devise 3.2.4 → 4.7.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (235) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +259 -994
  3. data/MIT-LICENSE +1 -1
  4. data/README.md +336 -99
  5. data/app/controllers/devise/confirmations_controller.rb +9 -3
  6. data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
  7. data/app/controllers/devise/passwords_controller.rb +19 -6
  8. data/app/controllers/devise/registrations_controller.rb +55 -22
  9. data/app/controllers/devise/sessions_controller.rb +44 -14
  10. data/app/controllers/devise/unlocks_controller.rb +7 -2
  11. data/app/controllers/devise_controller.rb +65 -29
  12. data/app/helpers/devise_helper.rb +12 -19
  13. data/app/mailers/devise/mailer.rb +10 -0
  14. data/app/views/devise/confirmations/new.html.erb +8 -4
  15. data/app/views/devise/mailer/email_changed.html.erb +7 -0
  16. data/app/views/devise/mailer/password_change.html.erb +3 -0
  17. data/app/views/devise/passwords/edit.html.erb +15 -6
  18. data/app/views/devise/passwords/new.html.erb +8 -4
  19. data/app/views/devise/registrations/edit.html.erb +27 -13
  20. data/app/views/devise/registrations/new.html.erb +19 -8
  21. data/app/views/devise/sessions/new.html.erb +18 -9
  22. data/app/views/devise/shared/_error_messages.html.erb +15 -0
  23. data/app/views/devise/shared/{_links.erb → _links.html.erb} +9 -9
  24. data/app/views/devise/unlocks/new.html.erb +8 -4
  25. data/config/locales/en.yml +22 -16
  26. data/lib/devise/controllers/helpers.rb +109 -29
  27. data/lib/devise/controllers/rememberable.rb +12 -3
  28. data/lib/devise/controllers/scoped_views.rb +2 -0
  29. data/lib/devise/controllers/sign_in_out.rb +36 -20
  30. data/lib/devise/controllers/store_location.rb +31 -5
  31. data/lib/devise/controllers/url_helpers.rb +9 -7
  32. data/lib/devise/delegator.rb +2 -0
  33. data/lib/devise/encryptor.rb +24 -0
  34. data/lib/devise/failure_app.rb +116 -36
  35. data/lib/devise/hooks/activatable.rb +5 -4
  36. data/lib/devise/hooks/csrf_cleaner.rb +5 -1
  37. data/lib/devise/hooks/forgetable.rb +2 -0
  38. data/lib/devise/hooks/lockable.rb +6 -1
  39. data/lib/devise/hooks/proxy.rb +3 -1
  40. data/lib/devise/hooks/rememberable.rb +2 -0
  41. data/lib/devise/hooks/timeoutable.rb +15 -8
  42. data/lib/devise/hooks/trackable.rb +2 -0
  43. data/lib/devise/mailers/helpers.rb +7 -4
  44. data/lib/devise/mapping.rb +8 -2
  45. data/lib/devise/models/authenticatable.rb +76 -51
  46. data/lib/devise/models/confirmable.rb +129 -34
  47. data/lib/devise/models/database_authenticatable.rb +107 -30
  48. data/lib/devise/models/lockable.rb +19 -9
  49. data/lib/devise/models/omniauthable.rb +2 -0
  50. data/lib/devise/models/recoverable.rb +62 -26
  51. data/lib/devise/models/registerable.rb +4 -0
  52. data/lib/devise/models/rememberable.rb +58 -29
  53. data/lib/devise/models/timeoutable.rb +2 -6
  54. data/lib/devise/models/trackable.rb +20 -4
  55. data/lib/devise/models/validatable.rb +12 -5
  56. data/lib/devise/models.rb +3 -1
  57. data/lib/devise/modules.rb +2 -0
  58. data/lib/devise/omniauth/config.rb +2 -0
  59. data/lib/devise/omniauth/url_helpers.rb +14 -5
  60. data/lib/devise/omniauth.rb +2 -0
  61. data/lib/devise/orm/active_record.rb +5 -1
  62. data/lib/devise/orm/mongoid.rb +6 -2
  63. data/lib/devise/parameter_filter.rb +4 -0
  64. data/lib/devise/parameter_sanitizer.rb +139 -65
  65. data/lib/devise/rails/routes.rb +80 -61
  66. data/lib/devise/rails/warden_compat.rb +3 -10
  67. data/lib/devise/rails.rb +8 -17
  68. data/lib/devise/secret_key_finder.rb +27 -0
  69. data/lib/devise/strategies/authenticatable.rb +18 -7
  70. data/lib/devise/strategies/base.rb +2 -0
  71. data/lib/devise/strategies/database_authenticatable.rb +13 -5
  72. data/lib/devise/strategies/rememberable.rb +15 -3
  73. data/lib/devise/test/controller_helpers.rb +165 -0
  74. data/lib/devise/test/integration_helpers.rb +63 -0
  75. data/lib/devise/test_helpers.rb +7 -124
  76. data/lib/devise/time_inflector.rb +2 -0
  77. data/lib/devise/token_generator.rb +3 -41
  78. data/lib/devise/version.rb +3 -1
  79. data/lib/devise.rb +106 -79
  80. data/lib/generators/active_record/devise_generator.rb +44 -7
  81. data/lib/generators/active_record/templates/migration.rb +5 -3
  82. data/lib/generators/active_record/templates/migration_existing.rb +5 -3
  83. data/lib/generators/devise/controllers_generator.rb +46 -0
  84. data/lib/generators/devise/devise_generator.rb +4 -2
  85. data/lib/generators/devise/install_generator.rb +17 -0
  86. data/lib/generators/devise/orm_helpers.rb +10 -21
  87. data/lib/generators/devise/views_generator.rb +21 -11
  88. data/lib/generators/mongoid/devise_generator.rb +7 -5
  89. data/lib/generators/templates/README +2 -9
  90. data/lib/generators/templates/controllers/README +14 -0
  91. data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
  92. data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
  93. data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
  94. data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
  95. data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
  96. data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
  97. data/lib/generators/templates/devise.rb +69 -30
  98. data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
  99. data/lib/generators/templates/markerb/email_changed.markerb +7 -0
  100. data/lib/generators/templates/markerb/password_change.markerb +3 -0
  101. data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
  102. data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
  103. data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +5 -1
  104. data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +10 -2
  105. data/lib/generators/templates/simple_form_for/passwords/new.html.erb +4 -1
  106. data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -3
  107. data/lib/generators/templates/simple_form_for/registrations/new.html.erb +11 -3
  108. data/lib/generators/templates/simple_form_for/sessions/new.html.erb +9 -4
  109. data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +4 -1
  110. metadata +31 -259
  111. data/.gitignore +0 -11
  112. data/.travis.yml +0 -28
  113. data/.yardopts +0 -9
  114. data/CONTRIBUTING.md +0 -14
  115. data/Gemfile +0 -29
  116. data/Gemfile.lock +0 -160
  117. data/Rakefile +0 -35
  118. data/devise.gemspec +0 -27
  119. data/devise.png +0 -0
  120. data/gemfiles/Gemfile.rails-3.2-stable +0 -29
  121. data/gemfiles/Gemfile.rails-4.0-stable +0 -29
  122. data/gemfiles/Gemfile.rails-head +0 -29
  123. data/test/controllers/custom_strategy_test.rb +0 -62
  124. data/test/controllers/helpers_test.rb +0 -276
  125. data/test/controllers/internal_helpers_test.rb +0 -123
  126. data/test/controllers/passwords_controller_test.rb +0 -31
  127. data/test/controllers/sessions_controller_test.rb +0 -103
  128. data/test/controllers/url_helpers_test.rb +0 -59
  129. data/test/delegator_test.rb +0 -19
  130. data/test/devise_test.rb +0 -94
  131. data/test/failure_app_test.rb +0 -232
  132. data/test/generators/active_record_generator_test.rb +0 -103
  133. data/test/generators/devise_generator_test.rb +0 -39
  134. data/test/generators/install_generator_test.rb +0 -13
  135. data/test/generators/mongoid_generator_test.rb +0 -23
  136. data/test/generators/views_generator_test.rb +0 -96
  137. data/test/helpers/devise_helper_test.rb +0 -51
  138. data/test/integration/authenticatable_test.rb +0 -713
  139. data/test/integration/confirmable_test.rb +0 -284
  140. data/test/integration/database_authenticatable_test.rb +0 -84
  141. data/test/integration/http_authenticatable_test.rb +0 -105
  142. data/test/integration/lockable_test.rb +0 -239
  143. data/test/integration/omniauthable_test.rb +0 -133
  144. data/test/integration/recoverable_test.rb +0 -334
  145. data/test/integration/registerable_test.rb +0 -349
  146. data/test/integration/rememberable_test.rb +0 -167
  147. data/test/integration/timeoutable_test.rb +0 -183
  148. data/test/integration/trackable_test.rb +0 -92
  149. data/test/mailers/confirmation_instructions_test.rb +0 -115
  150. data/test/mailers/reset_password_instructions_test.rb +0 -96
  151. data/test/mailers/unlock_instructions_test.rb +0 -91
  152. data/test/mapping_test.rb +0 -127
  153. data/test/models/authenticatable_test.rb +0 -13
  154. data/test/models/confirmable_test.rb +0 -454
  155. data/test/models/database_authenticatable_test.rb +0 -249
  156. data/test/models/lockable_test.rb +0 -316
  157. data/test/models/omniauthable_test.rb +0 -7
  158. data/test/models/recoverable_test.rb +0 -184
  159. data/test/models/registerable_test.rb +0 -7
  160. data/test/models/rememberable_test.rb +0 -183
  161. data/test/models/serializable_test.rb +0 -49
  162. data/test/models/timeoutable_test.rb +0 -51
  163. data/test/models/trackable_test.rb +0 -13
  164. data/test/models/validatable_test.rb +0 -127
  165. data/test/models_test.rb +0 -144
  166. data/test/omniauth/config_test.rb +0 -57
  167. data/test/omniauth/url_helpers_test.rb +0 -54
  168. data/test/orm/active_record.rb +0 -10
  169. data/test/orm/mongoid.rb +0 -13
  170. data/test/parameter_sanitizer_test.rb +0 -81
  171. data/test/rails_app/Rakefile +0 -6
  172. data/test/rails_app/app/active_record/admin.rb +0 -6
  173. data/test/rails_app/app/active_record/shim.rb +0 -2
  174. data/test/rails_app/app/active_record/user.rb +0 -6
  175. data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
  176. data/test/rails_app/app/controllers/admins_controller.rb +0 -11
  177. data/test/rails_app/app/controllers/application_controller.rb +0 -9
  178. data/test/rails_app/app/controllers/home_controller.rb +0 -25
  179. data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
  180. data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
  181. data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
  182. data/test/rails_app/app/controllers/users_controller.rb +0 -31
  183. data/test/rails_app/app/helpers/application_helper.rb +0 -3
  184. data/test/rails_app/app/mailers/users/mailer.rb +0 -12
  185. data/test/rails_app/app/mongoid/admin.rb +0 -29
  186. data/test/rails_app/app/mongoid/shim.rb +0 -23
  187. data/test/rails_app/app/mongoid/user.rb +0 -39
  188. data/test/rails_app/app/views/admins/index.html.erb +0 -1
  189. data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
  190. data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
  191. data/test/rails_app/app/views/home/index.html.erb +0 -1
  192. data/test/rails_app/app/views/home/join.html.erb +0 -1
  193. data/test/rails_app/app/views/home/private.html.erb +0 -1
  194. data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
  195. data/test/rails_app/app/views/layouts/application.html.erb +0 -24
  196. data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
  197. data/test/rails_app/app/views/users/index.html.erb +0 -1
  198. data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
  199. data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
  200. data/test/rails_app/bin/bundle +0 -3
  201. data/test/rails_app/bin/rails +0 -4
  202. data/test/rails_app/bin/rake +0 -4
  203. data/test/rails_app/config/application.rb +0 -40
  204. data/test/rails_app/config/boot.rb +0 -14
  205. data/test/rails_app/config/database.yml +0 -18
  206. data/test/rails_app/config/environment.rb +0 -5
  207. data/test/rails_app/config/environments/development.rb +0 -30
  208. data/test/rails_app/config/environments/production.rb +0 -80
  209. data/test/rails_app/config/environments/test.rb +0 -36
  210. data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
  211. data/test/rails_app/config/initializers/devise.rb +0 -181
  212. data/test/rails_app/config/initializers/inflections.rb +0 -2
  213. data/test/rails_app/config/initializers/secret_token.rb +0 -8
  214. data/test/rails_app/config/initializers/session_store.rb +0 -1
  215. data/test/rails_app/config/routes.rb +0 -105
  216. data/test/rails_app/config.ru +0 -4
  217. data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
  218. data/test/rails_app/db/schema.rb +0 -55
  219. data/test/rails_app/lib/shared_admin.rb +0 -17
  220. data/test/rails_app/lib/shared_user.rb +0 -29
  221. data/test/rails_app/public/404.html +0 -26
  222. data/test/rails_app/public/422.html +0 -26
  223. data/test/rails_app/public/500.html +0 -26
  224. data/test/rails_app/public/favicon.ico +0 -0
  225. data/test/routes_test.rb +0 -262
  226. data/test/support/action_controller/record_identifier.rb +0 -10
  227. data/test/support/assertions.rb +0 -40
  228. data/test/support/helpers.rb +0 -70
  229. data/test/support/integration.rb +0 -92
  230. data/test/support/locale/en.yml +0 -8
  231. data/test/support/mongoid.yml +0 -6
  232. data/test/support/webrat/integrations/rails.rb +0 -24
  233. data/test/test_helper.rb +0 -27
  234. data/test/test_helpers_test.rb +0 -173
  235. data/test/test_models.rb +0 -33
@@ -1,6 +0,0 @@
1
- test:
2
- sessions:
3
- default:
4
- database: devise-test-suite
5
- hosts:
6
- - localhost:<%= ENV['MONGODB_PORT'] || '27017' %>
@@ -1,24 +0,0 @@
1
- require 'webrat/core/elements/form'
2
- require 'action_dispatch/testing/integration'
3
-
4
- module Webrat
5
- Form.class_eval do
6
- def self.parse_rails_request_params(params)
7
- Rack::Utils.parse_nested_query(params)
8
- end
9
- end
10
-
11
- module Logging
12
- # Avoid RAILS_DEFAULT_LOGGER deprecation warning
13
- def logger # :nodoc:
14
- ::Rails.logger
15
- end
16
- end
17
- end
18
-
19
- module ActionDispatch #:nodoc:
20
- IntegrationTest.class_eval do
21
- include Webrat::Methods
22
- include Webrat::Matchers
23
- end
24
- end
data/test/test_helper.rb DELETED
@@ -1,27 +0,0 @@
1
- ENV["RAILS_ENV"] = "test"
2
- DEVISE_ORM = (ENV["DEVISE_ORM"] || :active_record).to_sym
3
-
4
- $:.unshift File.dirname(__FILE__)
5
- puts "\n==> Devise.orm = #{DEVISE_ORM.inspect}"
6
-
7
- require "rails_app/config/environment"
8
- require "rails/test_help"
9
- require "orm/#{DEVISE_ORM}"
10
-
11
- I18n.load_path << File.expand_path("../support/locale/en.yml", __FILE__)
12
-
13
- require 'mocha/setup'
14
- require 'webrat'
15
- Webrat.configure do |config|
16
- config.mode = :rails
17
- config.open_error_files = false
18
- end
19
-
20
- # Add support to load paths so we can overwrite broken webrat setup
21
- $:.unshift File.expand_path('../support', __FILE__)
22
- Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
23
-
24
- # For generators
25
- require "rails/generators/test_case"
26
- require "generators/devise/install_generator"
27
- require "generators/devise/views_generator"
@@ -1,173 +0,0 @@
1
- require 'test_helper'
2
-
3
- class TestHelpersTest < ActionController::TestCase
4
- tests UsersController
5
- include Devise::TestHelpers
6
-
7
- class CustomFailureApp < Devise::FailureApp
8
- def redirect
9
- self.status = 306
10
- end
11
- end
12
-
13
- test "redirects if attempting to access a page unauthenticated" do
14
- get :index
15
- assert_redirected_to new_user_session_path
16
- assert_equal "You need to sign in or sign up before continuing.", flash[:alert]
17
- end
18
-
19
- test "redirects if attempting to access a page with an unconfirmed account" do
20
- swap Devise, allow_unconfirmed_access_for: 0.days do
21
- user = create_user
22
- assert !user.active_for_authentication?
23
-
24
- sign_in user
25
- get :index
26
- assert_redirected_to new_user_session_path
27
- end
28
- end
29
-
30
- test "returns nil if accessing current_user with an unconfirmed account" do
31
- swap Devise, allow_unconfirmed_access_for: 0.days do
32
- user = create_user
33
- assert !user.active_for_authentication?
34
-
35
- sign_in user
36
- get :accept, id: user
37
- assert_nil assigns(:current_user)
38
- end
39
- end
40
-
41
- test "does not redirect with valid user" do
42
- user = create_user
43
- user.confirm!
44
-
45
- sign_in user
46
- get :index
47
- assert_response :success
48
- end
49
-
50
- test "does not redirect with valid user after failed first attempt" do
51
- get :index
52
- assert_response :redirect
53
-
54
- user = create_user
55
- user.confirm!
56
-
57
- sign_in user
58
- get :index
59
- assert_response :success
60
- end
61
-
62
- test "redirects if valid user signed out" do
63
- user = create_user
64
- user.confirm!
65
-
66
- sign_in user
67
- get :index
68
-
69
- sign_out user
70
- get :index
71
- assert_redirected_to new_user_session_path
72
- end
73
-
74
- test "respects custom failure app" do
75
- begin
76
- Devise.warden_config.failure_app = CustomFailureApp
77
- get :index
78
- assert_response 306
79
- ensure
80
- Devise.warden_config.failure_app = Devise::FailureApp
81
- end
82
- end
83
-
84
- test "returns the body of a failure app" do
85
- get :index
86
- assert_equal response.body, "<html><body>You are being <a href=\"http://test.host/users/sign_in\">redirected</a>.</body></html>"
87
- end
88
-
89
- test "defined Warden after_authentication callback should not be called when sign_in is called" do
90
- begin
91
- Warden::Manager.after_authentication do |user, auth, opts|
92
- flunk "callback was called while it should not"
93
- end
94
-
95
- user = create_user
96
- user.confirm!
97
- sign_in user
98
- ensure
99
- Warden::Manager._after_set_user.pop
100
- end
101
- end
102
-
103
- test "defined Warden before_logout callback should not be called when sign_out is called" do
104
- begin
105
- Warden::Manager.before_logout do |user, auth, opts|
106
- flunk "callback was called while it should not"
107
- end
108
- user = create_user
109
- user.confirm!
110
-
111
- sign_in user
112
- sign_out user
113
- ensure
114
- Warden::Manager._before_logout.pop
115
- end
116
- end
117
-
118
- test "before_failure call should work" do
119
- begin
120
- executed = false
121
- Warden::Manager.before_failure do |env,opts|
122
- executed = true
123
- end
124
-
125
- user = create_user
126
- sign_in user
127
-
128
- get :index
129
- assert executed
130
- ensure
131
- Warden::Manager._before_failure.pop
132
- end
133
- end
134
-
135
- test "allows to sign in with different users" do
136
- first_user = create_user
137
- first_user.confirm!
138
-
139
- sign_in first_user
140
- get :index
141
- assert_match /User ##{first_user.id}/, @response.body
142
- sign_out first_user
143
-
144
- second_user = create_user
145
- second_user.confirm!
146
-
147
- sign_in second_user
148
- get :index
149
- assert_match /User ##{second_user.id}/, @response.body
150
- end
151
-
152
-
153
- test "passes given headers from the failure app to the response" do
154
-
155
- begin
156
- old_failure_app = Devise.warden_config[:failure_app]
157
- class CustomTestFailureApp < Devise::FailureApp
158
- def respond
159
- self.status = 401
160
- self.response.headers["CUSTOMHEADER"] = 1
161
- end
162
- end
163
- Devise.warden_config[:failure_app] = CustomTestFailureApp
164
- user = create_user
165
- sign_in user
166
- get :index
167
- assert_equal 1, @response.headers["CUSTOMHEADER"]
168
- ensure
169
- Devise.warden_config[:failure_app] = old_failure_app
170
- end
171
- end
172
-
173
- end
data/test/test_models.rb DELETED
@@ -1,33 +0,0 @@
1
- class Configurable < User
2
- devise :database_authenticatable, :confirmable, :rememberable, :timeoutable, :lockable,
3
- stretches: 15, pepper: 'abcdef', allow_unconfirmed_access_for: 5.days,
4
- remember_for: 7.days, timeout_in: 15.minutes, unlock_in: 10.days
5
- end
6
-
7
- class WithValidation < Admin
8
- devise :database_authenticatable, :validatable, password_length: 2..6
9
- end
10
-
11
- class UserWithValidation < User
12
- validates_presence_of :username
13
- end
14
-
15
- class UserWithCustomEncryption < User
16
- protected
17
- def password_digest(password)
18
- password.reverse
19
- end
20
- end
21
-
22
- class UserWithVirtualAttributes < User
23
- devise case_insensitive_keys: [ :email, :email_confirmation ]
24
- validates :email, presence: true, confirmation: {on: :create}
25
- end
26
-
27
- class Several < Admin
28
- devise :validatable
29
- devise :lockable
30
- end
31
-
32
- class Inheritable < Admin
33
- end