devise 1.0.2 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +6 -0
- data/Rakefile +2 -2
- data/app/views/devise_mailer/confirmation_instructions.html.erb +3 -3
- data/app/views/devise_mailer/reset_password_instructions.html.erb +5 -5
- data/app/views/devise_mailer/unlock_instructions.html.erb +4 -4
- data/lib/devise/orm/mongo_mapper.rb +4 -7
- data/lib/devise/strategies/http_authenticatable.rb +12 -2
- data/lib/devise/version.rb +1 -1
- data/{init.rb → rails/init.rb} +0 -0
- data/test/integration/http_authenticatable_test.rb +2 -0
- data/test/integration/rememberable_test.rb +8 -0
- metadata +4 -4
data/CHANGELOG.rdoc
CHANGED
data/Rakefile
CHANGED
|
@@ -43,8 +43,8 @@ begin
|
|
|
43
43
|
s.homepage = "http://github.com/plataformatec/devise"
|
|
44
44
|
s.description = "Flexible authentication solution for Rails with Warden"
|
|
45
45
|
s.authors = ['José Valim', 'Carlos Antônio']
|
|
46
|
-
s.files = FileList["[A-Z]*", "{app,config,generators,lib}/**/*", "init.rb"]
|
|
47
|
-
s.add_dependency("warden", "~> 0.9.
|
|
46
|
+
s.files = FileList["[A-Z]*", "{app,config,generators,lib}/**/*", "rails/init.rb"]
|
|
47
|
+
s.add_dependency("warden", "~> 0.9.4")
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
Jeweler::GemcutterTasks.new
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
Welcome <%= @resource.email
|
|
1
|
+
<p>Welcome <%= @resource.email %>!</p>
|
|
2
2
|
|
|
3
|
-
You can confirm your account through the link below
|
|
3
|
+
<p>You can confirm your account through the link below:</p>
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
<p><%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token) %></p>
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
Hello <%= @resource.email
|
|
1
|
+
<p>Hello <%= @resource.email %>!</p>
|
|
2
2
|
|
|
3
|
-
Someone has requested a link to change your password, and you can do this through the link below
|
|
3
|
+
<p>Someone has requested a link to change your password, and you can do this through the link below.</p>
|
|
4
4
|
|
|
5
|
-
|
|
5
|
+
<p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token) %></p>
|
|
6
6
|
|
|
7
|
-
If you didn't request this, please ignore this email
|
|
8
|
-
Your password won't change until you access the link above and create a new one
|
|
7
|
+
<p>If you didn't request this, please ignore this email.</p>
|
|
8
|
+
<p>Your password won't change until you access the link above and create a new one.</p>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
Hello <%= @resource.email
|
|
1
|
+
<p>Hello <%= @resource.email %>!</p>
|
|
2
2
|
|
|
3
|
-
Your account has been locked due to an excessive amount of unsuccessful sign in attempts
|
|
3
|
+
<p>Your account has been locked due to an excessive amount of unsuccessful sign in attempts.</p>
|
|
4
4
|
|
|
5
|
-
Click the link below to unlock your account
|
|
5
|
+
<p>Click the link below to unlock your account:</p>
|
|
6
6
|
|
|
7
|
-
|
|
7
|
+
<p><%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token) %></p>
|
|
@@ -22,14 +22,11 @@ module Devise
|
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
def find(*args)
|
|
25
|
-
options = args.extract_options!
|
|
26
25
|
case args.first
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
else
|
|
32
|
-
super
|
|
26
|
+
when :first, :all
|
|
27
|
+
send(args.shift, *args)
|
|
28
|
+
else
|
|
29
|
+
super
|
|
33
30
|
end
|
|
34
31
|
end
|
|
35
32
|
|
|
@@ -14,7 +14,7 @@ module Devise
|
|
|
14
14
|
if resource = mapping.to.authenticate_with_http(username, password)
|
|
15
15
|
success!(resource)
|
|
16
16
|
else
|
|
17
|
-
custom!([401, custom_headers, [
|
|
17
|
+
custom!([401, custom_headers, [response_body]])
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
|
|
@@ -24,6 +24,12 @@ module Devise
|
|
|
24
24
|
decode_credentials(request).split(/:/, 2)
|
|
25
25
|
end
|
|
26
26
|
|
|
27
|
+
def response_body
|
|
28
|
+
body = "HTTP Basic: Access denied."
|
|
29
|
+
method = :"to_#{request_format.to_sym}"
|
|
30
|
+
{}.respond_to?(method) ? { :error => body }.send(method) : body
|
|
31
|
+
end
|
|
32
|
+
|
|
27
33
|
def http_authentication
|
|
28
34
|
request.env['HTTP_AUTHORIZATION'] ||
|
|
29
35
|
request.env['X-HTTP_AUTHORIZATION'] ||
|
|
@@ -38,10 +44,14 @@ module Devise
|
|
|
38
44
|
|
|
39
45
|
def custom_headers
|
|
40
46
|
{
|
|
41
|
-
"Content-Type" =>
|
|
47
|
+
"Content-Type" => request_format.to_s,
|
|
42
48
|
"WWW-Authenticate" => %(Basic realm="#{Devise.http_authentication_realm.gsub(/"/, "")}")
|
|
43
49
|
}
|
|
44
50
|
end
|
|
51
|
+
|
|
52
|
+
def request_format
|
|
53
|
+
@request_format ||= Mime::Type.lookup_by_extension(request.template_format.to_s)
|
|
54
|
+
end
|
|
45
55
|
end
|
|
46
56
|
end
|
|
47
57
|
end
|
data/lib/devise/version.rb
CHANGED
data/{init.rb → rails/init.rb}
RENAMED
|
File without changes
|
|
@@ -20,6 +20,8 @@ class HttpAuthenticationTest < ActionController::IntegrationTest
|
|
|
20
20
|
sign_in_as_new_user_with_http("unknown", "123456", :xml)
|
|
21
21
|
assert_equal 401, status
|
|
22
22
|
assert_equal "application/xml", headers["Content-Type"]
|
|
23
|
+
# Cannot assert this due to a bug between integration tests and rack on 2.3
|
|
24
|
+
# assert response.body.include?("<error>HTTP Basic: Access denied.</error>")
|
|
23
25
|
end
|
|
24
26
|
|
|
25
27
|
test 'returns a custom response with www-authenticate and chosen realm' do
|
|
@@ -28,6 +28,14 @@ class RememberMeTest < ActionController::IntegrationTest
|
|
|
28
28
|
assert warden.user(:user) == user
|
|
29
29
|
end
|
|
30
30
|
|
|
31
|
+
test 'does not remember other scopes' do
|
|
32
|
+
user = create_user_and_remember
|
|
33
|
+
get root_path
|
|
34
|
+
assert_response :success
|
|
35
|
+
assert warden.authenticated?(:user)
|
|
36
|
+
assert_not warden.authenticated?(:admin)
|
|
37
|
+
end
|
|
38
|
+
|
|
31
39
|
test 'do not remember with invalid token' do
|
|
32
40
|
user = create_user_and_remember('add')
|
|
33
41
|
get users_path
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- "Jos\xC3\xA9 Valim"
|
|
@@ -10,7 +10,7 @@ autorequire:
|
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
12
|
|
|
13
|
-
date: 2010-02-
|
|
13
|
+
date: 2010-02-23 00:00:00 +01:00
|
|
14
14
|
default_executable:
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
@@ -21,7 +21,7 @@ dependencies:
|
|
|
21
21
|
requirements:
|
|
22
22
|
- - ~>
|
|
23
23
|
- !ruby/object:Gem::Version
|
|
24
|
-
version: 0.9.
|
|
24
|
+
version: 0.9.4
|
|
25
25
|
version:
|
|
26
26
|
description: Flexible authentication solution for Rails with Warden
|
|
27
27
|
email: contact@plataformatec.com.br
|
|
@@ -66,7 +66,6 @@ files:
|
|
|
66
66
|
- generators/devise_install/templates/devise.rb
|
|
67
67
|
- generators/devise_views/USAGE
|
|
68
68
|
- generators/devise_views/devise_views_generator.rb
|
|
69
|
-
- init.rb
|
|
70
69
|
- lib/devise.rb
|
|
71
70
|
- lib/devise/controllers/helpers.rb
|
|
72
71
|
- lib/devise/controllers/internal_helpers.rb
|
|
@@ -112,6 +111,7 @@ files:
|
|
|
112
111
|
- lib/devise/strategies/token_authenticatable.rb
|
|
113
112
|
- lib/devise/test_helpers.rb
|
|
114
113
|
- lib/devise/version.rb
|
|
114
|
+
- rails/init.rb
|
|
115
115
|
has_rdoc: true
|
|
116
116
|
homepage: http://github.com/plataformatec/devise
|
|
117
117
|
licenses: []
|