devise 2.2.8 → 3.0.0.rc

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of devise might be problematic. Click here for more details.

Files changed (61) hide show
  1. checksums.yaml +7 -0
  2. data/.travis.yml +2 -17
  3. data/CHANGELOG.rdoc +4 -20
  4. data/Gemfile +3 -4
  5. data/Gemfile.lock +68 -64
  6. data/README.md +50 -30
  7. data/app/controllers/devise/confirmations_controller.rb +1 -2
  8. data/app/controllers/devise/passwords_controller.rb +1 -1
  9. data/app/controllers/devise/registrations_controller.rb +13 -6
  10. data/app/controllers/devise/sessions_controller.rb +5 -1
  11. data/app/controllers/devise/unlocks_controller.rb +1 -1
  12. data/app/controllers/devise_controller.rb +4 -21
  13. data/devise.gemspec +1 -1
  14. data/gemfiles/{Gemfile.rails-3.1.x → Gemfile.rails-3.2.x} +3 -7
  15. data/gemfiles/{Gemfile.rails-3.1.x.lock → Gemfile.rails-3.2.x.lock} +47 -58
  16. data/lib/devise.rb +8 -10
  17. data/lib/devise/controllers/helpers.rb +11 -0
  18. data/lib/devise/controllers/rememberable.rb +0 -1
  19. data/lib/devise/models/authenticatable.rb +0 -1
  20. data/lib/devise/models/confirmable.rb +5 -0
  21. data/lib/devise/parameter_sanitizer.rb +59 -0
  22. data/lib/devise/rails/warden_compat.rb +2 -9
  23. data/lib/devise/strategies/database_authenticatable.rb +3 -6
  24. data/lib/devise/version.rb +1 -1
  25. data/lib/generators/active_record/devise_generator.rb +1 -4
  26. data/lib/generators/templates/devise.rb +0 -6
  27. data/test/controllers/helpers_test.rb +1 -1
  28. data/test/controllers/internal_helpers_test.rb +13 -3
  29. data/test/controllers/passwords_controller_test.rb +1 -1
  30. data/test/generators/active_record_generator_test.rb +1 -3
  31. data/test/integration/authenticatable_test.rb +3 -17
  32. data/test/integration/http_authenticatable_test.rb +1 -1
  33. data/test/integration/recoverable_test.rb +11 -1
  34. data/test/integration/registerable_test.rb +8 -6
  35. data/test/integration/rememberable_test.rb +13 -15
  36. data/test/models/database_authenticatable_test.rb +0 -13
  37. data/test/models/validatable_test.rb +12 -2
  38. data/test/omniauth/url_helpers_test.rb +4 -1
  39. data/test/orm/active_record.rb +1 -0
  40. data/test/parameter_sanitizer_test.rb +51 -0
  41. data/test/rails_app/Rakefile +0 -4
  42. data/test/rails_app/app/mongoid/shim.rb +2 -3
  43. data/test/rails_app/bin/bundle +3 -0
  44. data/test/rails_app/bin/rails +4 -0
  45. data/test/rails_app/bin/rake +4 -0
  46. data/test/rails_app/config/application.rb +1 -2
  47. data/test/rails_app/config/boot.rb +3 -3
  48. data/test/rails_app/config/environment.rb +2 -2
  49. data/test/rails_app/config/environments/development.rb +23 -7
  50. data/test/rails_app/config/environments/production.rb +68 -17
  51. data/test/rails_app/config/environments/test.rb +18 -15
  52. data/test/rails_app/config/initializers/secret_token.rb +8 -2
  53. data/test/rails_app/config/initializers/session_store.rb +1 -0
  54. data/test/rails_app/config/routes.rb +1 -1
  55. data/test/rails_app/lib/shared_user.rb +0 -1
  56. data/test/routes_test.rb +22 -20
  57. data/test/test_helper.rb +7 -0
  58. data/test/test_models.rb +0 -1
  59. metadata +31 -27
  60. data/lib/devise/hooks/csrf_cleaner.rb +0 -5
  61. data/test/rails_app/script/rails +0 -10
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 24879e2076bf59ff1858c4127a2160531fc36db0
4
+ data.tar.gz: a2999767bbfb525a1c54dc89b28123cf0b1754a2
5
+ SHA512:
6
+ metadata.gz: 67c36076ebacd8fa889c34ad979d64f1559f88fda310c9ed485bc6b8cf9c8028249784042fa1cce4685050f2d8ae00fac648bc93272a9ae0aa2a5b37e589fd23
7
+ data.tar.gz: 34a6913c9ab6c546e8867d53b5573d606bf895cf194fe107375dc61dd5597635dd434bd92cb0095dfe51fd183b0f2310ee060b7eb6a27bb46bf3612522963f5a
@@ -1,28 +1,13 @@
1
1
  language: ruby
2
2
  script: "bundle exec rake test"
3
3
  rvm:
4
- - 1.8.7
5
- - 1.9.2
6
4
  - 1.9.3
5
+ - 2.0.0
7
6
  env:
8
7
  - DEVISE_ORM=mongoid
9
8
  - DEVISE_ORM=active_record
10
- matrix:
11
- exclude:
12
- - rvm: 1.8.7
13
- env: DEVISE_ORM=mongoid
14
- gemfile: Gemfile
15
- - rvm: 1.8.7
16
- env: DEVISE_ORM=mongoid
17
- gemfile: gemfiles/Gemfile.rails-3.1.x
18
- - rvm: 1.9.2
19
- env: DEVISE_ORM=mongoid
20
- gemfile: Gemfile
21
- - rvm: 1.9.2
22
- env: DEVISE_ORM=mongoid
23
- gemfile: gemfiles/Gemfile.rails-3.1.x
24
9
  gemfile:
25
- - gemfiles/Gemfile.rails-3.1.x
10
+ - gemfiles/Gemfile.rails-3.2.x
26
11
  - Gemfile
27
12
  services:
28
13
  - mongodb
@@ -1,24 +1,8 @@
1
- == 2.2.8
1
+ == 3.0.0.rc
2
2
 
3
- Security announcement: http://blog.plataformatec.com.br/2013/11/e-mail-enumeration-in-devise-in-paranoid-mode
4
-
5
- * bug fix
6
- * Avoid e-mail enumeration on sign in when in paranoid mode
7
-
8
- == 2.2.7
9
-
10
- * bug fix
11
- * Do not confirm account after reset password
12
-
13
- == 2.2.6
14
-
15
- * bug fix
16
- * Skip storage for cookies on unverified requests
17
-
18
- == 2.2.5
19
-
20
- * bug fix
21
- * Clean up CSRF token after authentication (by @homakov). Notice this change will clean up the CSRF Token after authentication (sign in, sign up, etc). So if you are using AJAX for such features, you will need to fetch a new CSRF token from the server.
3
+ * enhancements
4
+ * Rails 4 and Strong Parameters compatibility. (@carlosantoniodasilva, @josevalim, @latortuga, @lucasmazza, @nashby, @rafaelfranca, @spastorino)
5
+ * Drop support for Rails < 3.2 and Ruby < 1.9.3.
22
6
 
23
7
  == 2.2.4
24
8
 
data/Gemfile CHANGED
@@ -2,7 +2,7 @@ source "https://rubygems.org"
2
2
 
3
3
  gemspec
4
4
 
5
- gem "rails", "~> 3.2.6"
5
+ gem "rails", "~> 4.0.0.rc1"
6
6
  gem "omniauth", "~> 1.0.0"
7
7
  gem "omniauth-oauth2", "~> 1.0.0"
8
8
  gem "rdoc"
@@ -24,9 +24,8 @@ platforms :ruby do
24
24
  gem "sqlite3"
25
25
  end
26
26
 
27
-
28
- platforms :mri_19 do
27
+ platforms :mri_19, :mri_20 do
29
28
  group :mongoid do
30
- gem "mongoid", "~> 3.0"
29
+ gem "mongoid", github: "mongoid/mongoid", branch: "master"
31
30
  end
32
31
  end
@@ -1,53 +1,61 @@
1
+ GIT
2
+ remote: git://github.com/mongoid/mongoid.git
3
+ revision: fe7f43430580860db6d1d89cea27eda24ab60ab1
4
+ branch: master
5
+ specs:
6
+ mongoid (4.0.0)
7
+ activemodel (~> 4.0.0.rc1)
8
+ moped (~> 1.4.2)
9
+ origin (~> 1.0)
10
+ tzinfo (~> 0.3.22)
11
+
1
12
  PATH
2
13
  remote: .
3
14
  specs:
4
- devise (2.2.8)
15
+ devise (3.0.0.rc)
5
16
  bcrypt-ruby (~> 3.0)
6
17
  orm_adapter (~> 0.1)
7
- railties (~> 3.1)
18
+ railties (>= 3.2.6, < 5)
8
19
  warden (~> 1.2.1)
9
20
 
10
21
  GEM
11
22
  remote: https://rubygems.org/
12
23
  specs:
13
- actionmailer (3.2.13)
14
- actionpack (= 3.2.13)
24
+ actionmailer (4.0.0.rc1)
25
+ actionpack (= 4.0.0.rc1)
15
26
  mail (~> 2.5.3)
16
- actionpack (3.2.13)
17
- activemodel (= 3.2.13)
18
- activesupport (= 3.2.13)
19
- builder (~> 3.0.0)
27
+ actionpack (4.0.0.rc1)
28
+ activesupport (= 4.0.0.rc1)
29
+ builder (~> 3.1.0)
20
30
  erubis (~> 2.7.0)
21
- journey (~> 1.0.4)
22
- rack (~> 1.4.5)
23
- rack-cache (~> 1.2)
24
- rack-test (~> 0.6.1)
25
- sprockets (~> 2.2.1)
26
- activemodel (3.2.13)
27
- activesupport (= 3.2.13)
28
- builder (~> 3.0.0)
29
- activerecord (3.2.13)
30
- activemodel (= 3.2.13)
31
- activesupport (= 3.2.13)
32
- arel (~> 3.0.2)
33
- tzinfo (~> 0.3.29)
34
- activeresource (3.2.13)
35
- activemodel (= 3.2.13)
36
- activesupport (= 3.2.13)
37
- activesupport (3.2.13)
38
- i18n (= 0.6.1)
39
- multi_json (~> 1.0)
40
- arel (3.0.2)
41
- bcrypt-ruby (3.1.2)
42
- builder (3.0.4)
31
+ rack (~> 1.5.2)
32
+ rack-test (~> 0.6.2)
33
+ activemodel (4.0.0.rc1)
34
+ activesupport (= 4.0.0.rc1)
35
+ builder (~> 3.1.0)
36
+ activerecord (4.0.0.rc1)
37
+ activemodel (= 4.0.0.rc1)
38
+ activerecord-deprecated_finders (~> 1.0.2)
39
+ activesupport (= 4.0.0.rc1)
40
+ arel (~> 4.0.0)
41
+ activerecord-deprecated_finders (1.0.2)
42
+ activesupport (4.0.0.rc1)
43
+ i18n (~> 0.6, >= 0.6.4)
44
+ minitest (~> 4.2)
45
+ multi_json (~> 1.3)
46
+ thread_safe (~> 0.1)
47
+ tzinfo (~> 0.3.37)
48
+ arel (4.0.0)
49
+ atomic (1.1.8)
50
+ bcrypt-ruby (3.0.1)
51
+ builder (3.1.4)
43
52
  erubis (2.7.0)
44
53
  faraday (0.8.7)
45
54
  multipart-post (~> 1.1)
46
55
  hashie (1.2.0)
47
56
  hike (1.2.2)
48
57
  httpauth (0.2.0)
49
- i18n (0.6.1)
50
- journey (1.0.4)
58
+ i18n (0.6.4)
51
59
  json (1.7.7)
52
60
  jwt (0.1.8)
53
61
  multi_json (>= 1.5)
@@ -56,14 +64,10 @@ GEM
56
64
  mime-types (~> 1.16)
57
65
  treetop (~> 1.4.8)
58
66
  metaclass (0.0.1)
59
- mime-types (1.22)
67
+ mime-types (1.23)
68
+ minitest (4.7.4)
60
69
  mocha (0.13.3)
61
70
  metaclass (~> 0.0.1)
62
- mongoid (3.1.2)
63
- activemodel (~> 3.2)
64
- moped (~> 1.4.2)
65
- origin (~> 1.0)
66
- tzinfo (~> 0.3.22)
67
71
  moped (1.4.5)
68
72
  multi_json (1.7.2)
69
73
  multipart-post (1.2.0)
@@ -85,51 +89,51 @@ GEM
85
89
  omniauth-openid (1.0.1)
86
90
  omniauth (~> 1.0)
87
91
  rack-openid (~> 1.3.1)
88
- origin (1.0.11)
92
+ origin (1.1.0)
89
93
  orm_adapter (0.4.0)
90
94
  polyglot (0.3.3)
91
- rack (1.4.5)
92
- rack-cache (1.2)
93
- rack (>= 0.4)
95
+ rack (1.5.2)
94
96
  rack-openid (1.3.1)
95
97
  rack (>= 1.1.0)
96
98
  ruby-openid (>= 2.1.8)
97
- rack-ssl (1.3.3)
98
- rack
99
99
  rack-test (0.6.2)
100
100
  rack (>= 1.0)
101
- rails (3.2.13)
102
- actionmailer (= 3.2.13)
103
- actionpack (= 3.2.13)
104
- activerecord (= 3.2.13)
105
- activeresource (= 3.2.13)
106
- activesupport (= 3.2.13)
107
- bundler (~> 1.0)
108
- railties (= 3.2.13)
109
- railties (3.2.13)
110
- actionpack (= 3.2.13)
111
- activesupport (= 3.2.13)
112
- rack-ssl (~> 1.3.2)
101
+ rails (4.0.0.rc1)
102
+ actionmailer (= 4.0.0.rc1)
103
+ actionpack (= 4.0.0.rc1)
104
+ activerecord (= 4.0.0.rc1)
105
+ activesupport (= 4.0.0.rc1)
106
+ bundler (>= 1.3.0, < 2.0)
107
+ railties (= 4.0.0.rc1)
108
+ sprockets-rails (~> 2.0.0.rc4)
109
+ railties (4.0.0.rc1)
110
+ actionpack (= 4.0.0.rc1)
111
+ activesupport (= 4.0.0.rc1)
113
112
  rake (>= 0.8.7)
114
- rdoc (~> 3.4)
115
- thor (>= 0.14.6, < 2.0)
113
+ thor (>= 0.18.1, < 2.0)
116
114
  rake (10.0.4)
117
- rdoc (3.12.2)
115
+ rdoc (4.0.1)
118
116
  json (~> 1.4)
119
117
  ruby-openid (2.2.3)
120
- sprockets (2.2.2)
118
+ sprockets (2.9.3)
121
119
  hike (~> 1.2)
122
120
  multi_json (~> 1.0)
123
121
  rack (~> 1.0)
124
122
  tilt (~> 1.1, != 1.3.0)
123
+ sprockets-rails (2.0.0.rc4)
124
+ actionpack (>= 3.0)
125
+ activesupport (>= 3.0)
126
+ sprockets (~> 2.8)
125
127
  sqlite3 (1.3.7)
126
128
  thor (0.18.1)
127
- tilt (1.3.7)
129
+ thread_safe (0.1.0)
130
+ atomic
131
+ tilt (1.4.0)
128
132
  treetop (1.4.12)
129
133
  polyglot
130
134
  polyglot (>= 0.3.1)
131
135
  tzinfo (0.3.37)
132
- warden (1.2.3)
136
+ warden (1.2.1)
133
137
  rack (>= 1.0)
134
138
  webrat (0.7.3)
135
139
  nokogiri (>= 1.2.0)
@@ -145,12 +149,12 @@ DEPENDENCIES
145
149
  devise!
146
150
  jruby-openssl
147
151
  mocha (~> 0.13.1)
148
- mongoid (~> 3.0)
152
+ mongoid!
149
153
  omniauth (~> 1.0.0)
150
154
  omniauth-facebook
151
155
  omniauth-oauth2 (~> 1.0.0)
152
156
  omniauth-openid (~> 1.0.1)
153
- rails (~> 3.2.6)
157
+ rails (~> 4.0.0.rc1)
154
158
  rdoc
155
159
  sqlite3
156
160
  webrat (= 0.7.3)
data/README.md CHANGED
@@ -57,7 +57,7 @@ You can view the Devise documentation in RDoc format here:
57
57
 
58
58
  http://rubydoc.info/github/plataformatec/devise/master/frames
59
59
 
60
- If you need to use Devise with Rails 2.3, you can always run "gem server" from the command line after you install the gem to access the old documentation.
60
+ If you need to use Devise with previous versions of Rails, you can always run "gem server" from the command line after you install the gem to access the old documentation.
61
61
 
62
62
  ### Example applications
63
63
 
@@ -90,7 +90,7 @@ Once you have solidified your understanding of Rails and authentication mechanis
90
90
 
91
91
  ## Getting started
92
92
 
93
- Devise 2.0 works with Rails 3.1 onwards. You can add it to your Gemfile with:
93
+ Devise 3.0 works with Rails 3.2 onwards. You can add it to your Gemfile with:
94
94
 
95
95
  ```ruby
96
96
  gem 'devise'
@@ -143,7 +143,7 @@ user_session
143
143
  After signing in a user, confirming the account or updating the password, Devise will look for a scoped root path to redirect. Example: For a :user resource, it will use `user_root_path` if it exists, otherwise default `root_path` will be used. This means that you need to set the root inside your routes:
144
144
 
145
145
  ```ruby
146
- root :to => "home#index"
146
+ root to: "home#index"
147
147
  ```
148
148
 
149
149
  You can also overwrite `after_sign_in_path_for` and `after_sign_out_path_for` to customize your redirect hooks.
@@ -176,34 +176,31 @@ devise :database_authenticatable, :registerable, :confirmable, :recoverable, :st
176
176
 
177
177
  Besides :stretches, you can define :pepper, :encryptor, :confirm_within, :remember_for, :timeout_in, :unlock_in and other values. For details, see the initializer file that was created when you invoked the "devise:install" generator described above.
178
178
 
179
- ### Configuring multiple models
179
+ ### Strong Parameters
180
180
 
181
- Devise allows you to set up as many roles as you want. For example, you may have a User model and also want an Admin model with just authentication and timeoutable features. If so, just follow these steps:
181
+ When you customize your own views, you may end up adding new attributes to forms. Rails 4 moved the parameter sanitization from the model to the controller, causing Devise to handle this concern at the controller as well.
182
182
 
183
- ```ruby
184
- # Create a migration with the required fields
185
- create_table :admins do |t|
186
- t.string :email
187
- t.string :encrypted_password
188
- t.timestamps
189
- end
183
+ There are just three actions in Devise that allows any set of parameters to be passed down to the model, therefore requiring sanitization. Their names and the permited parameters by default are:
190
184
 
191
- # Inside your Admin model
192
- devise :database_authenticatable, :timeoutable
185
+ * `sign_in` (`Devise::SessionsController#new`) - Permits only the authentication keys (like `email`)
186
+ * `sign_up` (`Devise::RegistrationsController#create`) - Permits authentication keys plus `password` and `password_confirmation`
187
+ * `account_update` (`Devise::RegistrationsController#update`) - Permits authentication keys plus `password`, `password_confirmation` and `current_password`
193
188
 
194
- # Inside your routes
195
- devise_for :admins
189
+ In case you want to customize the permitted parameters (the lazy way™) you can do with a simple before filter in your `ApplicationController`:
196
190
 
197
- # Inside your protected controller
198
- before_filter :authenticate_admin!
191
+ ```ruby
192
+ class ApplicationController < ActionController::Base
193
+ before_filter :configure_permitted_parameters, if: :devise_controller?
199
194
 
200
- # Inside your controllers and views
201
- admin_signed_in?
202
- current_admin
203
- admin_session
195
+ protected
196
+
197
+ def configure_permitted_parameters
198
+ devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :email) }
199
+ end
200
+ end
204
201
  ```
205
202
 
206
- On the other hand, you can simply run the generator!
203
+ The example above overrides the permitted parameters for the user to be both `:username` and `:email`. The non-lazy way to configure parameters would be by defining the before filter above in a custom controller. We detail how to configure and customize controllers in some sections below.
207
204
 
208
205
  ### Configuring views
209
206
 
@@ -353,15 +350,40 @@ You can read more about Omniauth support in the wiki:
353
350
 
354
351
  * https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
355
352
 
356
- ### Other ORMs
353
+ ### Configuring multiple models
357
354
 
358
- Devise supports ActiveRecord (default) and Mongoid. To choose other ORM, you just need to require it in the initializer file.
355
+ Devise allows you to set up as many roles as you want. For example, you may have a User model and also want an Admin model with just authentication and timeoutable features. If so, just follow these steps:
359
356
 
360
- ### Migrating from other solutions
357
+ ```ruby
358
+ # Create a migration with the required fields
359
+ create_table :admins do |t|
360
+ t.string :email
361
+ t.string :encrypted_password
362
+ t.timestamps
363
+ end
364
+
365
+ # Inside your Admin model
366
+ devise :database_authenticatable, :timeoutable
367
+
368
+ # Inside your routes
369
+ devise_for :admins
370
+
371
+ # Inside your protected controller
372
+ before_filter :authenticate_admin!
361
373
 
362
- Devise implements encryption strategies for Clearance, Authlogic and Restful-Authentication. To make use of these strategies, you need set the desired encryptor in the encryptor initializer config option and add :encryptable to your model. You might also need to rename your encrypted password and salt columns to match Devise's fields (encrypted_password and password_salt).
374
+ # Inside your controllers and views
375
+ admin_signed_in?
376
+ current_admin
377
+ admin_session
378
+ ```
379
+
380
+ On the other hand, you can simply run the generator!
363
381
 
364
- ## Troubleshooting
382
+ ### Other ORMs
383
+
384
+ Devise supports ActiveRecord (default) and Mongoid. To choose other ORM, you just need to require it in the initializer file.
385
+
386
+ ## Additional information
365
387
 
366
388
  ### Heroku
367
389
 
@@ -373,8 +395,6 @@ config.assets.initialize_on_precompile = false
373
395
 
374
396
  Read more about the potential issues at http://guides.rubyonrails.org/asset_pipeline.html
375
397
 
376
- ## Additional information
377
-
378
398
  ### Warden
379
399
 
380
400
  Devise is based on Warden, which is a general Rack authentication framework created by Daniel Neighman. We encourage you to read more about Warden here:
@@ -1,7 +1,7 @@
1
1
  class Devise::ConfirmationsController < DeviseController
2
2
  # GET /resource/confirmation/new
3
3
  def new
4
- build_resource({})
4
+ self.resource = resource_class.new
5
5
  end
6
6
 
7
7
  # POST /resource/confirmation
@@ -39,5 +39,4 @@ class Devise::ConfirmationsController < DeviseController
39
39
  def after_confirmation_path_for(resource_name, resource)
40
40
  after_sign_in_path_for(resource)
41
41
  end
42
-
43
42
  end
@@ -5,7 +5,7 @@ class Devise::PasswordsController < DeviseController
5
5
 
6
6
  # GET /resource/password/new
7
7
  def new
8
- build_resource({})
8
+ self.resource = resource_class.new
9
9
  end
10
10
 
11
11
  # POST /resource/password
@@ -4,13 +4,13 @@ class Devise::RegistrationsController < DeviseController
4
4
 
5
5
  # GET /resource/sign_up
6
6
  def new
7
- resource = build_resource({})
8
- respond_with resource
7
+ build_resource({})
8
+ respond_with self.resource
9
9
  end
10
10
 
11
11
  # POST /resource
12
12
  def create
13
- build_resource
13
+ self.resource = build_resource(sign_up_params)
14
14
 
15
15
  if resource.save
16
16
  if resource.active_for_authentication?
@@ -40,7 +40,7 @@ class Devise::RegistrationsController < DeviseController
40
40
  self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
41
41
  prev_unconfirmed_email = resource.unconfirmed_email if resource.respond_to?(:unconfirmed_email)
42
42
 
43
- if resource.update_with_password(resource_params)
43
+ if resource.update_with_password(account_update_params)
44
44
  if is_navigational_format?
45
45
  flash_key = update_needs_confirmation?(resource, prev_unconfirmed_email) ?
46
46
  :update_needs_confirmation : :updated
@@ -83,8 +83,7 @@ class Devise::RegistrationsController < DeviseController
83
83
  # Build a devise resource passing in the session. Useful to move
84
84
  # temporary session data to the newly created user.
85
85
  def build_resource(hash=nil)
86
- hash ||= resource_params || {}
87
- self.resource = resource_class.new_with_session(hash, session)
86
+ self.resource = resource_class.new_with_session(hash || {}, session)
88
87
  end
89
88
 
90
89
  # Signs in a user on sign up. You can overwrite this method in your own
@@ -116,4 +115,12 @@ class Devise::RegistrationsController < DeviseController
116
115
  send(:"authenticate_#{resource_name}!", :force => true)
117
116
  self.resource = send(:"current_#{resource_name}")
118
117
  end
118
+
119
+ def sign_up_params
120
+ devise_parameter_sanitizer.for(:sign_up)
121
+ end
122
+
123
+ def account_update_params
124
+ devise_parameter_sanitizer.for(:account_update)
125
+ end
119
126
  end