RubyGems - devise - Versions diffs - 5.0.1 → 5.0.2 - Mend

devise 5.0.1 → 5.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/app/controllers/devise/passwords_controller.rb +7 -2
data/app/controllers/devise/registrations_controller.rb +11 -10
data/lib/devise/version.rb +1 -1
data/lib/generators/templates/simple_form_for/passwords/new.html.erb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2c59c4076a4ac0e38c7200826104c1525bff002d6df36b40733c6b011454803c
-  data.tar.gz: 24e6a187f45db8fb798b1e4ead4ae0d9c456c689d1bd57a488ea8b6daa5f094d
+  metadata.gz: 4cffe2aa12ff3240ea7c769cce8f54514bcbf3b7937e3cae3e530fa38c504610
+  data.tar.gz: 47999dcc6dbe990d3c809b35fa138b071f5b2fa0411600093a9b4926c32567a8
 SHA512:
-  metadata.gz: d9a4c77df23aa110e19620d6cf0de5c6585d0c7af4dbb28c71e86b0b67746b753a088796b7951d571d2142133bb6376a614a3c3f6fec587709a0979a7886ca76
-  data.tar.gz: 8c9c549e0f6e08950b926f56fdca67c494d94aa0ca17b2af2b95b2b703ac7a2e93750897febfaef8aa4364430d5a3bf4004f8c638d34becd2690e0bcbb8f9542
+  metadata.gz: 7f40111655bc0aee66e0d02c29af7113053aa98f5c33445cccb7dbc1f8a5132ace75a2be82e9302264dfc0de579f835330eb65cf55e4d29ea4a0b4a30326ac40
+  data.tar.gz: 99e6e990cefbbdce6a851c1da5249d9ec04a7e24be193ba674052809112da1de6867ed0930f27342c80867974532aceb77fa05b28f45aebd7338d015bb168e4e

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,9 @@
+### 5.0.2 - 2026-02-18
+* enhancements
+  * Allow resource class scopes to override the global configuration for `sign_in_after_change_password` behaviour. [#5825](https://github.com/heartcombo/devise/pull/5825)
+  * Add `sign_in_after_reset_password?` check hook to passwords controller, to allow it to be customized by users. [#5826](https://github.com/heartcombo/devise/pull/5826)
 ### 5.0.1 - 2026-02-13
 * bug fixes

data/app/controllers/devise/passwords_controller.rb CHANGED Viewed

@@ -36,7 +36,7 @@ class Devise::PasswordsController < DeviseController
     if resource.errors.empty?
       resource.unlock_access! if unlockable?(resource)
-      if resource_class.sign_in_after_reset_password
+      if sign_in_after_reset_password?
         flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
         set_flash_message!(:notice, flash_message)
         resource.after_database_authentication
@@ -53,7 +53,7 @@ class Devise::PasswordsController < DeviseController
   protected
     def after_resetting_password_path_for(resource)
-      resource_class.sign_in_after_reset_password ? after_sign_in_path_for(resource) : new_session_path(resource_name)
+      sign_in_after_reset_password? ? after_sign_in_path_for(resource) : new_session_path(resource_name)
     end
     # The path used after sending reset password instructions
@@ -69,6 +69,11 @@ class Devise::PasswordsController < DeviseController
       end
     end
+    # Check if the user should be signed in automatically after resetting the password.
+    def sign_in_after_reset_password?
+      resource_class.sign_in_after_reset_password
+    end
     # Check if proper Lockable module methods are present & unlock strategy
     # allows to unlock resource on password reset
     def unlockable?(resource)

data/app/controllers/devise/registrations_controller.rb CHANGED Viewed

@@ -82,12 +82,6 @@ class Devise::RegistrationsController < DeviseController
   protected
-  def update_needs_confirmation?(resource, previous)
-    resource.respond_to?(:pending_reconfirmation?) &&
-      resource.pending_reconfirmation? &&
-      previous != resource.unconfirmed_email
-  end
   # By default we want to require a password checks on update.
   # You can overwrite this method in your own RegistrationsController.
   def update_resource(resource, params)
@@ -133,6 +127,13 @@ class Devise::RegistrationsController < DeviseController
     self.resource = send(:"current_#{resource_name}")
   end
+  # Check if the user should be signed in automatically after updating the password.
+  def sign_in_after_change_password?
+    return true if account_update_params[:password].blank?
+    resource_class.sign_in_after_change_password
+  end
   def sign_up_params
     devise_parameter_sanitizer.sanitize(:sign_up)
   end
@@ -160,9 +161,9 @@ class Devise::RegistrationsController < DeviseController
     set_flash_message :notice, flash_key
   end
-  def sign_in_after_change_password?
-    return true if account_update_params[:password].blank?
-    Devise.sign_in_after_change_password
+  def update_needs_confirmation?(resource, previous)
+    resource.respond_to?(:pending_reconfirmation?) &&
+      resource.pending_reconfirmation? &&
+      previous != resource.unconfirmed_email
   end
 end

data/lib/devise/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Devise
-  VERSION = "5.0.1".freeze
+  VERSION = "5.0.2".freeze
 end

data/lib/generators/templates/simple_form_for/passwords/new.html.erb CHANGED Viewed

@@ -11,7 +11,7 @@
   </div>
   <div class="form-actions">
-    <%= f.button :submit, "Send me reset password instructions" %>
+    <%= f.button :submit, "Send me password reset instructions" %>
   </div>
 <% end %>

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: devise
 version: !ruby/object:Gem::Version
-  version: 5.0.1
+  version: 5.0.2
 platform: ruby
 authors:
 - José Valim
@@ -221,7 +221,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 4.0.3
+rubygems_version: 4.0.6
 specification_version: 4
 summary: Flexible authentication solution for Rails with Warden
 test_files: []