devise 3.5.6 → 3.5.7

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of devise might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 170cbeb51f7e3662d509a920d0dd572ab30f1d8d
4
- data.tar.gz: 4b7d78a8f00a0de1dd1b76c89f6614196a8bcdaa
3
+ metadata.gz: cdd92a945c0610afa574e7ae8c2db8b6791b6fbf
4
+ data.tar.gz: 01f1cc5980cd635da0d87c42224e0e20e3bbd714
5
5
  SHA512:
6
- metadata.gz: 28952c389b36c41b41230825f0d24fba90b01a7cb7f9a944e047293338a46f9210e30d456a1e3e3959b813276953ee174887bf1b5511072515be3acd1c65d683
7
- data.tar.gz: 869c90b6a083ea0e8b60385bc1e1ecbf90469dac0468506b39ca2c96f6545532e3b58ac3310d01bf497c9ec5e8eb66ea7a7ff4715b5c46747edfecf7c332728f
6
+ metadata.gz: b3283d703d49ecabec08f82da2e19ddd7998cc551f7505bd87a72a9b32111eb093d1185446ae880fe2ad5ca6720d450de2bf954fcb6fb94eda8ef3efc2723da6
7
+ data.tar.gz: 6fb78ddd82071e22c7d2686a9a92f950fedc3f6b57b2fd2edadd048a878840d496a633be2f5aca9256657cce04e342993b147d3c5fac96f5ddbf18ed623b405f
@@ -1,3 +1,11 @@
1
+ ### Unreleased
2
+
3
+ ### 3.5.7 - 2016-04-18
4
+
5
+ * bug fixes
6
+ * Fix the `extend_remember_period` configuration. When set to `false` it does
7
+ not update the cookie expiration anymore.(by @ulissesalmeida)
8
+
1
9
  ### 3.5.6 - 2016-01-02
2
10
 
3
11
  * bug fixes
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- devise (3.5.6)
4
+ devise (3.5.7)
5
5
  bcrypt (~> 3.0)
6
6
  orm_adapter (~> 0.1)
7
7
  railties (>= 3.2.6, < 5)
@@ -48,7 +48,7 @@ GEM
48
48
  thread_safe (~> 0.3, >= 0.3.4)
49
49
  tzinfo (~> 1.1)
50
50
  arel (6.0.0)
51
- bcrypt (3.1.10)
51
+ bcrypt (3.1.11)
52
52
  bson (3.1.2)
53
53
  builder (3.2.2)
54
54
  connection_pool (2.2.0)
@@ -139,7 +139,7 @@ GEM
139
139
  thor (>= 0.18.1, < 2.0)
140
140
  rake (10.4.2)
141
141
  rdoc (4.2.0)
142
- responders (2.1.1)
142
+ responders (2.1.2)
143
143
  railties (>= 4.2.0, < 5.1)
144
144
  ruby-openid (2.7.0)
145
145
  sprockets (3.2.0)
@@ -116,7 +116,6 @@ module Devise
116
116
  mattr_accessor :remember_for
117
117
  @@remember_for = 2.weeks
118
118
 
119
- # TODO: extend_remember_period is no longer used
120
119
  # If true, extends the user's remember period when remembered via cookie.
121
120
  mattr_accessor :extend_remember_period
122
121
  @@extend_remember_period = false
@@ -39,7 +39,7 @@ module Devise
39
39
  module Rememberable
40
40
  extend ActiveSupport::Concern
41
41
 
42
- attr_accessor :remember_me, :extend_remember_period
42
+ attr_accessor :remember_me
43
43
 
44
44
  def self.required_fields(klass)
45
45
  [:remember_created_at]
@@ -71,6 +71,10 @@ module Devise
71
71
  self.class.remember_for.from_now
72
72
  end
73
73
 
74
+ def extend_remember_period
75
+ self.class.extend_remember_period
76
+ end
77
+
74
78
  def rememberable_value
75
79
  if respond_to?(:remember_token)
76
80
  remember_token
@@ -152,9 +156,6 @@ module Devise
152
156
  end
153
157
  end
154
158
 
155
- private
156
-
157
- # TODO: extend_remember_period is no longer used
158
159
  Devise::Models.config(self, :remember_for, :extend_remember_period, :rememberable_options, :expire_all_remember_me_on_sign_out)
159
160
  end
160
161
  end
@@ -25,8 +25,7 @@ module Devise
25
25
  end
26
26
 
27
27
  if validate(resource)
28
- remember_me(resource)
29
- extend_remember_me_period(resource)
28
+ remember_me(resource) if extend_remember_me?(resource)
30
29
  resource.after_remembered
31
30
  success!(resource)
32
31
  end
@@ -43,10 +42,8 @@ module Devise
43
42
 
44
43
  private
45
44
 
46
- def extend_remember_me_period(resource)
47
- if resource.respond_to?(:extend_remember_period=)
48
- resource.extend_remember_period = mapping.to.extend_remember_period
49
- end
45
+ def extend_remember_me?(resource)
46
+ resource.respond_to?(:extend_remember_period) && resource.extend_remember_period
50
47
  end
51
48
 
52
49
  def remember_me?
@@ -1,3 +1,3 @@
1
1
  module Devise
2
- VERSION = "3.5.6".freeze
2
+ VERSION = "3.5.7".freeze
3
3
  end
@@ -92,7 +92,6 @@ class RememberMeTest < ActionDispatch::IntegrationTest
92
92
  assert_response :success
93
93
  assert warden.authenticated?(:user)
94
94
  assert warden.user(:user) == user
95
- assert_match /remember_user_token[^\n]*HttpOnly/, response.headers["Set-Cookie"], "Expected Set-Cookie header in response to set HttpOnly flag on remember_user_token cookie."
96
95
  end
97
96
 
98
97
  test 'remember the user before sign up and redirect them to their home' do
@@ -118,6 +117,40 @@ class RememberMeTest < ActionDispatch::IntegrationTest
118
117
  end
119
118
  end
120
119
 
120
+ test 'extends remember period when extend remember period config is true' do
121
+ swap Devise, extend_remember_period: true, remember_for: 1.year do
122
+ user = create_user_and_remember
123
+ old_remember_token = nil
124
+
125
+ travel_to 1.day.ago do
126
+ get root_path
127
+ old_remember_token = request.cookies['remember_user_token']
128
+ end
129
+
130
+ get root_path
131
+ current_remember_token = request.cookies['remember_user_token']
132
+
133
+ refute_equal old_remember_token, current_remember_token
134
+ end
135
+ end
136
+
137
+ test 'does not extend remember period when extend period config is false' do
138
+ swap Devise, extend_remember_period: false, remember_for: 1.year do
139
+ user = create_user_and_remember
140
+ old_remember_token = nil
141
+
142
+ travel_to 1.day.ago do
143
+ get root_path
144
+ old_remember_token = request.cookies['remember_user_token']
145
+ end
146
+
147
+ get root_path
148
+ current_remember_token = request.cookies['remember_user_token']
149
+
150
+ assert_equal old_remember_token, current_remember_token
151
+ end
152
+ end
153
+
121
154
  test 'do not remember other scopes' do
122
155
  create_user_and_remember
123
156
  get root_path
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.5.6
4
+ version: 3.5.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - José Valim
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-02-01 00:00:00.000000000 Z
12
+ date: 2016-04-18 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: warden