devise 3.2.3 → 3.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: def6822e22bdfaf3e48e528c4ecf286adb289533
-  data.tar.gz: f9c08a292e3425f6d04c61d8f76b8c5de088b6f4
+  metadata.gz: 945f04d5e1eb0fba69bad2306ea35b688b5ac12c
+  data.tar.gz: 1352fa7a3ec0a5fb8501acb9ecb96f7d37c4ff3a
 SHA512:
-  metadata.gz: 9a39095ace12227203990507ff84b466e85c75e90b5a7c6cae9a71c7ccf560b0d3e851e393c0acacca3d0a258ac7d8dd82fd98e53cf81ab10664c4bfabd9a548
-  data.tar.gz: bc9e9a7f106e439152b5dd72fcd95701fcc64a12c776c8a9d6fb3b295bb89ed70aacf943089a3f3f20570fe3158f475e0a894edb8ee5fdc01beb84a6303778a6
+  metadata.gz: a1cfe4a64c28c012fd650941736ae8c5fe2a21e7ab7e86edf55adb26560b26951120a9bc03629d6195807ce0ef4efee938922d5c71bd7f1540f6b1b5bb897cfe
+  data.tar.gz: f4b0dd7e301e6ecd1f76f83deb5e790b17002726398946f38c6679e61d8f3022129791600b785876f1b7afba47968d7d381d1943ba68c56cf2863f8d66e534da

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 ### Unreleased
 
+### 3.2.4
+
+* enchancements
+  * `bcrypt` dependency updated due https://github.com/codahale/bcrypt-ruby/pull/86.
+  * View generator now can generate specific views with the `-v` flag, like `rails g devise:views -v sessions` (by @kayline)
+
 ### 3.2.3
 
 * enhancements
@@ -170,6 +176,16 @@ Security announcement: http://blog.plataformatec.com.br/2013/01/security-announc
   * `update_with_password` doesn't change encrypted password when it is invalid (by @nashby)
   * Properly handle namespaced models on Active Record generator (by @nashby)
 
+### 2.1.4
+
+* bugfix
+  * Do not confirm account after reset password
+
+### 2.1.3
+
+* bugfix
+  * Require string conversion for all values
+
 ### 2.1.2
 
 * enhancements

data/Gemfile

@@ -10,8 +10,8 @@ gem "rdoc"
 group :test do
   gem "omniauth-facebook"
   gem "omniauth-openid", "~> 1.0.1"
-  gem "webrat", "0.7.3", :require => false
-  gem "mocha", "~> 0.13.1", :require => false
+  gem "webrat", "0.7.3", require: false
+  gem "mocha", "~> 1.0.0", require: false
 end
 
 platforms :jruby do

data/Gemfile.lock

@@ -12,8 +12,8 @@ GIT
 PATH
   remote: .
   specs:
-    devise (3.2.3)
-      bcrypt-ruby (~> 3.0)
+    devise (3.2.4)
+      bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 3.2.6, < 5)
       thread_safe (~> 0.1)
@@ -48,7 +48,7 @@ GEM
       tzinfo (~> 0.3.37)
     arel (4.0.0)
     atomic (1.1.12)
-    bcrypt-ruby (3.1.2)
+    bcrypt (3.1.7)
     builder (3.1.4)
     erubis (2.7.0)
     faraday (0.8.8)
@@ -63,10 +63,10 @@ GEM
     mail (2.5.4)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
-    metaclass (0.0.1)
+    metaclass (0.0.4)
     mime-types (1.23)
     minitest (4.7.5)
-    mocha (0.13.3)
+    mocha (1.0.0)
       metaclass (~> 0.0.1)
     moped (1.5.1)
     multi_json (1.7.9)
@@ -148,7 +148,7 @@ DEPENDENCIES
   activerecord-jdbcsqlite3-adapter
   devise!
   jruby-openssl
-  mocha (~> 0.13.1)
+  mocha (~> 1.0.0)
   mongoid!
   omniauth (~> 1.0.0)
   omniauth-facebook

data/README.md

@@ -267,6 +267,13 @@ After doing so, you will be able to have views based on the role like `users/ses
 rails generate devise:views users
 ```
 
+If you want to generate only a few set of views, like the ones for the `registrable` and `confirmable` module,
+you can pass a list of modules to the generator with the `-v` flag.
+
+```console
+rails generate devise:views -v registrations confirmations
+```
+
 ### Configuring controllers
 
 If the customization at the views level is not enough, you can customize each controller by following these steps:

data/Rakefile

@@ -4,7 +4,7 @@ require 'rake/testtask'
 require 'rdoc/task'
 
 desc 'Default: run tests for all ORMs.'
-task :default => :test
+task default: :test
 
 desc 'Run Devise tests for all ORMs.'
 task :pre_commit do

data/app/controllers/devise/confirmations_controller.rb

@@ -10,7 +10,7 @@ class Devise::ConfirmationsController < DeviseController
     yield resource if block_given?
 
     if successfully_sent?(resource)
-      respond_with({}, :location => after_resending_confirmation_instructions_path_for(resource_name))
+      respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name))
     else
       respond_with(resource)
     end
@@ -25,7 +25,7 @@ class Devise::ConfirmationsController < DeviseController
       set_flash_message(:notice, :confirmed) if is_flashing_format?
       respond_with_navigational(resource){ redirect_to after_confirmation_path_for(resource_name, resource) }
     else
-      respond_with_navigational(resource.errors, :status => :unprocessable_entity){ render :new }
+      respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new }
     end
   end
 

data/app/controllers/devise/omniauth_callbacks_controller.rb

@@ -2,11 +2,11 @@ class Devise::OmniauthCallbacksController < DeviseController
   prepend_before_filter { request.env["devise.skip_timeout"] = true }
 
   def passthru
-    render :status => 404, :text => "Not found. Authentication passthru."
+    render status: 404, text: "Not found. Authentication passthru."
   end
 
   def failure
-    set_flash_message :alert, :failure, :kind => OmniAuth::Utils.camelize(failed_strategy.name), :reason => failure_message
+    set_flash_message :alert, :failure, kind: OmniAuth::Utils.camelize(failed_strategy.name), reason: failure_message
     redirect_to after_omniauth_failure_path_for(resource_name)
   end
 

data/app/controllers/devise/passwords_controller.rb

@@ -1,7 +1,7 @@
 class Devise::PasswordsController < DeviseController
   prepend_before_filter :require_no_authentication
   # Render the #edit only if coming from a reset password email link
-  append_before_filter :assert_reset_token_passed, :only => :edit
+  append_before_filter :assert_reset_token_passed, only: :edit
 
   # GET /resource/password/new
   def new
@@ -14,7 +14,7 @@ class Devise::PasswordsController < DeviseController
     yield resource if block_given?
 
     if successfully_sent?(resource)
-      respond_with({}, :location => after_sending_reset_password_instructions_path_for(resource_name))
+      respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name))
     else
       respond_with(resource)
     end
@@ -36,7 +36,7 @@ class Devise::PasswordsController < DeviseController
       flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
       set_flash_message(:notice, flash_message) if is_flashing_format?
       sign_in(resource_name, resource)
-      respond_with resource, :location => after_resetting_password_path_for(resource)
+      respond_with resource, location: after_resetting_password_path_for(resource)
     else
       respond_with resource
     end

data/app/controllers/devise/registrations_controller.rb

@@ -1,6 +1,6 @@
 class Devise::RegistrationsController < DeviseController
-  prepend_before_filter :require_no_authentication, :only => [ :new, :create, :cancel ]
-  prepend_before_filter :authenticate_scope!, :only => [:edit, :update, :destroy]
+  prepend_before_filter :require_no_authentication, only: [ :new, :create, :cancel ]
+  prepend_before_filter :authenticate_scope!, only: [:edit, :update, :destroy]
 
   # GET /resource/sign_up
   def new
@@ -17,11 +17,11 @@ class Devise::RegistrationsController < DeviseController
       if resource.active_for_authentication?
         set_flash_message :notice, :signed_up if is_flashing_format?
         sign_up(resource_name, resource)
-        respond_with resource, :location => after_sign_up_path_for(resource)
+        respond_with resource, location: after_sign_up_path_for(resource)
       else
         set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
         expire_data_after_sign_in!
-        respond_with resource, :location => after_inactive_sign_up_path_for(resource)
+        respond_with resource, location: after_inactive_sign_up_path_for(resource)
       end
     else
       clean_up_passwords resource
@@ -48,8 +48,8 @@ class Devise::RegistrationsController < DeviseController
           :update_needs_confirmation : :updated
         set_flash_message :notice, flash_key
       end
-      sign_in resource_name, resource, :bypass => true
-      respond_with resource, :location => after_update_path_for(resource)
+      sign_in resource_name, resource, bypass: true
+      respond_with resource, location: after_update_path_for(resource)
     else
       clean_up_passwords resource
       respond_with resource
@@ -121,7 +121,7 @@ class Devise::RegistrationsController < DeviseController
 
   # Authenticates the current scope and gets the current resource from the session.
   def authenticate_scope!
-    send(:"authenticate_#{resource_name}!", :force => true)
+    send(:"authenticate_#{resource_name}!", force: true)
     self.resource = send(:"current_#{resource_name}")
   end
 

data/app/controllers/devise/sessions_controller.rb

@@ -1,7 +1,7 @@
 class Devise::SessionsController < DeviseController
-  prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
-  prepend_before_filter :allow_params_authentication!, :only => :create
-  prepend_before_filter :only => [ :create, :destroy ] { request.env["devise.skip_timeout"] = true }
+  prepend_before_filter :require_no_authentication, only: [ :new, :create ]
+  prepend_before_filter :allow_params_authentication!, only: :create
+  prepend_before_filter only: [ :create, :destroy ] { request.env["devise.skip_timeout"] = true }
 
   # GET /resource/sign_in
   def new
@@ -16,7 +16,7 @@ class Devise::SessionsController < DeviseController
     set_flash_message(:notice, :signed_in) if is_flashing_format?
     sign_in(resource_name, resource)
     yield resource if block_given?
-    respond_with resource, :location => after_sign_in_path_for(resource)
+    respond_with resource, location: after_sign_in_path_for(resource)
   end
 
   # DELETE /resource/sign_out
@@ -44,10 +44,10 @@ class Devise::SessionsController < DeviseController
     methods = resource_class.authentication_keys.dup
     methods = methods.keys if methods.is_a?(Hash)
     methods << :password if resource.respond_to?(:password)
-    { :methods => methods, :only => [:password] }
+    { methods: methods, only: [:password] }
   end
 
   def auth_options
-    { :scope => resource_name, :recall => "#{controller_path}#new" }
+    { scope: resource_name, recall: "#{controller_path}#new" }
   end
 end

data/app/controllers/devise/unlocks_controller.rb

@@ -12,7 +12,7 @@ class Devise::UnlocksController < DeviseController
     yield resource if block_given?
 
     if successfully_sent?(resource)
-      respond_with({}, :location => after_sending_unlock_instructions_path_for(resource))
+      respond_with({}, location: after_sending_unlock_instructions_path_for(resource))
     else
       respond_with(resource)
     end
@@ -27,7 +27,7 @@ class Devise::UnlocksController < DeviseController
       set_flash_message :notice, :unlocked if is_flashing_format?
       respond_with_navigational(resource){ redirect_to after_unlock_path_for(resource) }
     else
-      respond_with_navigational(resource.errors, :status => :unprocessable_entity){ render :new }
+      respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new }
     end
   end
 

data/app/controllers/devise_controller.rb

@@ -30,7 +30,7 @@ class DeviseController < Devise.parent_controller.constantize
 
   # Returns a signed in resource from session (if one exists)
   def signed_in_resource
-    warden.authenticate(:scope => resource_name)
+    warden.authenticate(scope: resource_name)
   end
 
   # Attempt to find the mapped route for devise based on request path
@@ -92,14 +92,14 @@ MESSAGE
   # Helper for use in before_filters where no authentication is required.
   #
   # Example:
-  #   before_filter :require_no_authentication, :only => :new
+  #   before_filter :require_no_authentication, only: :new
   def require_no_authentication
     assert_is_devise_resource!
     return unless is_navigational_format?
     no_input = devise_mapping.no_input_strategies
 
     authenticated = if no_input.present?
-      args = no_input.dup.push :scope => resource_name
+      args = no_input.dup.push scope: resource_name
       warden.authenticate?(*args)
     else
       warden.authenticated?(resource_name)

data/app/helpers/devise_helper.rb

@@ -10,8 +10,8 @@ module DeviseHelper
 
     messages = resource.errors.full_messages.map { |msg| content_tag(:li, msg) }.join
     sentence = I18n.t("errors.messages.not_saved",
-                      :count => resource.errors.count,
-                      :resource => resource.class.model_name.human.downcase)
+                      count: resource.errors.count,
+                      resource: resource.class.model_name.human.downcase)
 
     html = <<-HTML
     <div id="error_explanation">

data/app/views/devise/confirmations/new.html.erb

@@ -1,10 +1,10 @@
 <h2>Resend confirmation instructions</h2>
 
-<%= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f| %>
+<%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
   <%= devise_error_messages! %>
 
   <div><%= f.label :email %><br />
-  <%= f.email_field :email, :autofocus => true %></div>
+  <%= f.email_field :email, autofocus: true %></div>
 
   <div><%= f.submit "Resend confirmation instructions" %></div>
 <% end %>

data/app/views/devise/mailer/confirmation_instructions.html.erb

@@ -2,4 +2,4 @@
 
 <p>You can confirm your account email through the link below:</p>
 
-<p><%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @token) %></p>
+<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>

data/app/views/devise/mailer/reset_password_instructions.html.erb

@@ -2,7 +2,7 @@
 
 <p>Someone has requested a link to change your password. You can do this through the link below.</p>
 
-<p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @token) %></p>
+<p><%= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token) %></p>
 
 <p>If you didn't request this, please ignore this email.</p>
 <p>Your password won't change until you access the link above and create a new one.</p>

data/app/views/devise/mailer/unlock_instructions.html.erb

@@ -4,4 +4,4 @@
 
 <p>Click the link below to unlock your account:</p>
 
-<p><%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @token) %></p>
+<p><%= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token) %></p>

data/app/views/devise/passwords/edit.html.erb

@@ -1,14 +1,14 @@
 <h2>Change your password</h2>
 
-<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
+<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f| %>
   <%= devise_error_messages! %>
   <%= f.hidden_field :reset_password_token %>
 
   <div><%= f.label :password, "New password" %><br />
-  <%= f.password_field :password, :autofocus => true %></div>
+    <%= f.password_field :password, autofocus: true, autocomplete: "off" %></div>
 
   <div><%= f.label :password_confirmation, "Confirm new password" %><br />
-  <%= f.password_field :password_confirmation %></div>
+    <%= f.password_field :password_confirmation, autocomplete: "off" %></div>
 
   <div><%= f.submit "Change my password" %></div>
 <% end %>

data/app/views/devise/passwords/new.html.erb

@@ -1,10 +1,10 @@
 <h2>Forgot your password?</h2>
 
-<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f| %>
+<%= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f| %>
   <%= devise_error_messages! %>
 
   <div><%= f.label :email %><br />
-  <%= f.email_field :email, :autofocus => true %></div>
+  <%= f.email_field :email, autofocus: true %></div>
 
   <div><%= f.submit "Send me reset password instructions" %></div>
 <% end %>

data/app/views/devise/registrations/edit.html.erb

@@ -1,29 +1,29 @@
 <h2>Edit <%= resource_name.to_s.humanize %></h2>
 
-<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
+<%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f| %>
   <%= devise_error_messages! %>
 
   <div><%= f.label :email %><br />
-  <%= f.email_field :email, :autofocus => true %></div>
+  <%= f.email_field :email, autofocus: true %></div>
 
   <% if devise_mapping.confirmable? && resource.pending_reconfirmation? %>
     <div>Currently waiting confirmation for: <%= resource.unconfirmed_email %></div>
   <% end %>
 
   <div><%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
-  <%= f.password_field :password, :autocomplete => "off" %></div>
+    <%= f.password_field :password, autocomplete: "off" %></div>
 
   <div><%= f.label :password_confirmation %><br />
-  <%= f.password_field :password_confirmation %></div>
+    <%= f.password_field :password_confirmation, autocomplete: "off" %></div>
 
   <div><%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
-  <%= f.password_field :current_password %></div>
+    <%= f.password_field :current_password, autocomplete: "off" %></div>
 
   <div><%= f.submit "Update" %></div>
 <% end %>
 
 <h3>Cancel my account</h3>
 
-<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), :data => { :confirm => "Are you sure?" }, :method => :delete %></p>
+<p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p>
 
 <%= link_to "Back", :back %>

data/app/views/devise/registrations/new.html.erb

@@ -1,16 +1,16 @@
 <h2>Sign up</h2>
 
-<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f| %>
+<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
   <%= devise_error_messages! %>
 
   <div><%= f.label :email %><br />
-  <%= f.email_field :email, :autofocus => true %></div>
+  <%= f.email_field :email, autofocus: true %></div>
 
   <div><%= f.label :password %><br />
-  <%= f.password_field :password %></div>
+    <%= f.password_field :password, autocomplete: "off" %></div>
 
   <div><%= f.label :password_confirmation %><br />
-  <%= f.password_field :password_confirmation %></div>
+    <%= f.password_field :password_confirmation, autocomplete: "off" %></div>
 
   <div><%= f.submit "Sign up" %></div>
 <% end %>

data/app/views/devise/sessions/new.html.erb

@@ -1,11 +1,11 @@
 <h2>Sign in</h2>
 
-<%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
+<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
   <div><%= f.label :email %><br />
-  <%= f.email_field :email, :autofocus => true %></div>
+  <%= f.email_field :email, autofocus: true %></div>
 
   <div><%= f.label :password %><br />
-  <%= f.password_field :password %></div>
+    <%= f.password_field :password, autocomplete: "off" %></div>
 
   <% if devise_mapping.rememberable? -%>
     <div><%= f.check_box :remember_me %> <%= f.label :remember_me %></div>