters.new(params)
|
21
|
-
Devise::ParameterSanitizer.new(User, :user, params)
|
22
|
-
end
|
21
|
+
assert_equal({ 'email' => 'jose' }, sanitized)
|
22
|
+
end
|
23
23
|
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
end
|
24
|
+
test 'permits the default parameters for account update' do
|
25
|
+
sanitizer = sanitizer('user' => { 'email' => 'jose', 'role' => 'invalid' })
|
26
|
+
sanitized = sanitizer.sanitize(:account_update)
|
28
27
|
|
29
|
-
|
30
|
-
|
31
|
-
sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid" })
|
32
|
-
assert_equal({ "email" => "jose", "password" => "invalid" }, sanitizer.sanitize(:sign_in))
|
33
|
-
end
|
34
|
-
end
|
28
|
+
assert_equal({ 'email' => 'jose' }, sanitized)
|
29
|
+
end
|
35
30
|
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
31
|
+
test 'permits news parameters for an existing action' do
|
32
|
+
sanitizer = sanitizer('user' => { 'username' => 'jose' })
|
33
|
+
sanitizer.permit(:sign_in, keys: [:username])
|
34
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
35
|
+
|
36
|
+
assert_equal({ 'username' => 'jose' }, sanitized)
|
37
|
+
end
|
40
38
|
|
41
|
-
|
42
|
-
|
43
|
-
|
39
|
+
test 'permits news parameters for an existing action with a block' do
|
40
|
+
sanitizer = sanitizer('user' => { 'username' => 'jose' })
|
41
|
+
sanitizer.permit(:sign_in) do |user|
|
42
|
+
user.permit(:username)
|
44
43
|
end
|
45
44
|
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
45
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
46
|
+
|
47
|
+
assert_equal({ 'username' => 'jose' }, sanitized)
|
48
|
+
end
|
49
|
+
|
50
|
+
test 'permit parameters for new actions' do
|
51
|
+
sanitizer = sanitizer('user' => { 'email' => 'jose@omglol', 'name' => 'Jose' })
|
52
|
+
sanitizer.permit(:invite_user, keys: [:email, :name])
|
53
|
+
|
54
|
+
sanitized = sanitizer.sanitize(:invite_user)
|
55
|
+
|
56
|
+
assert_equal({ 'email' => 'jose@omglol', 'name' => 'Jose' }, sanitized)
|
57
|
+
end
|
58
|
+
|
59
|
+
test 'fails when we do not have any permitted parameters for the action' do
|
60
|
+
sanitizer = sanitizer('user' => { 'email' => 'jose', 'password' => 'invalid' })
|
61
|
+
|
62
|
+
assert_raise NotImplementedError do
|
63
|
+
sanitizer.sanitize(:unknown)
|
50
64
|
end
|
65
|
+
end
|
66
|
+
|
67
|
+
test 'removes permitted parameters' do
|
68
|
+
sanitizer = sanitizer('user' => { 'email' => 'jose@omglol', 'username' => 'jose' })
|
51
69
|
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
70
|
+
sanitizer.permit(:sign_in, keys: [:username], except: [:email])
|
71
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
72
|
+
|
73
|
+
assert_equal({ 'username' => 'jose' }, sanitized)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
class DeprecatedParameterSanitizerAPITest < ActiveSupport::TestCase
|
78
|
+
class CustomSanitizer < Devise::ParameterSanitizer
|
79
|
+
def sign_in
|
80
|
+
default_params.permit(:username)
|
56
81
|
end
|
82
|
+
end
|
57
83
|
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
84
|
+
def sanitizer(params)
|
85
|
+
params = ActionController::Parameters.new(params)
|
86
|
+
Devise::ParameterSanitizer.new(User, :user, params)
|
87
|
+
end
|
88
|
+
|
89
|
+
test 'overriding instance methods have precedence over the default sanitized attributes' do
|
90
|
+
assert_deprecated do
|
91
|
+
params = ActionController::Parameters.new(user: { "username" => "jose", "name" => "Jose" })
|
92
|
+
sanitizer = CustomSanitizer.new(User, :user, params)
|
93
|
+
|
94
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
95
|
+
|
96
|
+
assert_equal({ "username" => "jose" }, sanitized)
|
63
97
|
end
|
98
|
+
end
|
64
99
|
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
100
|
+
test 'adding new parameters by mutating the Array' do
|
101
|
+
assert_deprecated do
|
102
|
+
sanitizer = sanitizer('user' => { 'username' => 'jose' })
|
103
|
+
sanitizer.for(:sign_in) << :username
|
104
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
105
|
+
|
106
|
+
assert_equal({ 'username' => 'jose' }, sanitized)
|
70
107
|
end
|
108
|
+
end
|
71
109
|
|
72
|
-
|
73
|
-
|
74
|
-
|
110
|
+
test 'adding new parameters with a block' do
|
111
|
+
assert_deprecated do
|
112
|
+
sanitizer = sanitizer('user' => { 'username' => 'jose' })
|
113
|
+
sanitizer.for(:sign_in) { |user| user.permit(:username) }
|
75
114
|
|
76
|
-
|
115
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
116
|
+
|
117
|
+
assert_equal({ 'username' => 'jose' }, sanitized)
|
118
|
+
end
|
119
|
+
end
|
120
|
+
|
121
|
+
test 'removing multiple default parameters' do
|
122
|
+
assert_deprecated do
|
123
|
+
sanitizer = sanitizer('user' => { 'email' => 'jose', 'password' => 'invalid', 'remember_me' => '1' })
|
124
|
+
sanitizer.for(:sign_in).delete(:email)
|
125
|
+
sanitizer.for(:sign_in).delete(:password)
|
126
|
+
sanitized = sanitizer.sanitize(:sign_in)
|
77
127
|
|
78
|
-
|
128
|
+
assert_equal({ 'remember_me' => '1' }, sanitized)
|
79
129
|
end
|
80
130
|
end
|
81
131
|
end
|
@@ -1,11 +1,6 @@
|
|
1
1
|
class AdminsController < ApplicationController
|
2
|
-
|
2
|
+
before_action :authenticate_admin!
|
3
3
|
|
4
4
|
def index
|
5
5
|
end
|
6
|
-
|
7
|
-
def expire
|
8
|
-
admin_session['last_request_at'] = 31.minutes.ago.utc
|
9
|
-
render text: 'Admin will be expired on next request'
|
10
|
-
end
|
11
6
|
end
|
@@ -3,7 +3,10 @@
|
|
3
3
|
|
4
4
|
class ApplicationController < ActionController::Base
|
5
5
|
protect_from_forgery
|
6
|
-
|
7
|
-
|
6
|
+
before_action :current_user, unless: :devise_controller?
|
7
|
+
before_action :authenticate_user!, if: :devise_controller?
|
8
8
|
respond_to *Mime::SET.map(&:to_sym)
|
9
|
+
|
10
|
+
devise_group :commenter, contains: [:user, :admin]
|
9
11
|
end
|
12
|
+
|
@@ -0,0 +1,30 @@
|
|
1
|
+
class ApplicationWithFakeEngine < ApplicationController
|
2
|
+
private
|
3
|
+
|
4
|
+
helper_method :fake_engine
|
5
|
+
def fake_engine
|
6
|
+
@fake_engine ||= FakeEngine.new
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
class FakeEngine
|
11
|
+
def user_on_engine_confirmation_path
|
12
|
+
'/user_on_engine/confirmation'
|
13
|
+
end
|
14
|
+
|
15
|
+
def new_user_on_engine_session_path
|
16
|
+
'/user_on_engine/confirmation/new'
|
17
|
+
end
|
18
|
+
|
19
|
+
def new_user_on_engine_registration_path
|
20
|
+
'/user_on_engine/registration/new'
|
21
|
+
end
|
22
|
+
|
23
|
+
def new_user_on_engine_password_path
|
24
|
+
'/user_on_engine/password/new'
|
25
|
+
end
|
26
|
+
|
27
|
+
def new_user_on_engine_unlock_path
|
28
|
+
'/user_on_engine/unlock/new'
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
class Custom::RegistrationsController < Devise::RegistrationsController
|
2
|
+
def new
|
3
|
+
super do |resource|
|
4
|
+
@new_block_called = true
|
5
|
+
end
|
6
|
+
end
|
7
|
+
|
8
|
+
def create
|
9
|
+
super do |resource|
|
10
|
+
@create_block_called = true
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
def update
|
15
|
+
super do |resource|
|
16
|
+
@update_block_called = true
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
def create_block_called?
|
21
|
+
@create_block_called == true
|
22
|
+
end
|
23
|
+
|
24
|
+
def update_block_called?
|
25
|
+
@update_block_called == true
|
26
|
+
end
|
27
|
+
|
28
|
+
def new_block_called?
|
29
|
+
@new_block_called == true
|
30
|
+
end
|
31
|
+
end
|
@@ -20,6 +20,10 @@ class HomeController < ApplicationController
|
|
20
20
|
end
|
21
21
|
|
22
22
|
def unauthenticated
|
23
|
-
|
23
|
+
if Devise.rails5?
|
24
|
+
render body: "unauthenticated", status: :unauthorized
|
25
|
+
else
|
26
|
+
render text: "unauthenticated", status: :unauthorized
|
27
|
+
end
|
24
28
|
end
|
25
29
|
end
|
@@ -1,14 +1,14 @@
|
|
1
1
|
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
2
2
|
def facebook
|
3
|
-
data = env["omniauth.auth"]
|
3
|
+
data = request.respond_to?(:get_header) ? request.get_header("omniauth.auth") : env["omniauth.auth"]
|
4
4
|
session["devise.facebook_data"] = data["extra"]["user_hash"]
|
5
5
|
render json: data
|
6
6
|
end
|
7
7
|
|
8
8
|
def sign_in_facebook
|
9
|
-
user = User.
|
9
|
+
user = User.to_adapter.find_first(email: 'user@test.com')
|
10
10
|
user.remember_me = true
|
11
11
|
sign_in user
|
12
|
-
render
|
12
|
+
render (Devise.rails5? ? :body : :text) => ""
|
13
13
|
end
|
14
14
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
class UsersController < ApplicationController
|
2
|
-
|
3
|
-
|
2
|
+
prepend_before_action :current_user, only: :exhibit
|
3
|
+
before_action :authenticate_user!, except: [:accept, :exhibit]
|
4
4
|
respond_to :html, :xml
|
5
5
|
|
6
6
|
def index
|
@@ -9,11 +9,11 @@ class UsersController < ApplicationController
|
|
9
9
|
end
|
10
10
|
|
11
11
|
def edit_form
|
12
|
-
user_session['last_request_at'] = 31.minutes.ago.utc
|
12
|
+
user_session['last_request_at'] = params.fetch(:last_request_at, 31.minutes.ago.utc)
|
13
13
|
end
|
14
14
|
|
15
15
|
def update_form
|
16
|
-
render
|
16
|
+
render (Devise.rails5? ? :body : :text) => 'Update'
|
17
17
|
end
|
18
18
|
|
19
19
|
def accept
|
@@ -21,11 +21,11 @@ class UsersController < ApplicationController
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def exhibit
|
24
|
-
render
|
24
|
+
render (Devise.rails5? ? :body : :text) => current_user ? "User is authenticated" : "User is not authenticated"
|
25
25
|
end
|
26
26
|
|
27
27
|
def expire
|
28
28
|
user_session['last_request_at'] = 31.minutes.ago.utc
|
29
|
-
render
|
29
|
+
render (Devise.rails5? ? :body : :text) => 'User will be expired on next request'
|
30
30
|
end
|
31
31
|
end
|
@@ -1,12 +1,3 @@
|
|
1
1
|
class Users::Mailer < Devise::Mailer
|
2
2
|
default from: 'custom@example.com'
|
3
3
|
end
|
4
|
-
|
5
|
-
class Users::ReplyToMailer < Devise::Mailer
|
6
|
-
default from: 'custom@example.com'
|
7
|
-
default reply_to: 'custom_reply_to@example.com'
|
8
|
-
end
|
9
|
-
|
10
|
-
class Users::FromProcMailer < Devise::Mailer
|
11
|
-
default from: proc { 'custom@example.com' }
|
12
|
-
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'shared_user_without_omniauth'
|
2
|
+
|
3
|
+
class UserOnEngine
|
4
|
+
include Mongoid::Document
|
5
|
+
include Shim
|
6
|
+
include SharedUserWithoutOmniauth
|
7
|
+
|
8
|
+
field :username, type: String
|
9
|
+
field :facebook_token, type: String
|
10
|
+
|
11
|
+
## Database authenticatable
|
12
|
+
field :email, type: String, default: ""
|
13
|
+
field :encrypted_password, type: String, default: ""
|
14
|
+
|
15
|
+
## Recoverable
|
16
|
+
field :reset_password_token, type: String
|
17
|
+
field :reset_password_sent_at, type: Time
|
18
|
+
|
19
|
+
## Rememberable
|
20
|
+
field :remember_created_at, type: Time
|
21
|
+
|
22
|
+
## Trackable
|
23
|
+
field :sign_in_count, type: Integer, default: 0
|
24
|
+
field :current_sign_in_at, type: Time
|
25
|
+
field :last_sign_in_at, type: Time
|
26
|
+
field :current_sign_in_ip, type: String
|
27
|
+
field :last_sign_in_ip, type: String
|
28
|
+
|
29
|
+
## Confirmable
|
30
|
+
field :confirmation_token, type: String
|
31
|
+
field :confirmed_at, type: Time
|
32
|
+
field :confirmation_sent_at, type: Time
|
33
|
+
# field :unconfirmed_email, type: String # Only if using reconfirmable
|
34
|
+
|
35
|
+
## Lockable
|
36
|
+
field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
|
37
|
+
field :unlock_token, type: String # Only if unlock strategy is :email or :both
|
38
|
+
field :locked_at, type: Time
|
39
|
+
end
|
@@ -0,0 +1,39 @@
|
|
1
|
+
require 'shared_user_without_omniauth'
|
2
|
+
|
3
|
+
class UserOnMainApp
|
4
|
+
include Mongoid::Document
|
5
|
+
include Shim
|
6
|
+
include SharedUserWithoutOmniauth
|
7
|
+
|
8
|
+
field :username, type: String
|
9
|
+
field :facebook_token, type: String
|
10
|
+
|
11
|
+
## Database authenticatable
|
12
|
+
field :email, type: String, default: ""
|
13
|
+
field :encrypted_password, type: String, default: ""
|
14
|
+
|
15
|
+
## Recoverable
|
16
|
+
field :reset_password_token, type: String
|
17
|
+
field :reset_password_sent_at, type: Time
|
18
|
+
|
19
|
+
## Rememberable
|
20
|
+
field :remember_created_at, type: Time
|
21
|
+
|
22
|
+
## Trackable
|
23
|
+
field :sign_in_count, type: Integer, default: 0
|
24
|
+
field :current_sign_in_at, type: Time
|
25
|
+
field :last_sign_in_at, type: Time
|
26
|
+
field :current_sign_in_ip, type: String
|
27
|
+
field :last_sign_in_ip, type: String
|
28
|
+
|
29
|
+
## Confirmable
|
30
|
+
field :confirmation_token, type: String
|
31
|
+
field :confirmed_at, type: Time
|
32
|
+
field :confirmation_sent_at, type: Time
|
33
|
+
# field :unconfirmed_email, type: String # Only if using reconfirmable
|
34
|
+
|
35
|
+
## Lockable
|
36
|
+
field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
|
37
|
+
field :unlock_token, type: String # Only if unlock strategy is :email or :both
|
38
|
+
field :locked_at, type: Time
|
39
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require "shared_user_without_email"
|
2
|
+
|
3
|
+
class UserWithoutEmail
|
4
|
+
include Mongoid::Document
|
5
|
+
include Shim
|
6
|
+
include SharedUserWithoutEmail
|
7
|
+
|
8
|
+
field :username, type: String
|
9
|
+
field :facebook_token, type: String
|
10
|
+
|
11
|
+
## Database authenticatable
|
12
|
+
field :email, type: String, default: ""
|
13
|
+
field :encrypted_password, type: String, default: ""
|
14
|
+
|
15
|
+
## Recoverable
|
16
|
+
field :reset_password_token, type: String
|
17
|
+
field :reset_password_sent_at, type: Time
|
18
|
+
|
19
|
+
## Rememberable
|
20
|
+
field :remember_created_at, type: Time
|
21
|
+
|
22
|
+
## Trackable
|
23
|
+
field :sign_in_count, type: Integer, default: 0
|
24
|
+
field :current_sign_in_at, type: Time
|
25
|
+
field :last_sign_in_at, type: Time
|
26
|
+
field :current_sign_in_ip, type: String
|
27
|
+
field :last_sign_in_ip, type: String
|
28
|
+
|
29
|
+
## Lockable
|
30
|
+
field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
|
31
|
+
field :unlock_token, type: String # Only if unlock strategy is :email or :both
|
32
|
+
field :locked_at, type: Time
|
33
|
+
end
|
@@ -17,7 +17,7 @@ module RailsApp
|
|
17
17
|
class Application < Rails::Application
|
18
18
|
# Add additional load paths for your own custom dirs
|
19
19
|
config.autoload_paths.reject!{ |p| p =~ /\/app\/(\w+)$/ && !%w(controllers helpers mailers views).include?($1) }
|
20
|
-
config.autoload_paths += [
|
20
|
+
config.autoload_paths += ["#{config.root}/app/#{DEVISE_ORM}"]
|
21
21
|
|
22
22
|
# Configure generators values. Many other options are available, be sure to check the documentation.
|
23
23
|
# config.generators do |g|
|
@@ -28,9 +28,9 @@ module RailsApp
|
|
28
28
|
|
29
29
|
# Configure sensitive parameters which will be filtered from the log file.
|
30
30
|
config.filter_parameters << :password
|
31
|
-
config.assets.enabled = false
|
31
|
+
# config.assets.enabled = false
|
32
32
|
|
33
|
-
config.action_mailer.default_url_options = { host: "localhost:3000
|
33
|
+
config.action_mailer.default_url_options = { host: "localhost", port: 3000 }
|
34
34
|
|
35
35
|
# This was used to break devise in some situations
|
36
36
|
config.to_prepare do
|
@@ -3,12 +3,12 @@ unless defined?(DEVISE_ORM)
|
|
3
3
|
end
|
4
4
|
|
5
5
|
module Devise
|
6
|
-
# Detection for minor differences between Rails
|
7
|
-
def self.
|
8
|
-
Rails.version.start_with? '
|
6
|
+
# Detection for minor differences between Rails 4 and 5 in tests.
|
7
|
+
def self.rails5?
|
8
|
+
Rails.version.start_with? '5'
|
9
9
|
end
|
10
10
|
end
|
11
11
|
|
12
12
|
# Set up gems listed in the Gemfile.
|
13
13
|
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
|
14
|
-
require 'bundler/setup' if File.
|
14
|
+
require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
|
@@ -20,7 +20,11 @@ RailsApp::Application.configure do
|
|
20
20
|
# config.action_dispatch.rack_cache = true
|
21
21
|
|
22
22
|
# Disable Rails's static asset server (Apache or nginx will already do this).
|
23
|
-
|
23
|
+
if Rails.version >= "4.2.0"
|
24
|
+
config.serve_static_files = false
|
25
|
+
else
|
26
|
+
config.serve_static_assets = false
|
27
|
+
end
|
24
28
|
|
25
29
|
# Compress JavaScripts and CSS.
|
26
30
|
config.assets.js_compressor = :uglifier
|
@@ -46,7 +50,7 @@ RailsApp::Application.configure do
|
|
46
50
|
config.log_level = :info
|
47
51
|
|
48
52
|
# Prepend all log lines with the following tags.
|
49
|
-
# config.log_tags = [
|
53
|
+
# config.log_tags = [:subdomain, :uuid]
|
50
54
|
|
51
55
|
# Use a different logger for distributed setups.
|
52
56
|
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
|
@@ -12,9 +12,19 @@ RailsApp::Application.configure do
|
|
12
12
|
# preloads Rails for running tests, you may have to set it to true.
|
13
13
|
config.eager_load = false
|
14
14
|
|
15
|
-
#
|
16
|
-
|
17
|
-
|
15
|
+
# Disable serving static files from the `/public` folder by default since
|
16
|
+
# Apache or NGINX already handles this.
|
17
|
+
if Rails.version >= "4.2.0"
|
18
|
+
config.serve_static_files = true
|
19
|
+
else
|
20
|
+
config.serve_static_assets = true
|
21
|
+
end
|
22
|
+
|
23
|
+
if Rails.version >= "5.0.0"
|
24
|
+
config.public_file_server.headers = {'Cache-Control' => 'public, max-age=3600'}
|
25
|
+
else
|
26
|
+
config.static_cache_control = "public, max-age=3600"
|
27
|
+
end
|
18
28
|
|
19
29
|
# Show full error reports and disable caching.
|
20
30
|
config.consider_all_requests_local = true
|