devise 0.2.3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +8 -0
- data/README.rdoc +26 -20
- data/generators/devise_views/devise_views_generator.rb +8 -6
- data/lib/devise.rb +3 -2
- data/lib/devise/active_record.rb +16 -9
- data/lib/devise/controllers/filters.rb +2 -2
- data/{config → lib/devise}/locales/en.yml +1 -1
- data/lib/devise/mapping.rb +1 -1
- data/lib/devise/migrations.rb +9 -2
- data/lib/devise/models/{authenticable.rb → authenticatable.rb} +4 -4
- data/lib/devise/models/confirmable.rb +17 -29
- data/lib/devise/routes.rb +3 -3
- data/lib/devise/strategies/{authenticable.rb → authenticatable.rb} +2 -2
- data/lib/devise/strategies/rememberable.rb +1 -1
- data/lib/devise/version.rb +1 -1
- data/lib/devise/warden.rb +1 -1
- data/test/active_record_test.rb +11 -11
- data/test/integration/{authenticable_test.rb → authenticatable_test.rb} +0 -0
- data/test/integration/confirmable_test.rb +2 -2
- data/test/mapping_test.rb +2 -2
- data/test/models/{authenticable_test.rb → authenticatable_test.rb} +1 -1
- data/test/models/confirmable_test.rb +13 -28
- data/test/test_helper.rb +1 -1
- metadata +7 -7
data/CHANGELOG.rdoc
CHANGED
@@ -1,3 +1,11 @@
|
|
1
|
+
* bug fix
|
2
|
+
* [#15] Allow yml messages to be configured by not using engine locales
|
3
|
+
|
4
|
+
* deprecations
|
5
|
+
* Renamed confirm_in to confirm_within
|
6
|
+
* [#14] Do not send confirmation messages when user changes his e-mail
|
7
|
+
* [#13] Renamed authenticable to authenticatable and added deprecation warnings
|
8
|
+
|
1
9
|
== 0.2.3
|
2
10
|
|
3
11
|
* enhancements
|
data/README.rdoc
CHANGED
@@ -9,7 +9,7 @@ Devise is a flexible authentication solution for Rails based on Warden. It:
|
|
9
9
|
|
10
10
|
Right now it's composed of five mainly modules:
|
11
11
|
|
12
|
-
*
|
12
|
+
* Authenticatable: responsible for encrypting password and validating authenticity of a user while signing in.
|
13
13
|
* Confirmable: responsible for verifying whether an account is already confirmed to sign in, and to send emails with confirmation instructions.
|
14
14
|
* Recoverable: takes care of reseting the user password and send reset instructions.
|
15
15
|
* Rememberable: manages generating and clearing token for remember the user from a saved cookie.
|
@@ -51,7 +51,7 @@ Devise must be setted up within the model (or models) you want to use, and devis
|
|
51
51
|
We're assuming here you want a User model. First of all you have to setup a migration with the following fields:
|
52
52
|
|
53
53
|
create_table :users do
|
54
|
-
t.
|
54
|
+
t.authenticatable
|
55
55
|
t.confirmable
|
56
56
|
t.recoverable
|
57
57
|
t.rememberable
|
@@ -70,26 +70,20 @@ Now let's setup a User model adding the devise line to have your authentication
|
|
70
70
|
devise
|
71
71
|
end
|
72
72
|
|
73
|
-
This line adds devise
|
73
|
+
This line adds devise authenticatable automatically for you inside your User class. Devise don't rely on _attr_accessible_ or _attr_protected_ inside its modules, so be sure to setup what attributes are accessible or protected in your model.
|
74
74
|
|
75
75
|
You could also include the other devise modules as below:
|
76
76
|
|
77
|
-
# Same as using only devise,
|
78
|
-
devise :
|
77
|
+
# Same as using only devise, authenticatable is activated by default
|
78
|
+
devise :authenticatable
|
79
79
|
|
80
|
-
# Include
|
80
|
+
# Include authenticatable + confirmable
|
81
81
|
devise :confirmable
|
82
82
|
|
83
|
-
# Include
|
84
|
-
devise :recoverable
|
83
|
+
# Include authenticatable + recoverable + rememberable
|
84
|
+
devise :recoverable, :rememberable
|
85
85
|
|
86
|
-
# Include
|
87
|
-
devise :rememberable
|
88
|
-
|
89
|
-
# Include authenticable + confirmable + recoverable + rememberable + validatable
|
90
|
-
devise :confirmable, :recoverable, :rememberable, :validatable
|
91
|
-
|
92
|
-
# Same as above, include all of them
|
86
|
+
# Include all of them
|
93
87
|
devise :all
|
94
88
|
|
95
89
|
# Include all except recoverable
|
@@ -97,6 +91,8 @@ You could also include the other devise modules as below:
|
|
97
91
|
|
98
92
|
Note that validations aren't added by default, so you're able to customize it. In order to have automatic validations working just include :validatable.
|
99
93
|
|
94
|
+
== Configuration values
|
95
|
+
|
100
96
|
In addition to :except, you can provide some options to devise call:
|
101
97
|
|
102
98
|
* pepper: setup a pepper to generate de encrypted password. By default no pepper is used:
|
@@ -107,21 +103,27 @@ In addition to :except, you can provide some options to devise call:
|
|
107
103
|
|
108
104
|
devise :all, :stretches => 20
|
109
105
|
|
110
|
-
*
|
106
|
+
* confirm_within: the time the user can access the site before being blocked because his account was not confirmed
|
111
107
|
|
112
|
-
devise :all, :
|
108
|
+
devise :all, :confirm_within => 1.week
|
113
109
|
|
114
110
|
* remember_for: the time to store the remember me cookie in the user
|
115
111
|
|
116
112
|
devise :all, :remember_for => 2.weeks
|
117
113
|
|
114
|
+
All those values can also be set in a global way by setting them in Devise:
|
115
|
+
|
116
|
+
Devise.confirm_within = 1.week
|
117
|
+
|
118
|
+
== Routes
|
119
|
+
|
118
120
|
The next step after setting up your model is to configure your routes for devise. You do this by opening up your config/routes.rb and adding:
|
119
121
|
|
120
122
|
map.devise_for :users
|
121
123
|
|
122
124
|
This is going to look inside you User model and create the needed routes:
|
123
125
|
|
124
|
-
# Session routes for
|
126
|
+
# Session routes for Authenticatable (default)
|
125
127
|
new_user_session GET /users/sign_in {:controller=>"sessions", :action=>"new"}
|
126
128
|
user_session POST /users/sign_in {:controller=>"sessions", :action=>"create"}
|
127
129
|
destroy_user_session GET /users/sign_out {:controller=>"sessions", :action=>"destroy"}
|
@@ -156,7 +158,9 @@ There are also some options available for configuring your routes:
|
|
156
158
|
|
157
159
|
map.devise_for :users, :path_names => { :sign_in => 'login', :sign_out => 'logout', :password => 'secret', :confirmation => 'verification' }
|
158
160
|
|
159
|
-
|
161
|
+
== Controller filters
|
162
|
+
|
163
|
+
Devise is gonna create some helpers to use inside your controllers and views. To setup a controller that needs user authentication, just add this before_filter:
|
160
164
|
|
161
165
|
before_filter :authenticate_user!
|
162
166
|
|
@@ -181,11 +185,13 @@ You also need to setup default url options for the mailer, if you are using conf
|
|
181
185
|
Notifier.sender = "no-reply@yourapp.com"
|
182
186
|
ActionMailer::Base.default_url_options = { :host => 'localhost:3000' }
|
183
187
|
|
188
|
+
== Tidying up
|
189
|
+
|
184
190
|
Devise let's you setup as many roles as you want, so let's say you already have this User model and also want an Admin model with the same authentication stuff, but not confirmation or password recovery. Just follow the same steps:
|
185
191
|
|
186
192
|
# Create a migration with the required fields
|
187
193
|
create_table :admins do |t|
|
188
|
-
t.
|
194
|
+
t.authenticatable
|
189
195
|
end
|
190
196
|
|
191
197
|
# Inside your Admin model
|
@@ -2,20 +2,22 @@ class DeviseViewsGenerator < Rails::Generator::Base
|
|
2
2
|
|
3
3
|
def initialize(*args)
|
4
4
|
super
|
5
|
-
@source_root = options[:source] || File.join(spec.path, '..', '..'
|
5
|
+
@source_root = options[:source] || File.join(spec.path, '..', '..')
|
6
6
|
end
|
7
7
|
|
8
8
|
def manifest
|
9
9
|
record do |m|
|
10
|
-
|
11
|
-
m.directory views_directory
|
10
|
+
m.directory "app/views"
|
12
11
|
|
13
|
-
Dir[File.join(@source_root, "**/*.erb")].each do |file|
|
12
|
+
Dir[File.join(@source_root, "app", "views", "**/*.erb")].each do |file|
|
14
13
|
file = file.gsub(@source_root, "")[1..-1]
|
15
14
|
|
16
|
-
m.directory File.
|
17
|
-
m.file file,
|
15
|
+
m.directory File.dirname(file)
|
16
|
+
m.file file, file
|
18
17
|
end
|
18
|
+
|
19
|
+
m.directory "config/locales"
|
20
|
+
m.file "lib/devise/locales/en.yml", "config/locales/devise.en.yml"
|
19
21
|
end
|
20
22
|
end
|
21
23
|
|
data/lib/devise.rb
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
module Devise
|
2
|
-
ALL = [:
|
2
|
+
ALL = [:authenticatable, :confirmable, :recoverable, :rememberable, :validatable].freeze
|
3
3
|
|
4
4
|
# Maps controller names to devise modules
|
5
5
|
CONTROLLERS = {
|
6
|
-
:sessions => :
|
6
|
+
:sessions => :authenticatable,
|
7
7
|
:passwords => :recoverable,
|
8
8
|
:confirmations => :confirmable
|
9
9
|
}.freeze
|
@@ -66,6 +66,7 @@ end
|
|
66
66
|
Rails.configuration.after_initialize do
|
67
67
|
ActiveRecord::Base.extend Devise::ActiveRecord
|
68
68
|
ActiveRecord::ConnectionAdapters::TableDefinition.send :include, Devise::Migrations
|
69
|
+
I18n.load_path.unshift File.expand_path(File.join(File.dirname(__FILE__), 'devise', 'locales', 'en.yml'))
|
69
70
|
end
|
70
71
|
|
71
72
|
require 'devise/warden'
|
data/lib/devise/active_record.rb
CHANGED
@@ -17,10 +17,10 @@ module Devise
|
|
17
17
|
#
|
18
18
|
# devise :all, :stretches => 20
|
19
19
|
#
|
20
|
-
# *
|
20
|
+
# * confirm_within: the time you want your user to confirm it's account. During
|
21
21
|
# this time he will be able to access your application without confirming.
|
22
22
|
#
|
23
|
-
# devise :all, :
|
23
|
+
# devise :all, :confirm_within => 7.days
|
24
24
|
#
|
25
25
|
# * remember_for: the time the user will be remembered without asking for
|
26
26
|
# credentials again.
|
@@ -32,22 +32,22 @@ module Devise
|
|
32
32
|
#
|
33
33
|
# Examples:
|
34
34
|
#
|
35
|
-
# # include only
|
35
|
+
# # include only authenticatable module (default)
|
36
36
|
# devise
|
37
37
|
#
|
38
|
-
# # include
|
38
|
+
# # include authenticatable + confirmable modules
|
39
39
|
# devise :confirmable
|
40
40
|
#
|
41
|
-
# # include
|
41
|
+
# # include authenticatable + recoverable modules
|
42
42
|
# devise :recoverable
|
43
43
|
#
|
44
|
-
# # include
|
44
|
+
# # include authenticatable + rememberable modules
|
45
45
|
# devise :rememberable
|
46
46
|
#
|
47
|
-
# # include
|
47
|
+
# # include authenticatable + validatable modules
|
48
48
|
# devise :validatable
|
49
49
|
#
|
50
|
-
# # include
|
50
|
+
# # include authenticatable + confirmable + recoverable + rememberable + validatable
|
51
51
|
# devise :confirmable, :recoverable, :rememberable, :validatable
|
52
52
|
#
|
53
53
|
# # shortcut to include all modules (same as above)
|
@@ -59,9 +59,16 @@ module Devise
|
|
59
59
|
def devise(*modules)
|
60
60
|
options = modules.extract_options!
|
61
61
|
|
62
|
+
# TODO Remove me in a next release
|
63
|
+
if modules.include?(:authenticable)
|
64
|
+
modules.delete(:authenticable)
|
65
|
+
modules.unshift(:authenticatable)
|
66
|
+
ActiveSupport::Deprecation.warn "devise :authenticate is deprecated, use authenticatable instead"
|
67
|
+
end
|
68
|
+
|
62
69
|
modules = Devise::ALL if modules.include?(:all)
|
63
70
|
modules -= Array(options.delete(:except))
|
64
|
-
modules
|
71
|
+
modules = [:authenticatable] | modules
|
65
72
|
|
66
73
|
modules.each do |m|
|
67
74
|
devise_modules << m.to_sym
|
@@ -4,7 +4,7 @@ en:
|
|
4
4
|
signed_in: 'Signed in successfully.'
|
5
5
|
signed_out: 'Signed out successfully.'
|
6
6
|
unauthenticated: 'You need to sign in or sign up before continuing.'
|
7
|
-
unconfirmed: '
|
7
|
+
unconfirmed: 'You have to confirm your account before continuing.'
|
8
8
|
invalid: 'Invalid email or password.'
|
9
9
|
passwords:
|
10
10
|
send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
|
data/lib/devise/mapping.rb
CHANGED
@@ -18,7 +18,7 @@ module Devise
|
|
18
18
|
# mapping.to #=> User
|
19
19
|
# # is the class to be loaded from routes, given in the route as :class_name.
|
20
20
|
#
|
21
|
-
# mapping.for #=> [:
|
21
|
+
# mapping.for #=> [:authenticatable]
|
22
22
|
# # is the modules included in the class
|
23
23
|
#
|
24
24
|
class Mapping #:nodoc:
|
data/lib/devise/migrations.rb
CHANGED
@@ -2,7 +2,7 @@ module Devise
|
|
2
2
|
# Helpers to migration:
|
3
3
|
#
|
4
4
|
# create_table :accounts do |t|
|
5
|
-
# t.
|
5
|
+
# t.authenticatable
|
6
6
|
# t.confirmable
|
7
7
|
# t.recoverable
|
8
8
|
# t.rememberable
|
@@ -19,13 +19,20 @@ module Devise
|
|
19
19
|
|
20
20
|
# Creates email, encrypted_password and password_salt.
|
21
21
|
#
|
22
|
-
def
|
22
|
+
def authenticatable(options={})
|
23
23
|
null = options[:null] || false
|
24
24
|
string :email, :limit => 100, :null => null
|
25
25
|
string :encrypted_password, :limit => 40, :null => null
|
26
26
|
string :password_salt, :limit => 20, :null => null
|
27
27
|
end
|
28
28
|
|
29
|
+
# TODO Remove me in a next release.
|
30
|
+
#
|
31
|
+
def authenticable(*args)
|
32
|
+
ActiveSupport::Deprecation.warn "authenticable in migrations is deprecated, use authenticatable instead"
|
33
|
+
authenticatable(*args)
|
34
|
+
end
|
35
|
+
|
29
36
|
# Creates confirmation_token, confirmed_at and confirmation_sent_at.
|
30
37
|
#
|
31
38
|
def confirmable
|
@@ -1,5 +1,5 @@
|
|
1
1
|
require 'digest/sha1'
|
2
|
-
require 'devise/strategies/
|
2
|
+
require 'devise/strategies/authenticatable'
|
3
3
|
|
4
4
|
module Devise
|
5
5
|
module Models
|
@@ -24,7 +24,7 @@ module Devise
|
|
24
24
|
# User.authenticate('email@test.com', 'password123') # returns authenticated user or nil
|
25
25
|
# User.find(1).valid_password?('password123') # returns true/false
|
26
26
|
#
|
27
|
-
module
|
27
|
+
module Authenticatable
|
28
28
|
def self.included(base)
|
29
29
|
base.class_eval do
|
30
30
|
extend ClassMethods
|
@@ -75,8 +75,8 @@ module Devise
|
|
75
75
|
# authenticated user if it's valid or nil.
|
76
76
|
# Attributes are :email and :password
|
77
77
|
def authenticate(attributes={})
|
78
|
-
|
79
|
-
|
78
|
+
authenticatable = find_by_email(attributes[:email])
|
79
|
+
authenticatable if authenticatable.try(:valid_password?, attributes[:password])
|
80
80
|
end
|
81
81
|
|
82
82
|
# Attempt to find a user by it's email. If not user is found, returns a
|
@@ -14,13 +14,13 @@ module Devise
|
|
14
14
|
#
|
15
15
|
# Configuration:
|
16
16
|
#
|
17
|
-
#
|
18
|
-
#
|
19
|
-
#
|
20
|
-
#
|
21
|
-
#
|
22
|
-
#
|
23
|
-
#
|
17
|
+
# confirm_within: the time you want the user will have to confirm it's account
|
18
|
+
# without blocking his access. When confirm_within is zero, the
|
19
|
+
# user won't be able to sign in without confirming. You can
|
20
|
+
# use this to let your user access some features of your
|
21
|
+
# application without confirming the account, but blocking it
|
22
|
+
# after a certain period (ie 7 days). By default confirm_within is
|
23
|
+
# zero, it means users always have to confirm to sign in.
|
24
24
|
#
|
25
25
|
# Examples:
|
26
26
|
#
|
@@ -34,8 +34,8 @@ module Devise
|
|
34
34
|
base.class_eval do
|
35
35
|
extend ClassMethods
|
36
36
|
|
37
|
-
|
38
|
-
|
37
|
+
before_create :generate_confirmation_token
|
38
|
+
after_create :send_confirmation_instructions
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
@@ -64,7 +64,7 @@ module Devise
|
|
64
64
|
# confirming it's account
|
65
65
|
def reset_confirmation!
|
66
66
|
unless_confirmed do
|
67
|
-
|
67
|
+
generate_confirmation_token
|
68
68
|
save(false)
|
69
69
|
send_confirmation_instructions
|
70
70
|
end
|
@@ -87,21 +87,21 @@ module Devise
|
|
87
87
|
#
|
88
88
|
# Example:
|
89
89
|
#
|
90
|
-
# #
|
90
|
+
# # confirm_within = 1.day and confirmation_sent_at = today
|
91
91
|
# confirmation_period_valid? # returns true
|
92
92
|
#
|
93
|
-
# #
|
93
|
+
# # confirm_within = 5.days and confirmation_sent_at = 4.days.ago
|
94
94
|
# confirmation_period_valid? # returns true
|
95
95
|
#
|
96
|
-
# #
|
96
|
+
# # confirm_within = 5.days and confirmation_sent_at = 5.days.ago
|
97
97
|
# confirmation_period_valid? # returns false
|
98
98
|
#
|
99
|
-
# #
|
99
|
+
# # confirm_within = 0.days
|
100
100
|
# confirmation_period_valid? # will always return false
|
101
101
|
#
|
102
102
|
def confirmation_period_valid?
|
103
103
|
confirmation_sent_at? &&
|
104
|
-
(Date.today - confirmation_sent_at.to_date).days <
|
104
|
+
(Date.today - confirmation_sent_at.to_date).days < confirm_within
|
105
105
|
end
|
106
106
|
|
107
107
|
# Checks whether the record is confirmed or not, yielding to the block
|
@@ -115,26 +115,14 @@ module Devise
|
|
115
115
|
end
|
116
116
|
end
|
117
117
|
|
118
|
-
# Remove confirmation date from the user, ensuring after a user update
|
119
|
-
# it's email, it won't be able to sign in without confirming it.
|
120
|
-
def reset_confirmation
|
121
|
-
generate_confirmation_token
|
122
|
-
self.confirmed_at = nil
|
123
|
-
end
|
124
|
-
|
125
118
|
# Generates a new random token for confirmation, and stores the time
|
126
119
|
# this token is being generated
|
127
120
|
def generate_confirmation_token
|
121
|
+
self.confirmed_at = nil
|
128
122
|
self.confirmation_token = friendly_token
|
129
123
|
self.confirmation_sent_at = Time.now.utc
|
130
124
|
end
|
131
125
|
|
132
|
-
# Resets the confirmation token with and save the record without
|
133
|
-
# validating.
|
134
|
-
def generate_confirmation_token!
|
135
|
-
generate_confirmation_token && save(false)
|
136
|
-
end
|
137
|
-
|
138
126
|
module ClassMethods
|
139
127
|
|
140
128
|
# Attempt to find a user by it's email. If a record is found, send new
|
@@ -162,7 +150,7 @@ module Devise
|
|
162
150
|
end
|
163
151
|
end
|
164
152
|
|
165
|
-
Devise.model_config(self, :
|
153
|
+
Devise.model_config(self, :confirm_within, 0.days)
|
166
154
|
end
|
167
155
|
end
|
168
156
|
end
|
data/lib/devise/routes.rb
CHANGED
@@ -19,7 +19,7 @@ module ActionController::Routing
|
|
19
19
|
# generate all needed routes for devise, based on what modules you have
|
20
20
|
# defined in your model.
|
21
21
|
# Examples: Let's say you have an User model configured to use
|
22
|
-
#
|
22
|
+
# authenticatable, confirmable and recoverable modules. After creating this
|
23
23
|
# inside your routes:
|
24
24
|
#
|
25
25
|
# map.devise_for :users
|
@@ -27,7 +27,7 @@ module ActionController::Routing
|
|
27
27
|
# this method is going to look inside your User model and create the
|
28
28
|
# needed routes:
|
29
29
|
#
|
30
|
-
# # Session routes for
|
30
|
+
# # Session routes for Authenticatable (default)
|
31
31
|
# new_user_session GET /users/sign_in {:controller=>"sessions", :action=>"new"}
|
32
32
|
# user_session POST /users/sign_in {:controller=>"sessions", :action=>"create"}
|
33
33
|
# destroy_user_session GET /users/sign_out {:controller=>"sessions", :action=>"destroy"}
|
@@ -69,7 +69,7 @@ module ActionController::Routing
|
|
69
69
|
mapping = Devise::Mapping.new(resource, options)
|
70
70
|
Devise.mappings[mapping.name] = mapping
|
71
71
|
|
72
|
-
if mapping.
|
72
|
+
if mapping.authenticatable?
|
73
73
|
with_options(:controller => 'sessions', :path_prefix => mapping.as) do |session|
|
74
74
|
session.send(:"new_#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'new', :conditions => { :method => :get })
|
75
75
|
session.send(:"#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'create', :conditions => { :method => :post })
|
@@ -2,7 +2,7 @@ module Devise
|
|
2
2
|
module Strategies
|
3
3
|
# Default strategy for signing in a user, based on his email and password.
|
4
4
|
# Redirects to sign_in page if it's not authenticated
|
5
|
-
class
|
5
|
+
class Authenticatable < Devise::Strategies::Base
|
6
6
|
|
7
7
|
# Authenticate a user based on email and password params, returning to warden
|
8
8
|
# success and the authenticated user if everything is okay. Otherwise redirect
|
@@ -43,4 +43,4 @@ module Devise
|
|
43
43
|
end
|
44
44
|
end
|
45
45
|
|
46
|
-
Warden::Strategies.add(:
|
46
|
+
Warden::Strategies.add(:authenticatable, Devise::Strategies::Authenticatable)
|
@@ -3,7 +3,7 @@ module Devise
|
|
3
3
|
# Remember the user through the remember token. This strategy is responsible
|
4
4
|
# to verify whether there is a cookie with the remember token, and to
|
5
5
|
# recreate the user from this cookie if it exists. Must be called *before*
|
6
|
-
#
|
6
|
+
# authenticatable.
|
7
7
|
class Rememberable < Devise::Strategies::Base
|
8
8
|
|
9
9
|
# A valid strategy for rememberable needs a remember token in the cookies.
|
data/lib/devise/version.rb
CHANGED
data/lib/devise/warden.rb
CHANGED
@@ -55,7 +55,7 @@ require 'devise/strategies/base'
|
|
55
55
|
# Adds Warden Manager to Rails middleware stack, configuring default devise
|
56
56
|
# strategy and also the controller who will manage not authenticated users.
|
57
57
|
Rails.configuration.middleware.use Warden::Manager do |manager|
|
58
|
-
manager.default_strategies :rememberable, :
|
58
|
+
manager.default_strategies :rememberable, :authenticatable
|
59
59
|
manager.failure_app = Devise::Failure
|
60
60
|
manager.silence_missing_strategies!
|
61
61
|
end
|
data/test/active_record_test.rb
CHANGED
@@ -31,7 +31,7 @@ end
|
|
31
31
|
class Configurable < User
|
32
32
|
devise :all, :stretches => 15,
|
33
33
|
:pepper => 'abcdef',
|
34
|
-
:
|
34
|
+
:confirm_within => 5.days,
|
35
35
|
:remember_for => 7.days
|
36
36
|
end
|
37
37
|
|
@@ -54,38 +54,38 @@ class ActiveRecordTest < ActiveSupport::TestCase
|
|
54
54
|
end
|
55
55
|
end
|
56
56
|
|
57
|
-
test 'include by default
|
58
|
-
assert_include_modules Authenticable, :
|
57
|
+
test 'include by default authenticatable only' do
|
58
|
+
assert_include_modules Authenticable, :authenticatable
|
59
59
|
assert_not_include_modules Authenticable, :confirmable, :recoverable, :rememberable, :validatable
|
60
60
|
end
|
61
61
|
|
62
62
|
test 'add confirmable module only' do
|
63
|
-
assert_include_modules Confirmable, :
|
63
|
+
assert_include_modules Confirmable, :authenticatable, :confirmable
|
64
64
|
assert_not_include_modules Confirmable, :recoverable, :rememberable, :validatable
|
65
65
|
end
|
66
66
|
|
67
67
|
test 'add recoverable module only' do
|
68
|
-
assert_include_modules Recoverable, :
|
68
|
+
assert_include_modules Recoverable, :authenticatable, :recoverable
|
69
69
|
assert_not_include_modules Recoverable, :confirmable, :rememberable, :validatable
|
70
70
|
end
|
71
71
|
|
72
72
|
test 'add rememberable module only' do
|
73
|
-
assert_include_modules Rememberable, :
|
73
|
+
assert_include_modules Rememberable, :authenticatable, :rememberable
|
74
74
|
assert_not_include_modules Rememberable, :confirmable, :recoverable, :validatable
|
75
75
|
end
|
76
76
|
|
77
77
|
test 'add validatable module only' do
|
78
|
-
assert_include_modules Validatable, :
|
78
|
+
assert_include_modules Validatable, :authenticatable, :validatable
|
79
79
|
assert_not_include_modules Validatable, :confirmable, :recoverable, :rememberable
|
80
80
|
end
|
81
81
|
|
82
82
|
test 'add all modules' do
|
83
83
|
assert_include_modules Devisable,
|
84
|
-
:
|
84
|
+
:authenticatable, :confirmable, :recoverable, :rememberable, :validatable
|
85
85
|
end
|
86
86
|
|
87
87
|
test 'configure modules with except option' do
|
88
|
-
assert_include_modules Exceptable, :
|
88
|
+
assert_include_modules Exceptable, :authenticatable, :confirmable
|
89
89
|
assert_not_include_modules Exceptable, :recoverable, :rememberable, :validatable
|
90
90
|
end
|
91
91
|
|
@@ -97,8 +97,8 @@ class ActiveRecordTest < ActiveSupport::TestCase
|
|
97
97
|
assert_equal 'abcdef', Configurable.new.pepper
|
98
98
|
end
|
99
99
|
|
100
|
-
test 'set a default value for
|
101
|
-
assert_equal 5.days, Configurable.new.
|
100
|
+
test 'set a default value for confirm_within' do
|
101
|
+
assert_equal 5.days, Configurable.new.confirm_within
|
102
102
|
end
|
103
103
|
|
104
104
|
test 'set a default value for remember_for' do
|
File without changes
|
@@ -59,7 +59,7 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
59
59
|
end
|
60
60
|
|
61
61
|
test 'not confirmed user and setup to block without confirmation should not be able to sign in' do
|
62
|
-
Devise.
|
62
|
+
Devise.confirm_within = 0
|
63
63
|
user = sign_in_as_user(:confirm => false)
|
64
64
|
|
65
65
|
assert_redirected_to new_user_session_path(:unconfirmed => true)
|
@@ -67,7 +67,7 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
67
67
|
end
|
68
68
|
|
69
69
|
test 'not confirmed user but configured with some days to confirm should be able to sign in' do
|
70
|
-
Devise.
|
70
|
+
Devise.confirm_within = 1
|
71
71
|
user = sign_in_as_user(:confirm => false)
|
72
72
|
|
73
73
|
assert_response :success
|
data/test/mapping_test.rb
CHANGED
@@ -57,13 +57,13 @@ class MapTest < ActiveSupport::TestCase
|
|
57
57
|
|
58
58
|
test 'magic predicates' do
|
59
59
|
mapping = Devise.mappings[:user]
|
60
|
-
assert mapping.
|
60
|
+
assert mapping.authenticatable?
|
61
61
|
assert mapping.confirmable?
|
62
62
|
assert mapping.recoverable?
|
63
63
|
assert mapping.rememberable?
|
64
64
|
|
65
65
|
mapping = Devise.mappings[:admin]
|
66
|
-
assert mapping.
|
66
|
+
assert mapping.authenticatable?
|
67
67
|
assert_not mapping.confirmable?
|
68
68
|
assert_not mapping.recoverable?
|
69
69
|
assert_not mapping.rememberable?
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'test/test_helper'
|
2
2
|
require 'digest/sha1'
|
3
3
|
|
4
|
-
class
|
4
|
+
class AuthenticatableTest < ActiveSupport::TestCase
|
5
5
|
|
6
6
|
def encrypt_password(user, pepper=nil, stretches=1)
|
7
7
|
user.class_eval { define_method(:stretches) { stretches } } if stretches
|
@@ -149,38 +149,23 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
149
149
|
end
|
150
150
|
end
|
151
151
|
|
152
|
-
test 'should resend email instructions
|
152
|
+
test 'should not resend email instructions if the user change his email' do
|
153
153
|
user = create_user
|
154
154
|
user.email = 'new_test@example.com'
|
155
|
-
assert_email_sent do
|
156
|
-
user.save!
|
157
|
-
end
|
158
|
-
end
|
159
|
-
|
160
|
-
test 'should not resend email instructions if the user is updated but the email is not' do
|
161
|
-
user = create_user
|
162
|
-
user.confirmed_at = Time.now
|
163
155
|
assert_email_not_sent do
|
164
156
|
user.save!
|
165
157
|
end
|
166
158
|
end
|
167
159
|
|
168
|
-
test 'should reset confirmation status when updating email' do
|
160
|
+
test 'should not reset confirmation status or token when updating email' do
|
169
161
|
user = create_user
|
170
|
-
assert_not user.confirmed?
|
171
162
|
user.confirm!
|
172
|
-
assert user.confirmed?
|
173
163
|
user.email = 'new_test@example.com'
|
174
164
|
user.save!
|
175
|
-
assert_not user.reload.confirmed?
|
176
|
-
end
|
177
165
|
|
178
|
-
|
179
|
-
user
|
180
|
-
|
181
|
-
user.email = 'new_test@example.com'
|
182
|
-
user.save!
|
183
|
-
assert_not_equal token, user.reload.confirmation_token
|
166
|
+
user.reload
|
167
|
+
assert user.confirmed?
|
168
|
+
assert_nil user.confirmation_token
|
184
169
|
end
|
185
170
|
|
186
171
|
test 'should not be able to send instructions if the user is already confirmed' do
|
@@ -194,20 +179,20 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
194
179
|
|
195
180
|
test 'confirm time should fallback to devise confirm in default configuration' do
|
196
181
|
begin
|
197
|
-
|
198
|
-
Devise.
|
182
|
+
confirm_within = Devise.confirm_within
|
183
|
+
Devise.confirm_within = 1.day
|
199
184
|
user = new_user
|
200
185
|
user.confirmation_sent_at = 2.days.ago
|
201
186
|
assert_not user.active?
|
202
|
-
Devise.
|
187
|
+
Devise.confirm_within = 3.days
|
203
188
|
assert user.active?
|
204
189
|
ensure
|
205
|
-
Devise.
|
190
|
+
Devise.confirm_within = confirm_within
|
206
191
|
end
|
207
192
|
end
|
208
193
|
|
209
194
|
test 'should be active when confirmation sent at is not overpast' do
|
210
|
-
Devise.
|
195
|
+
Devise.confirm_within = 5.days
|
211
196
|
user = create_user
|
212
197
|
user.confirmation_sent_at = 4.days.ago
|
213
198
|
assert user.active?
|
@@ -223,21 +208,21 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
223
208
|
end
|
224
209
|
|
225
210
|
test 'should not be active when confirmation was sent within the limit' do
|
226
|
-
Devise.
|
211
|
+
Devise.confirm_within = 5.days
|
227
212
|
user = create_user
|
228
213
|
user.confirmation_sent_at = 5.days.ago
|
229
214
|
assert_not user.active?
|
230
215
|
end
|
231
216
|
|
232
217
|
test 'should be active when confirm in is zero' do
|
233
|
-
Devise.
|
218
|
+
Devise.confirm_within = 0.days
|
234
219
|
user = create_user
|
235
220
|
user.confirmation_sent_at = Date.today
|
236
221
|
assert_not user.active?
|
237
222
|
end
|
238
223
|
|
239
224
|
test 'should not be active when confirmation was sent before confirm in time' do
|
240
|
-
Devise.
|
225
|
+
Devise.confirm_within = 4.days
|
241
226
|
user = create_user
|
242
227
|
user.confirmation_sent_at = 5.days.ago
|
243
228
|
assert_not user.active?
|
data/test/test_helper.rb
CHANGED
@@ -17,7 +17,7 @@ ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":me
|
|
17
17
|
ActiveRecord::Schema.define(:version => 1) do
|
18
18
|
[:users, :admins].each do |table|
|
19
19
|
create_table table do |t|
|
20
|
-
t.
|
20
|
+
t.authenticatable :null => table == :admins
|
21
21
|
|
22
22
|
if table == :users
|
23
23
|
t.confirmable
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- "Jos\xC3\xA9 Valim"
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2009-10-
|
13
|
+
date: 2009-10-30 00:00:00 -02:00
|
14
14
|
default_executable:
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
@@ -47,7 +47,6 @@ files:
|
|
47
47
|
- app/views/passwords/edit.html.erb
|
48
48
|
- app/views/passwords/new.html.erb
|
49
49
|
- app/views/sessions/new.html.erb
|
50
|
-
- config/locales/en.yml
|
51
50
|
- generators/devise/USAGE
|
52
51
|
- generators/devise/devise_generator.rb
|
53
52
|
- generators/devise/lib/route_devise.rb
|
@@ -65,15 +64,16 @@ files:
|
|
65
64
|
- lib/devise/failure.rb
|
66
65
|
- lib/devise/hooks/confirmable.rb
|
67
66
|
- lib/devise/hooks/rememberable.rb
|
67
|
+
- lib/devise/locales/en.yml
|
68
68
|
- lib/devise/mapping.rb
|
69
69
|
- lib/devise/migrations.rb
|
70
|
-
- lib/devise/models/
|
70
|
+
- lib/devise/models/authenticatable.rb
|
71
71
|
- lib/devise/models/confirmable.rb
|
72
72
|
- lib/devise/models/recoverable.rb
|
73
73
|
- lib/devise/models/rememberable.rb
|
74
74
|
- lib/devise/models/validatable.rb
|
75
75
|
- lib/devise/routes.rb
|
76
|
-
- lib/devise/strategies/
|
76
|
+
- lib/devise/strategies/authenticatable.rb
|
77
77
|
- lib/devise/strategies/base.rb
|
78
78
|
- lib/devise/strategies/rememberable.rb
|
79
79
|
- lib/devise/version.rb
|
@@ -127,13 +127,13 @@ test_files:
|
|
127
127
|
- test/controllers/url_helpers_test.rb
|
128
128
|
- test/controllers/helpers_test.rb
|
129
129
|
- test/controllers/filters_test.rb
|
130
|
-
- test/integration/
|
130
|
+
- test/integration/authenticatable_test.rb
|
131
131
|
- test/integration/rememberable_test.rb
|
132
132
|
- test/integration/recoverable_test.rb
|
133
133
|
- test/integration/confirmable_test.rb
|
134
134
|
- test/mailers/confirmation_instructions_test.rb
|
135
135
|
- test/mailers/reset_password_instructions_test.rb
|
136
|
-
- test/models/
|
136
|
+
- test/models/authenticatable_test.rb
|
137
137
|
- test/models/rememberable_test.rb
|
138
138
|
- test/models/recoverable_test.rb
|
139
139
|
- test/models/validatable_test.rb
|