devise 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +9 -0
- data/README.rdoc +6 -2
- data/TODO +1 -2
- data/generators/devise/templates/model.rb +4 -3
- data/lib/devise.rb +2 -2
- data/lib/devise/models/authenticatable.rb +3 -9
- data/lib/devise/models/http_authenticatable.rb +21 -0
- data/lib/devise/models/token_authenticatable.rb +1 -1
- data/lib/devise/version.rb +1 -1
- data/test/rails_app/app/active_record/user.rb +1 -1
- data/test/rails_app/app/mongo_mapper/user.rb +3 -2
- metadata +3 -2
data/CHANGELOG.rdoc
CHANGED
data/README.rdoc
CHANGED
|
@@ -7,16 +7,18 @@ Devise is a flexible authentication solution for Rails based on Warden. It:
|
|
|
7
7
|
* Allows you to have multiple roles (or models/scopes) signed in at the same time;
|
|
8
8
|
* Is based on a modularity concept: use just what you really need.
|
|
9
9
|
|
|
10
|
-
Right now it's composed of
|
|
10
|
+
Right now it's composed of 12 modules:
|
|
11
11
|
|
|
12
12
|
* Authenticatable: responsible for encrypting password and validating authenticity of a user while signing in.
|
|
13
|
+
* Token Authenticatable: validates authenticity of a user while signing in using an authentication token (also known as "single access token").
|
|
14
|
+
* HttpAuthenticatable: sign in users using basic HTTP authentication.
|
|
13
15
|
* Confirmable: responsible for verifying whether an account is already confirmed to sign in, and to send emails with confirmation instructions.
|
|
14
16
|
* Recoverable: takes care of reseting the user password and send reset instructions.
|
|
15
17
|
* Registerable: handles signing up users through a registration process.
|
|
16
18
|
* Rememberable: manages generating and clearing token for remember the user from a saved cookie.
|
|
17
19
|
* Trackable: tracks sign in count, timestamps and ip.
|
|
18
|
-
* Validatable: creates all needed validations for email and password. It's totally optional, so you're able to to customize validations by yourself.
|
|
19
20
|
* Timeoutable: expires sessions without activity in a certain period of time.
|
|
21
|
+
* Validatable: creates all needed validations for email and password. It's totally optional, so you're able to to customize validations by yourself.
|
|
20
22
|
* Lockable: takes care of locking an account based on the number of failed sign in attempts. Handles unlock via expire and email.
|
|
21
23
|
* Activatable: if you need to activate accounts by other means, which are not through confirmation, use this module.
|
|
22
24
|
|
|
@@ -175,6 +177,8 @@ By default Devise will use the same views for all roles you have. But what if yo
|
|
|
175
177
|
|
|
176
178
|
After doing so you will be able to have views based on the scope like 'sessions/users/new' and 'sessions/admin/new'. If no view is found within the scope, Devise will fallback to the default view.
|
|
177
179
|
|
|
180
|
+
Devise uses flash messages to let users know if their login is successful or not. Devise expects your application to call 'flash[:notice]' and 'flash[:alert]' as appropriate.
|
|
181
|
+
|
|
178
182
|
== I18n
|
|
179
183
|
|
|
180
184
|
Devise uses flash messages with I18n with the flash keys :success and :failure. To customize your app, you can setup your locale file this way:
|
data/TODO
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
class <%= class_name %> < ActiveRecord::Base
|
|
2
|
-
# Include default devise modules.
|
|
3
|
-
#
|
|
4
|
-
devise :authenticatable, :confirmable, :recoverable,
|
|
2
|
+
# Include default devise modules. Others available are:
|
|
3
|
+
# :http_authenticatable, :token_authenticatable, :lockable, :timeoutable and :activatable
|
|
4
|
+
devise :registerable, :authenticatable, :confirmable, :recoverable,
|
|
5
|
+
:rememberable, :trackable, :validatable
|
|
5
6
|
|
|
6
7
|
# Setup accessible (or protected) attributes for your model
|
|
7
8
|
attr_accessible :email, :password, :password_confirmation
|
data/lib/devise.rb
CHANGED
|
@@ -13,7 +13,7 @@ module Devise
|
|
|
13
13
|
autoload :Base, 'devise/encryptors/base'
|
|
14
14
|
autoload :Bcrypt, 'devise/encryptors/bcrypt'
|
|
15
15
|
autoload :AuthlogicSha512, 'devise/encryptors/authlogic_sha512'
|
|
16
|
-
autoload :
|
|
16
|
+
autoload :ClearanceSha1, 'devise/encryptors/clearance_sha1'
|
|
17
17
|
autoload :RestfulAuthenticationSha1, 'devise/encryptors/restful_authentication_sha1'
|
|
18
18
|
autoload :Sha512, 'devise/encryptors/sha512'
|
|
19
19
|
autoload :Sha1, 'devise/encryptors/sha1'
|
|
@@ -28,7 +28,7 @@ module Devise
|
|
|
28
28
|
ALL = []
|
|
29
29
|
|
|
30
30
|
# Authentication ones first
|
|
31
|
-
ALL.push :authenticatable, :token_authenticatable, :rememberable
|
|
31
|
+
ALL.push :authenticatable, :http_authenticatable, :token_authenticatable, :rememberable
|
|
32
32
|
|
|
33
33
|
# Misc after
|
|
34
34
|
ALL.push :recoverable, :registerable, :validatable
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
require 'devise/strategies/authenticatable'
|
|
2
|
-
require 'devise/strategies/http_authenticatable'
|
|
3
2
|
|
|
4
3
|
module Devise
|
|
5
4
|
module Models
|
|
@@ -87,11 +86,12 @@ module Devise
|
|
|
87
86
|
|
|
88
87
|
params.delete(:password) if params[:password].blank?
|
|
89
88
|
params.delete(:password_confirmation) if params[:password_confirmation].blank?
|
|
89
|
+
current_password = params.delete(:current_password)
|
|
90
90
|
|
|
91
|
-
result = if valid_password?(
|
|
91
|
+
result = if valid_password?(current_password)
|
|
92
92
|
update_attributes(params)
|
|
93
93
|
else
|
|
94
|
-
message =
|
|
94
|
+
message = current_password.blank? ? :blank : :invalid
|
|
95
95
|
self.class.add_error_on(self, :current_password, message, false)
|
|
96
96
|
self.attributes = params
|
|
97
97
|
false
|
|
@@ -120,11 +120,6 @@ module Devise
|
|
|
120
120
|
resource if resource.try(:valid_for_authentication?, attributes)
|
|
121
121
|
end
|
|
122
122
|
|
|
123
|
-
# Authenticate an user using http.
|
|
124
|
-
def authenticate_with_http(username, password)
|
|
125
|
-
authenticate(authentication_keys.first => username, :password => password)
|
|
126
|
-
end
|
|
127
|
-
|
|
128
123
|
# Returns the class for the configured encryptor.
|
|
129
124
|
def encryptor_class
|
|
130
125
|
@encryptor_class ||= ::Devise::Encryptors.const_get(encryptor.to_s.classify)
|
|
@@ -145,7 +140,6 @@ module Devise
|
|
|
145
140
|
def find_for_authentication(conditions)
|
|
146
141
|
find(:first, :conditions => conditions)
|
|
147
142
|
end
|
|
148
|
-
|
|
149
143
|
end
|
|
150
144
|
end
|
|
151
145
|
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
require 'devise/strategies/http_authenticatable'
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Models
|
|
5
|
+
# Adds HttpAuthenticatable behavior to your model. It expects that your
|
|
6
|
+
# model class responds to authenticate and authentication_keys methods
|
|
7
|
+
# (which for example are defined in authenticatable).
|
|
8
|
+
module HttpAuthenticatable
|
|
9
|
+
def self.included(base)
|
|
10
|
+
base.extend ClassMethods
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
module ClassMethods
|
|
14
|
+
# Authenticate an user using http.
|
|
15
|
+
def authenticate_with_http(username, password)
|
|
16
|
+
authenticate(authentication_keys.first => username, :password => password)
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -3,7 +3,7 @@ require 'devise/strategies/token_authenticatable'
|
|
|
3
3
|
module Devise
|
|
4
4
|
module Models
|
|
5
5
|
# Token Authenticatable Module, responsible for generate authentication token and validating
|
|
6
|
-
# authenticity of a user while signing in using
|
|
6
|
+
# authenticity of a user while signing in using an authentication token (say follows an URL).
|
|
7
7
|
#
|
|
8
8
|
# == Configuration:
|
|
9
9
|
#
|
data/lib/devise/version.rb
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
class User < ActiveRecord::Base
|
|
2
|
-
devise :authenticatable, :confirmable, :lockable, :recoverable,
|
|
2
|
+
devise :authenticatable, :http_authenticatable, :confirmable, :lockable, :recoverable,
|
|
3
3
|
:registerable, :rememberable, :timeoutable, :token_authenticatable,
|
|
4
4
|
:trackable, :validatable
|
|
5
5
|
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
class User
|
|
2
2
|
include MongoMapper::Document
|
|
3
3
|
key :created_at, DateTime
|
|
4
|
-
devise :authenticatable, :
|
|
5
|
-
:validatable, :timeoutable, :lockable,
|
|
4
|
+
devise :authenticatable, :http_authenticatable, :confirmable, :recoverable,
|
|
5
|
+
:rememberable, :trackable, :validatable, :timeoutable, :lockable,
|
|
6
|
+
:token_authenticatable
|
|
6
7
|
# attr_accessible :username, :email, :password, :password_confirmation
|
|
7
8
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- "Jos\xC3\xA9 Valim"
|
|
@@ -10,7 +10,7 @@ autorequire:
|
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
12
|
|
|
13
|
-
date: 2010-02-
|
|
13
|
+
date: 2010-02-17 00:00:00 +01:00
|
|
14
14
|
default_executable:
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
@@ -89,6 +89,7 @@ files:
|
|
|
89
89
|
- lib/devise/models/activatable.rb
|
|
90
90
|
- lib/devise/models/authenticatable.rb
|
|
91
91
|
- lib/devise/models/confirmable.rb
|
|
92
|
+
- lib/devise/models/http_authenticatable.rb
|
|
92
93
|
- lib/devise/models/lockable.rb
|
|
93
94
|
- lib/devise/models/recoverable.rb
|
|
94
95
|
- lib/devise/models/registerable.rb
|