devise 4.7.0 → 4.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/CHANGELOG.md +6 -0
- data/config/locales/en.yml +1 -1
- data/lib/devise/models/confirmable.rb +12 -0
- data/lib/devise/version.rb +1 -1
- metadata +3 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 6dc5ab8b0dc2a902bcf6f66b156b87cdb5348a336f05fb8605b6db1d1f688bc5
|
4
|
+
data.tar.gz: 3be07eb3511c19857e9ddd2071b469833ac88d5c780c0a3c831c94523252663b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 599ee2531bd66335b49e7282d2af71be9e02594fc36733ec3c8f96110a256ee918e45a56c88640558b16e943a599881435cdd0dbaa2029636d830364cfbcfeb4
|
7
|
+
data.tar.gz: e785db9c81e1275f283896d604124067b67685bced32267a75f0205f39d98a0985d68d40933859e31196cd773ccf260841cf1663a4ee9dcaab9c397af2f1c1b2
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,11 @@
|
|
1
1
|
### Unreleased
|
2
2
|
|
3
|
+
### 4.7.1 - 2019-09-06
|
4
|
+
|
5
|
+
* bug fixes
|
6
|
+
* Fix an edge case where records with a blank `confirmation_token` could be confirmed (by @tegon)
|
7
|
+
* Fix typo inside `update_needs_confirmation` i18n key (by @lslm)
|
8
|
+
|
3
9
|
### 4.7.0 - 2019-08-19
|
4
10
|
|
5
11
|
* enhancements
|
data/config/locales/en.yml
CHANGED
@@ -42,7 +42,7 @@ en:
|
|
42
42
|
signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
|
43
43
|
signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
|
44
44
|
signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
|
45
|
-
update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the
|
45
|
+
update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
|
46
46
|
updated: "Your account has been updated successfully."
|
47
47
|
updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again"
|
48
48
|
sessions:
|
@@ -348,7 +348,19 @@ module Devise
|
|
348
348
|
# If the user is already confirmed, create an error for the user
|
349
349
|
# Options must have the confirmation_token
|
350
350
|
def confirm_by_token(confirmation_token)
|
351
|
+
# When the `confirmation_token` parameter is blank, if there are any users with a blank
|
352
|
+
# `confirmation_token` in the database, the first one would be confirmed here.
|
353
|
+
# The error is being manually added here to ensure no users are confirmed by mistake.
|
354
|
+
# This was done in the model for convenience, since validation errors are automatically
|
355
|
+
# displayed in the view.
|
356
|
+
if confirmation_token.blank?
|
357
|
+
confirmable = new
|
358
|
+
confirmable.errors.add(:confirmation_token, :blank)
|
359
|
+
return confirmable
|
360
|
+
end
|
361
|
+
|
351
362
|
confirmable = find_first_by_auth_conditions(confirmation_token: confirmation_token)
|
363
|
+
|
352
364
|
unless confirmable
|
353
365
|
confirmation_digest = Devise.token_generator.digest(self, :confirmation_token, confirmation_token)
|
354
366
|
confirmable = find_or_initialize_with_error_by(:confirmation_token, confirmation_digest)
|
data/lib/devise/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.7.
|
4
|
+
version: 4.7.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- José Valim
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2019-
|
12
|
+
date: 2019-09-06 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: warden
|
@@ -217,8 +217,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
217
217
|
- !ruby/object:Gem::Version
|
218
218
|
version: '0'
|
219
219
|
requirements: []
|
220
|
-
|
221
|
-
rubygems_version: 2.6.13
|
220
|
+
rubygems_version: 3.0.6
|
222
221
|
signing_key:
|
223
222
|
specification_version: 4
|
224
223
|
summary: Flexible authentication solution for Rails with Warden
|