devise 4.7.1 → 4.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +80 -3
  3. data/MIT-LICENSE +2 -1
  4. data/README.md +100 -65
  5. data/app/controllers/devise/confirmations_controller.rb +1 -0
  6. data/app/controllers/devise/passwords_controller.rb +2 -2
  7. data/app/controllers/devise/registrations_controller.rb +1 -1
  8. data/app/controllers/devise/sessions_controller.rb +1 -1
  9. data/app/controllers/devise/unlocks_controller.rb +1 -0
  10. data/app/controllers/devise_controller.rb +3 -2
  11. data/app/helpers/devise_helper.rb +18 -6
  12. data/app/mailers/devise/mailer.rb +5 -5
  13. data/app/views/devise/registrations/edit.html.erb +1 -1
  14. data/app/views/devise/shared/_error_messages.html.erb +1 -1
  15. data/app/views/devise/shared/_links.html.erb +1 -1
  16. data/config/locales/en.yml +2 -2
  17. data/lib/devise/controllers/helpers.rb +7 -7
  18. data/lib/devise/controllers/responder.rb +35 -0
  19. data/lib/devise/controllers/sign_in_out.rb +6 -4
  20. data/lib/devise/controllers/url_helpers.rb +1 -1
  21. data/lib/devise/failure_app.rb +8 -5
  22. data/lib/devise/hooks/csrf_cleaner.rb +6 -1
  23. data/lib/devise/hooks/lockable.rb +2 -5
  24. data/lib/devise/hooks/timeoutable.rb +2 -2
  25. data/lib/devise/mapping.rb +1 -1
  26. data/lib/devise/models/authenticatable.rb +13 -8
  27. data/lib/devise/models/confirmable.rb +18 -39
  28. data/lib/devise/models/database_authenticatable.rb +14 -29
  29. data/lib/devise/models/lockable.rb +11 -3
  30. data/lib/devise/models/omniauthable.rb +2 -2
  31. data/lib/devise/models/recoverable.rb +8 -19
  32. data/lib/devise/models/rememberable.rb +2 -2
  33. data/lib/devise/models/timeoutable.rb +1 -1
  34. data/lib/devise/models/trackable.rb +1 -1
  35. data/lib/devise/models/validatable.rb +4 -9
  36. data/lib/devise/models.rb +1 -0
  37. data/lib/devise/omniauth.rb +2 -5
  38. data/lib/devise/orm.rb +71 -0
  39. data/lib/devise/rails/deprecated_constant_accessor.rb +39 -0
  40. data/lib/devise/rails/routes.rb +4 -4
  41. data/lib/devise/test/controller_helpers.rb +3 -1
  42. data/lib/devise/test/integration_helpers.rb +1 -1
  43. data/lib/devise/version.rb +1 -1
  44. data/lib/devise.rb +31 -12
  45. data/lib/generators/active_record/devise_generator.rb +17 -2
  46. data/lib/generators/devise/devise_generator.rb +1 -1
  47. data/lib/generators/devise/install_generator.rb +1 -5
  48. data/lib/generators/devise/views_generator.rb +1 -1
  49. data/lib/generators/templates/README +9 -1
  50. data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +1 -1
  51. data/lib/generators/templates/devise.rb +25 -11
  52. data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +1 -1
  53. metadata +21 -9
@@ -7,7 +7,7 @@ module Devise
7
7
  #
8
8
  # ==Options
9
9
  #
10
- # Recoverable adds the following options to devise_for:
10
+ # Recoverable adds the following options to +devise+:
11
11
  #
12
12
  # * +reset_password_keys+: the keys you want to use when recovering the password for an account
13
13
  # * +reset_password_within+: the time period within which the password must be reset or the token expires.
@@ -99,24 +99,13 @@ module Devise
99
99
  send_devise_notification(:reset_password_instructions, token, {})
100
100
  end
101
101
 
102
- if Devise.activerecord51?
103
- def clear_reset_password_token?
104
- encrypted_password_changed = respond_to?(:will_save_change_to_encrypted_password?) && will_save_change_to_encrypted_password?
105
- authentication_keys_changed = self.class.authentication_keys.any? do |attribute|
106
- respond_to?("will_save_change_to_#{attribute}?") && send("will_save_change_to_#{attribute}?")
107
- end
108
-
109
- authentication_keys_changed || encrypted_password_changed
102
+ def clear_reset_password_token?
103
+ encrypted_password_changed = devise_respond_to_and_will_save_change_to_attribute?(:encrypted_password)
104
+ authentication_keys_changed = self.class.authentication_keys.any? do |attribute|
105
+ devise_respond_to_and_will_save_change_to_attribute?(attribute)
110
106
  end
111
- else
112
- def clear_reset_password_token?
113
- encrypted_password_changed = respond_to?(:encrypted_password_changed?) && encrypted_password_changed?
114
- authentication_keys_changed = self.class.authentication_keys.any? do |attribute|
115
- respond_to?("#{attribute}_changed?") && send("#{attribute}_changed?")
116
- end
117
107
 
118
- authentication_keys_changed || encrypted_password_changed
119
- end
108
+ authentication_keys_changed || encrypted_password_changed
120
109
  end
121
110
 
122
111
  module ClassMethods
@@ -131,7 +120,7 @@ module Devise
131
120
  # password instructions to it. If user is not found, returns a new user
132
121
  # with an email not found error.
133
122
  # Attributes must contain the user's email
134
- def send_reset_password_instructions(attributes={})
123
+ def send_reset_password_instructions(attributes = {})
135
124
  recoverable = find_or_initialize_with_errors(reset_password_keys, attributes, :not_found)
136
125
  recoverable.send_reset_password_instructions if recoverable.persisted?
137
126
  recoverable
@@ -142,7 +131,7 @@ module Devise
142
131
  # try saving the record. If not user is found, returns a new user
143
132
  # containing an error in reset_password_token attribute.
144
133
  # Attributes must contain reset_password_token, password and confirmation
145
- def reset_password_by_token(attributes={})
134
+ def reset_password_by_token(attributes = {})
146
135
  original_token = attributes[:reset_password_token]
147
136
  reset_password_token = Devise.token_generator.digest(self, :reset_password_token, original_token)
148
137
 
@@ -15,7 +15,7 @@ module Devise
15
15
  #
16
16
  # == Options
17
17
  #
18
- # Rememberable adds the following options in devise_for:
18
+ # Rememberable adds the following options to +devise+:
19
19
  #
20
20
  # * +remember_for+: the time you want the user will be remembered without
21
21
  # asking for credentials. After this time the user will be blocked and
@@ -102,7 +102,7 @@ module Devise
102
102
 
103
103
  def remember_me?(token, generated_at)
104
104
  # TODO: Normalize the JSON type coercion along with the Timeoutable hook
105
- # in a single place https://github.com/plataformatec/devise/blob/ffe9d6d406e79108cf32a2c6a1d0b3828849c40b/lib/devise/hooks/timeoutable.rb#L14-L18
105
+ # in a single place https://github.com/heartcombo/devise/blob/ffe9d6d406e79108cf32a2c6a1d0b3828849c40b/lib/devise/hooks/timeoutable.rb#L14-L18
106
106
  if generated_at.is_a?(String)
107
107
  generated_at = time_from_json(generated_at)
108
108
  end
@@ -11,7 +11,7 @@ module Devise
11
11
  #
12
12
  # == Options
13
13
  #
14
- # Timeoutable adds the following options to devise_for:
14
+ # Timeoutable adds the following options to +devise+:
15
15
  #
16
16
  # * +timeout_in+: the interval to timeout the user session without activity.
17
17
  #
@@ -33,7 +33,7 @@ module Devise
33
33
  def update_tracked_fields!(request)
34
34
  # We have to check if the user is already persisted before running
35
35
  # `save` here because invalid users can be saved if we don't.
36
- # See https://github.com/plataformatec/devise/issues/4673 for more details.
36
+ # See https://github.com/heartcombo/devise/issues/4673 for more details.
37
37
  return if new_record?
38
38
 
39
39
  update_tracked_fields(request)
@@ -9,7 +9,7 @@ module Devise
9
9
  #
10
10
  # == Options
11
11
  #
12
- # Validatable adds the following options to devise_for:
12
+ # Validatable adds the following options to +devise+:
13
13
  #
14
14
  # * +email_regexp+: the regular expression used to validate e-mails;
15
15
  # * +password_length+: a range expressing password length. Defaults to 6..128.
@@ -29,13 +29,8 @@ module Devise
29
29
 
30
30
  base.class_eval do
31
31
  validates_presence_of :email, if: :email_required?
32
- if Devise.activerecord51?
33
- validates_uniqueness_of :email, allow_blank: true, case_sensitive: true, if: :will_save_change_to_email?
34
- validates_format_of :email, with: email_regexp, allow_blank: true, if: :will_save_change_to_email?
35
- else
36
- validates_uniqueness_of :email, allow_blank: true, if: :email_changed?
37
- validates_format_of :email, with: email_regexp, allow_blank: true, if: :email_changed?
38
- end
32
+ validates_uniqueness_of :email, allow_blank: true, case_sensitive: true, if: :devise_will_save_change_to_email?
33
+ validates_format_of :email, with: email_regexp, allow_blank: true, if: :devise_will_save_change_to_email?
39
34
 
40
35
  validates_presence_of :password, if: :password_required?
41
36
  validates_confirmation_of :password, if: :password_required?
@@ -47,7 +42,7 @@ module Devise
47
42
  unavailable_validations = VALIDATIONS.select { |v| !base.respond_to?(v) }
48
43
 
49
44
  unless unavailable_validations.empty?
50
- raise "Could not use :validatable module since #{base} does not respond " <<
45
+ raise "Could not use :validatable module since #{base} does not respond " \
51
46
  "to the following methods: #{unavailable_validations.to_sentence}."
52
47
  end
53
48
  end
data/lib/devise/models.rb CHANGED
@@ -84,6 +84,7 @@ module Devise
84
84
  end
85
85
 
86
86
  devise_modules_hook! do
87
+ include Devise::Orm
87
88
  include Devise::Models::Authenticatable
88
89
 
89
90
  selected_modules.each do |m|
@@ -1,17 +1,14 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  begin
4
+ gem "omniauth", ">= 1.0.0"
5
+
4
6
  require "omniauth"
5
- require "omniauth/version"
6
7
  rescue LoadError
7
8
  warn "Could not load 'omniauth'. Please ensure you have the omniauth gem >= 1.0.0 installed and listed in your Gemfile."
8
9
  raise
9
10
  end
10
11
 
11
- unless OmniAuth::VERSION =~ /^1\./
12
- raise "You are using an old OmniAuth version, please ensure you have 1.0.0.pr2 version or later installed."
13
- end
14
-
15
12
  # Clean up the default path_prefix. It will be automatically set by Devise.
16
13
  OmniAuth.config.path_prefix = nil
17
14
 
data/lib/devise/orm.rb ADDED
@@ -0,0 +1,71 @@
1
+ module Devise
2
+ module Orm # :nodoc:
3
+ def self.active_record?(model)
4
+ defined?(ActiveRecord) && model < ActiveRecord::Base
5
+ end
6
+
7
+ def self.active_record_51?(model)
8
+ active_record?(model) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
9
+ end
10
+
11
+ def self.included(model)
12
+ if Devise::Orm.active_record_51?(model)
13
+ model.include DirtyTrackingNewMethods
14
+ else
15
+ model.include DirtyTrackingOldMethods
16
+ end
17
+ end
18
+
19
+ module DirtyTrackingNewMethods
20
+ def devise_email_before_last_save
21
+ email_before_last_save
22
+ end
23
+
24
+ def devise_email_in_database
25
+ email_in_database
26
+ end
27
+
28
+ def devise_saved_change_to_email?
29
+ saved_change_to_email?
30
+ end
31
+
32
+ def devise_saved_change_to_encrypted_password?
33
+ saved_change_to_encrypted_password?
34
+ end
35
+
36
+ def devise_will_save_change_to_email?
37
+ will_save_change_to_email?
38
+ end
39
+
40
+ def devise_respond_to_and_will_save_change_to_attribute?(attribute)
41
+ respond_to?("will_save_change_to_#{attribute}?") && send("will_save_change_to_#{attribute}?")
42
+ end
43
+ end
44
+
45
+ module DirtyTrackingOldMethods
46
+ def devise_email_before_last_save
47
+ email_was
48
+ end
49
+
50
+ def devise_email_in_database
51
+ email_was
52
+ end
53
+
54
+ def devise_saved_change_to_email?
55
+ email_changed?
56
+ end
57
+
58
+ def devise_saved_change_to_encrypted_password?
59
+ encrypted_password_changed?
60
+ end
61
+
62
+ def devise_will_save_change_to_email?
63
+ email_changed?
64
+ end
65
+
66
+ def devise_respond_to_and_will_save_change_to_attribute?(attribute)
67
+ respond_to?("#{attribute}_changed?") && send("#{attribute}_changed?")
68
+ end
69
+ end
70
+ end
71
+ end
@@ -0,0 +1,39 @@
1
+ # frozen_string_literal: true
2
+
3
+ begin
4
+ require 'active_support/deprecation/constant_accessor'
5
+
6
+ module Devise
7
+ DeprecatedConstantAccessor = ActiveSupport::Deprecation::DeprecatedConstantAccessor #:nodoc:
8
+ end
9
+ rescue LoadError
10
+
11
+ # Copy of constant deprecation module from Rails / Active Support version 6, so we can use it
12
+ # with Rails <= 5.0 versions. This can be removed once we support only Rails 5.1 or greater.
13
+ module Devise
14
+ module DeprecatedConstantAccessor #:nodoc:
15
+ def self.included(base)
16
+ require "active_support/inflector/methods"
17
+
18
+ extension = Module.new do
19
+ def const_missing(missing_const_name)
20
+ if class_variable_defined?(:@@_deprecated_constants)
21
+ if (replacement = class_variable_get(:@@_deprecated_constants)[missing_const_name.to_s])
22
+ replacement[:deprecator].warn(replacement[:message] || "#{name}::#{missing_const_name} is deprecated! Use #{replacement[:new]} instead.", Rails::VERSION::MAJOR == 4 ? caller : caller_locations)
23
+ return ActiveSupport::Inflector.constantize(replacement[:new].to_s)
24
+ end
25
+ end
26
+ super
27
+ end
28
+
29
+ def deprecate_constant(const_name, new_constant, message: nil, deprecator: ActiveSupport::Deprecation.instance)
30
+ class_variable_set(:@@_deprecated_constants, {}) unless class_variable_defined?(:@@_deprecated_constants)
31
+ class_variable_get(:@@_deprecated_constants)[const_name.to_s] = { new: new_constant, message: message, deprecator: deprecator }
32
+ end
33
+ end
34
+ base.singleton_class.prepend extension
35
+ end
36
+ end
37
+ end
38
+
39
+ end
@@ -287,7 +287,7 @@ module ActionDispatch::Routing
287
287
  # root to: "admin/dashboard#show", as: :user_root
288
288
  # end
289
289
  #
290
- def authenticate(scope=nil, block=nil)
290
+ def authenticate(scope = nil, block = nil)
291
291
  constraints_for(:authenticate!, scope, block) do
292
292
  yield
293
293
  end
@@ -311,7 +311,7 @@ module ActionDispatch::Routing
311
311
  #
312
312
  # root to: 'landing#show'
313
313
  #
314
- def authenticated(scope=nil, block=nil)
314
+ def authenticated(scope = nil, block = nil)
315
315
  constraints_for(:authenticate?, scope, block) do
316
316
  yield
317
317
  end
@@ -328,7 +328,7 @@ module ActionDispatch::Routing
328
328
  #
329
329
  # root to: 'dashboard#show'
330
330
  #
331
- def unauthenticated(scope=nil)
331
+ def unauthenticated(scope = nil)
332
332
  constraint = lambda do |request|
333
333
  not request.env["warden"].authenticate? scope: scope
334
334
  end
@@ -474,7 +474,7 @@ ERROR
474
474
  @scope = current_scope
475
475
  end
476
476
 
477
- def constraints_for(method_to_apply, scope=nil, block=nil)
477
+ def constraints_for(method_to_apply, scope = nil, block = nil)
478
478
  constraint = lambda do |request|
479
479
  request.env['warden'].send(method_to_apply, scope: scope) &&
480
480
  (block.nil? || block.call(request.env["warden"].user(scope)))
@@ -37,6 +37,8 @@ module Devise
37
37
  @response
38
38
  end
39
39
 
40
+ ruby2_keywords(:process) if respond_to?(:ruby2_keywords, true)
41
+
40
42
  # We need to set up the environment variables and the response in the controller.
41
43
  def setup_controller_for_warden #:nodoc:
42
44
  @request.env['action_controller.instance'] = @controller
@@ -141,7 +143,7 @@ module Devise
141
143
  @controller.response.headers.merge!(headers)
142
144
  @controller.response.content_type = headers["Content-Type"] unless Rails::VERSION::MAJOR >= 5
143
145
  @controller.status = status
144
- @controller.response.body = response.body
146
+ @controller.response_body = response.body
145
147
  nil # causes process return @response
146
148
  end
147
149
 
@@ -28,7 +28,7 @@ module Devise
28
28
  end
29
29
  end
30
30
 
31
- # Signs in a specific resource, mimicking a successfull sign in
31
+ # Signs in a specific resource, mimicking a successful sign in
32
32
  # operation through +Devise::SessionsController#create+.
33
33
  #
34
34
  # * +resource+ - The resource that should be authenticated
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Devise
4
- VERSION = "4.7.1".freeze
4
+ VERSION = "4.9.2".freeze
5
5
  end
data/lib/devise.rb CHANGED
@@ -13,6 +13,7 @@ module Devise
13
13
  autoload :Encryptor, 'devise/encryptor'
14
14
  autoload :FailureApp, 'devise/failure_app'
15
15
  autoload :OmniAuth, 'devise/omniauth'
16
+ autoload :Orm, 'devise/orm'
16
17
  autoload :ParameterFilter, 'devise/parameter_filter'
17
18
  autoload :ParameterSanitizer, 'devise/parameter_sanitizer'
18
19
  autoload :TestHelpers, 'devise/test_helpers'
@@ -23,6 +24,7 @@ module Devise
23
24
  module Controllers
24
25
  autoload :Helpers, 'devise/controllers/helpers'
25
26
  autoload :Rememberable, 'devise/controllers/rememberable'
27
+ autoload :Responder, 'devise/controllers/responder'
26
28
  autoload :ScopedViews, 'devise/controllers/scoped_views'
27
29
  autoload :SignInOut, 'devise/controllers/sign_in_out'
28
30
  autoload :StoreLocation, 'devise/controllers/store_location'
@@ -71,7 +73,7 @@ module Devise
71
73
 
72
74
  # The number of times to hash the password.
73
75
  mattr_accessor :stretches
74
- @@stretches = 11
76
+ @@stretches = 12
75
77
 
76
78
  # The default key used when authenticating over http auth.
77
79
  mattr_accessor :http_authentication_key
@@ -217,7 +219,16 @@ module Devise
217
219
 
218
220
  # Which formats should be treated as navigational.
219
221
  mattr_accessor :navigational_formats
220
- @@navigational_formats = ["*/*", :html]
222
+ @@navigational_formats = ["*/*", :html, :turbo_stream]
223
+
224
+ # The default responder used by Devise, used to customize status codes with:
225
+ #
226
+ # `config.responder.error_status`
227
+ # `config.responder.redirect_status`
228
+ #
229
+ # Can be replaced by a custom application responder.
230
+ mattr_accessor :responder
231
+ @@responder = Devise::Controllers::Responder
221
232
 
222
233
  # When set to true, signing out a user signs out all other scopes.
223
234
  mattr_accessor :sign_out_all_scopes
@@ -297,14 +308,6 @@ module Devise
297
308
  mattr_accessor :sign_in_after_change_password
298
309
  @@sign_in_after_change_password = true
299
310
 
300
- def self.rails51? # :nodoc:
301
- Rails.gem_version >= Gem::Version.new("5.1.x")
302
- end
303
-
304
- def self.activerecord51? # :nodoc:
305
- defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
306
- end
307
-
308
311
  # Default way to set up Devise. Run rails generate devise_install to create
309
312
  # a fresh initializer with all configuration values.
310
313
  def self.setup
@@ -317,12 +320,20 @@ module Devise
317
320
  end
318
321
 
319
322
  def get
320
- ActiveSupport::Dependencies.constantize(@name)
323
+ # TODO: Remove AS::Dependencies usage when dropping support to Rails < 7.
324
+ if ActiveSupport::Dependencies.respond_to?(:constantize)
325
+ ActiveSupport::Dependencies.constantize(@name)
326
+ else
327
+ @name.constantize
328
+ end
321
329
  end
322
330
  end
323
331
 
324
332
  def self.ref(arg)
325
- ActiveSupport::Dependencies.reference(arg)
333
+ # TODO: Remove AS::Dependencies usage when dropping support to Rails < 7.
334
+ if ActiveSupport::Dependencies.respond_to?(:reference)
335
+ ActiveSupport::Dependencies.reference(arg)
336
+ end
326
337
  Getter.new(arg)
327
338
  end
328
339
 
@@ -509,6 +520,14 @@ module Devise
509
520
  b.each_byte { |byte| res |= byte ^ l.shift }
510
521
  res == 0
511
522
  end
523
+
524
+ def self.activerecord51? # :nodoc:
525
+ ActiveSupport::Deprecation.warn <<-DEPRECATION.strip_heredoc
526
+ [Devise] `Devise.activerecord51?` is deprecated and will be removed in the next major version.
527
+ It is a non-public method that's no longer used internally, but that other libraries have been relying on.
528
+ DEPRECATION
529
+ defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
530
+ end
512
531
  end
513
532
 
514
533
  require 'warden'
@@ -86,9 +86,24 @@ RUBY
86
86
  Rails::VERSION::MAJOR >= 5
87
87
  end
88
88
 
89
+ def rails61_and_up?
90
+ Rails::VERSION::MAJOR > 6 || (Rails::VERSION::MAJOR == 6 && Rails::VERSION::MINOR >= 1)
91
+ end
92
+
89
93
  def postgresql?
90
- config = ActiveRecord::Base.configurations[Rails.env]
91
- config && config['adapter'] == 'postgresql'
94
+ ar_config && ar_config['adapter'] == 'postgresql'
95
+ end
96
+
97
+ def ar_config
98
+ if ActiveRecord::Base.configurations.respond_to?(:configs_for)
99
+ if rails61_and_up?
100
+ ActiveRecord::Base.configurations.configs_for(env_name: Rails.env, name: "primary").configuration_hash
101
+ else
102
+ ActiveRecord::Base.configurations.configs_for(env_name: Rails.env, spec_name: "primary").config
103
+ end
104
+ else
105
+ ActiveRecord::Base.configurations[Rails.env]
106
+ end
92
107
  end
93
108
 
94
109
  def migration_version
@@ -13,7 +13,7 @@ module Devise
13
13
  desc "Generates a model with the given NAME (if one does not exist) with devise " \
14
14
  "configuration plus a migration file and devise routes."
15
15
 
16
- hook_for :orm
16
+ hook_for :orm, required: true
17
17
 
18
18
  class_option :routes, desc: "Generate routes", type: :boolean, default: true
19
19
 
@@ -11,7 +11,7 @@ module Devise
11
11
  source_root File.expand_path("../../templates", __FILE__)
12
12
 
13
13
  desc "Creates a Devise initializer and copy locale files to your application."
14
- class_option :orm
14
+ class_option :orm, required: true
15
15
 
16
16
  def copy_initializer
17
17
  unless options[:orm]
@@ -37,10 +37,6 @@ module Devise
37
37
  def show_readme
38
38
  readme "README" if behavior == :invoke
39
39
  end
40
-
41
- def rails_4?
42
- Rails::VERSION::MAJOR == 4
43
- end
44
40
  end
45
41
  end
46
42
  end
@@ -42,7 +42,7 @@ module Devise
42
42
  def view_directory(name, _target_path = nil)
43
43
  directory name.to_s, _target_path || "#{target_path}/#{name}" do |content|
44
44
  if scope
45
- content.gsub "devise/shared/links", "#{plural_scope}/shared/links"
45
+ content.gsub("devise/shared", "#{plural_scope}/shared")
46
46
  else
47
47
  content
48
48
  end
@@ -1,6 +1,6 @@
1
1
  ===============================================================================
2
2
 
3
- Some setup you must do manually if you haven't yet:
3
+ Depending on your application's configuration some manual setup may be required:
4
4
 
5
5
  1. Ensure you have defined default url options in your environments files. Here
6
6
  is an example of default_url_options appropriate for a development environment
@@ -10,10 +10,14 @@ Some setup you must do manually if you haven't yet:
10
10
 
11
11
  In production, :host should be set to the actual host of your application.
12
12
 
13
+ * Required for all applications. *
14
+
13
15
  2. Ensure you have defined root_url to *something* in your config/routes.rb.
14
16
  For example:
15
17
 
16
18
  root to: "home#index"
19
+
20
+ * Not required for API-only Applications *
17
21
 
18
22
  3. Ensure you have flash messages in app/views/layouts/application.html.erb.
19
23
  For example:
@@ -21,8 +25,12 @@ Some setup you must do manually if you haven't yet:
21
25
  <p class="notice"><%= notice %></p>
22
26
  <p class="alert"><%= alert %></p>
23
27
 
28
+ * Not required for API-only Applications *
29
+
24
30
  4. You can copy Devise views (for customization) to your app by running:
25
31
 
26
32
  rails g devise:views
33
+
34
+ * Not required *
27
35
 
28
36
  ===============================================================================
@@ -9,7 +9,7 @@ class <%= @scope_prefix %>OmniauthCallbacksController < Devise::OmniauthCallback
9
9
  # end
10
10
 
11
11
  # More info at:
12
- # https://github.com/plataformatec/devise#omniauth
12
+ # https://github.com/heartcombo/devise#omniauth
13
13
 
14
14
  # GET|POST /resource/auth/twitter
15
15
  # def passthru
@@ -1,5 +1,11 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ # Assuming you have not yet modified this file, each configuration option below
4
+ # is set to its default value. Note that some are commented out while others
5
+ # are not: uncommented lines are intended to protect your configuration from
6
+ # breaking changes in upgrades (i.e., in the event that future versions of
7
+ # Devise change the default values for those options).
8
+ #
3
9
  # Use this hook to configure devise mailer, warden hooks and so forth.
4
10
  # Many of these configuration options can be set straight in your model.
5
11
  Devise.setup do |config|
@@ -68,7 +74,10 @@ Devise.setup do |config|
68
74
  # Tell if authentication through HTTP Auth is enabled. False by default.
69
75
  # It can be set to an array that will enable http authentication only for the
70
76
  # given strategies, for example, `config.http_authenticatable = [:database]` will
71
- # enable it only for database authentication. The supported strategies are:
77
+ # enable it only for database authentication.
78
+ # For API-only applications to support authentication "out-of-the-box", you will likely want to
79
+ # enable this with :database unless you are using a custom strategy.
80
+ # The supported strategies are:
72
81
  # :database = Support basic authentication with authentication key + password
73
82
  # config.http_authenticatable = false
74
83
 
@@ -103,15 +112,18 @@ Devise.setup do |config|
103
112
  # config.reload_routes = true
104
113
 
105
114
  # ==> Configuration for :database_authenticatable
106
- # For bcrypt, this is the cost for hashing the password and defaults to 11. If
115
+ # For bcrypt, this is the cost for hashing the password and defaults to 12. If
107
116
  # using other algorithms, it sets how many times you want the password to be hashed.
117
+ # The number of stretches used for generating the hashed password are stored
118
+ # with the hashed password. This allows you to change the stretches without
119
+ # invalidating existing passwords.
108
120
  #
109
121
  # Limiting the stretches to just one in testing will increase the performance of
110
122
  # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
111
123
  # a value less than 10 in other environments. Note that, for bcrypt (the default
112
124
  # algorithm), the cost increases exponentially with the number of stretches (e.g.
113
125
  # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
114
- config.stretches = Rails.env.test? ? 1 : 11
126
+ config.stretches = Rails.env.test? ? 1 : 12
115
127
 
116
128
  # Set up a pepper to generate the hashed password.
117
129
  # config.pepper = '<%= SecureRandom.hex(64) %>'
@@ -244,14 +256,14 @@ Devise.setup do |config|
244
256
 
245
257
  # ==> Navigation configuration
246
258
  # Lists the formats that should be treated as navigational. Formats like
247
- # :html, should redirect to the sign in page when the user does not have
259
+ # :html should redirect to the sign in page when the user does not have
248
260
  # access, but formats like :xml or :json, should return 401.
249
261
  #
250
262
  # If you have any extra navigational formats, like :iphone or :mobile, you
251
263
  # should add them to the navigational formats lists.
252
264
  #
253
265
  # The "*/*" below is required to match Internet Explorer requests.
254
- # config.navigational_formats = ['*/*', :html]
266
+ # config.navigational_formats = ['*/*', :html, :turbo_stream]
255
267
 
256
268
  # The default HTTP method used to sign out a resource. Default is :delete.
257
269
  config.sign_out_via = :delete
@@ -284,12 +296,14 @@ Devise.setup do |config|
284
296
  # so you need to do it manually. For the users scope, it would be:
285
297
  # config.omniauth_path_prefix = '/my_engine/users/auth'
286
298
 
287
- # ==> Turbolinks configuration
288
- # If your app is using Turbolinks, Turbolinks::Controller needs to be included to make redirection work correctly:
289
- #
290
- # ActiveSupport.on_load(:devise_failure_app) do
291
- # include Turbolinks::Controller
292
- # end
299
+ # ==> Hotwire/Turbo configuration
300
+ # When using Devise with Hotwire/Turbo, the http status for error responses
301
+ # and some redirects must match the following. The default in Devise for existing
302
+ # apps is `200 OK` and `302 Found respectively`, but new apps are generated with
303
+ # these new defaults that match Hotwire/Turbo behavior.
304
+ # Note: These might become the new default in future versions of Devise.
305
+ config.responder.error_status = :unprocessable_entity
306
+ config.responder.redirect_status = :see_other
293
307
 
294
308
  # ==> Configuration for :registerable
295
309
 
@@ -30,6 +30,6 @@
30
30
 
31
31
  <h3>Cancel my account</h3>
32
32
 
33
- <p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
33
+ <div>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?", turbo_confirm: "Are you sure?" }, method: :delete %></div>
34
34
 
35
35
  <%= link_to "Back", :back %>