deviseOne 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (246) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +12 -0
  3. data/.travis.yml +38 -0
  4. data/.yardopts +9 -0
  5. data/CHANGELOG.md +1117 -0
  6. data/CONTRIBUTING.md +14 -0
  7. data/Gemfile +29 -0
  8. data/Gemfile.lock +199 -0
  9. data/MIT-LICENSE +20 -0
  10. data/README.md +529 -0
  11. data/Rakefile +35 -0
  12. data/app/controllers/devise/confirmations_controller.rb +47 -0
  13. data/app/controllers/devise/omniauth_callbacks_controller.rb +30 -0
  14. data/app/controllers/devise/passwords_controller.rb +71 -0
  15. data/app/controllers/devise/registrations_controller.rb +143 -0
  16. data/app/controllers/devise/sessions_controller.rb +166 -0
  17. data/app/controllers/devise/unlocks_controller.rb +46 -0
  18. data/app/controllers/devise_controller.rb +193 -0
  19. data/app/helpers/devise_helper.rb +25 -0
  20. data/app/mailers/devise/mailer.rb +20 -0
  21. data/app/views/devise/confirmations/new.html.erb +16 -0
  22. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  23. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  24. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  25. data/app/views/devise/passwords/edit.html.erb +25 -0
  26. data/app/views/devise/passwords/new.html.erb +16 -0
  27. data/app/views/devise/registrations/edit.html.erb +39 -0
  28. data/app/views/devise/registrations/new.html.erb +29 -0
  29. data/app/views/devise/sessions/new.html.erb +27 -0
  30. data/app/views/devise/shared/_links.html.erb +21 -0
  31. data/app/views/devise/unlocks/new.html.erb +16 -0
  32. data/config/locales/en.yml +70 -0
  33. data/devise.gemspec +33 -0
  34. data/devise.png +0 -0
  35. data/gemfiles/Gemfile.rails-3.2-stable +29 -0
  36. data/gemfiles/Gemfile.rails-3.2-stable.lock +169 -0
  37. data/gemfiles/Gemfile.rails-4.0-stable +29 -0
  38. data/gemfiles/Gemfile.rails-4.0-stable.lock +165 -0
  39. data/gemfiles/Gemfile.rails-4.1-stable +29 -0
  40. data/gemfiles/Gemfile.rails-4.1-stable.lock +170 -0
  41. data/lib/devise.rb +499 -0
  42. data/lib/devise/controllers/helpers.rb +284 -0
  43. data/lib/devise/controllers/rememberable.rb +47 -0
  44. data/lib/devise/controllers/scoped_views.rb +17 -0
  45. data/lib/devise/controllers/sign_in_out.rb +102 -0
  46. data/lib/devise/controllers/store_location.rb +58 -0
  47. data/lib/devise/controllers/url_helpers.rb +69 -0
  48. data/lib/devise/delegator.rb +16 -0
  49. data/lib/devise/failure_app.rb +212 -0
  50. data/lib/devise/hooks/activatable.rb +10 -0
  51. data/lib/devise/hooks/csrf_cleaner.rb +7 -0
  52. data/lib/devise/hooks/forgetable.rb +9 -0
  53. data/lib/devise/hooks/lockable.rb +7 -0
  54. data/lib/devise/hooks/proxy.rb +21 -0
  55. data/lib/devise/hooks/rememberable.rb +7 -0
  56. data/lib/devise/hooks/timeoutable.rb +35 -0
  57. data/lib/devise/hooks/trackable.rb +9 -0
  58. data/lib/devise/mailers/helpers.rb +90 -0
  59. data/lib/devise/mapping.rb +175 -0
  60. data/lib/devise/models.rb +119 -0
  61. data/lib/devise/models/authenticatable.rb +290 -0
  62. data/lib/devise/models/confirmable.rb +305 -0
  63. data/lib/devise/models/database_authenticatable.rb +164 -0
  64. data/lib/devise/models/lockable.rb +196 -0
  65. data/lib/devise/models/omniauthable.rb +27 -0
  66. data/lib/devise/models/recoverable.rb +157 -0
  67. data/lib/devise/models/registerable.rb +25 -0
  68. data/lib/devise/models/rememberable.rb +142 -0
  69. data/lib/devise/models/timeoutable.rb +49 -0
  70. data/lib/devise/models/trackable.rb +38 -0
  71. data/lib/devise/models/validatable.rb +66 -0
  72. data/lib/devise/modules.rb +28 -0
  73. data/lib/devise/omniauth.rb +28 -0
  74. data/lib/devise/omniauth/config.rb +45 -0
  75. data/lib/devise/omniauth/url_helpers.rb +18 -0
  76. data/lib/devise/orm/active_record.rb +3 -0
  77. data/lib/devise/orm/mongoid.rb +3 -0
  78. data/lib/devise/parameter_filter.rb +40 -0
  79. data/lib/devise/parameter_sanitizer.rb +99 -0
  80. data/lib/devise/rails.rb +56 -0
  81. data/lib/devise/rails/routes.rb +495 -0
  82. data/lib/devise/rails/warden_compat.rb +22 -0
  83. data/lib/devise/strategies/authenticatable.rb +173 -0
  84. data/lib/devise/strategies/base.rb +20 -0
  85. data/lib/devise/strategies/database_authenticatable.rb +24 -0
  86. data/lib/devise/strategies/rememberable.rb +59 -0
  87. data/lib/devise/test_helpers.rb +132 -0
  88. data/lib/devise/time_inflector.rb +14 -0
  89. data/lib/devise/token_generator.rb +70 -0
  90. data/lib/devise/version.rb +3 -0
  91. data/lib/generators/active_record/devise_generator.rb +91 -0
  92. data/lib/generators/active_record/templates/migration.rb +18 -0
  93. data/lib/generators/active_record/templates/migration_existing.rb +25 -0
  94. data/lib/generators/devise/controllers_generator.rb +44 -0
  95. data/lib/generators/devise/devise_generator.rb +26 -0
  96. data/lib/generators/devise/install_generator.rb +29 -0
  97. data/lib/generators/devise/orm_helpers.rb +51 -0
  98. data/lib/generators/devise/views_generator.rb +135 -0
  99. data/lib/generators/mongoid/devise_generator.rb +55 -0
  100. data/lib/generators/templates/README +35 -0
  101. data/lib/generators/templates/controllers/README +14 -0
  102. data/lib/generators/templates/controllers/confirmations_controller.rb +28 -0
  103. data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +28 -0
  104. data/lib/generators/templates/controllers/passwords_controller.rb +32 -0
  105. data/lib/generators/templates/controllers/registrations_controller.rb +60 -0
  106. data/lib/generators/templates/controllers/sessions_controller.rb +25 -0
  107. data/lib/generators/templates/controllers/unlocks_controller.rb +28 -0
  108. data/lib/generators/templates/devise.rb +263 -0
  109. data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
  110. data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
  111. data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
  112. data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +16 -0
  113. data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +19 -0
  114. data/lib/generators/templates/simple_form_for/passwords/new.html.erb +15 -0
  115. data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +27 -0
  116. data/lib/generators/templates/simple_form_for/registrations/new.html.erb +17 -0
  117. data/lib/generators/templates/simple_form_for/sessions/new.html.erb +15 -0
  118. data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +16 -0
  119. data/script/cached-bundle +49 -0
  120. data/script/s3-put +71 -0
  121. data/test/controllers/custom_registrations_controller_test.rb +35 -0
  122. data/test/controllers/custom_strategy_test.rb +62 -0
  123. data/test/controllers/helpers_test.rb +316 -0
  124. data/test/controllers/internal_helpers_test.rb +129 -0
  125. data/test/controllers/load_hooks_controller_test.rb +19 -0
  126. data/test/controllers/passwords_controller_test.rb +31 -0
  127. data/test/controllers/sessions_controller_test.rb +102 -0
  128. data/test/controllers/url_helpers_test.rb +65 -0
  129. data/test/delegator_test.rb +19 -0
  130. data/test/devise_test.rb +107 -0
  131. data/test/failure_app_test.rb +275 -0
  132. data/test/generators/active_record_generator_test.rb +109 -0
  133. data/test/generators/controllers_generator_test.rb +48 -0
  134. data/test/generators/devise_generator_test.rb +39 -0
  135. data/test/generators/install_generator_test.rb +13 -0
  136. data/test/generators/mongoid_generator_test.rb +23 -0
  137. data/test/generators/views_generator_test.rb +96 -0
  138. data/test/helpers/devise_helper_test.rb +49 -0
  139. data/test/integration/authenticatable_test.rb +731 -0
  140. data/test/integration/confirmable_test.rb +324 -0
  141. data/test/integration/database_authenticatable_test.rb +94 -0
  142. data/test/integration/http_authenticatable_test.rb +105 -0
  143. data/test/integration/lockable_test.rb +239 -0
  144. data/test/integration/omniauthable_test.rb +133 -0
  145. data/test/integration/recoverable_test.rb +334 -0
  146. data/test/integration/registerable_test.rb +361 -0
  147. data/test/integration/rememberable_test.rb +176 -0
  148. data/test/integration/timeoutable_test.rb +189 -0
  149. data/test/integration/trackable_test.rb +92 -0
  150. data/test/mailers/confirmation_instructions_test.rb +115 -0
  151. data/test/mailers/reset_password_instructions_test.rb +96 -0
  152. data/test/mailers/unlock_instructions_test.rb +91 -0
  153. data/test/mapping_test.rb +128 -0
  154. data/test/models/authenticatable_test.rb +23 -0
  155. data/test/models/confirmable_test.rb +461 -0
  156. data/test/models/database_authenticatable_test.rb +249 -0
  157. data/test/models/lockable_test.rb +328 -0
  158. data/test/models/omniauthable_test.rb +7 -0
  159. data/test/models/recoverable_test.rb +205 -0
  160. data/test/models/registerable_test.rb +7 -0
  161. data/test/models/rememberable_test.rb +198 -0
  162. data/test/models/serializable_test.rb +49 -0
  163. data/test/models/timeoutable_test.rb +51 -0
  164. data/test/models/trackable_test.rb +41 -0
  165. data/test/models/validatable_test.rb +127 -0
  166. data/test/models_test.rb +144 -0
  167. data/test/omniauth/config_test.rb +57 -0
  168. data/test/omniauth/url_helpers_test.rb +54 -0
  169. data/test/orm/active_record.rb +10 -0
  170. data/test/orm/mongoid.rb +13 -0
  171. data/test/parameter_sanitizer_test.rb +81 -0
  172. data/test/rails_app/Rakefile +6 -0
  173. data/test/rails_app/app/active_record/admin.rb +6 -0
  174. data/test/rails_app/app/active_record/shim.rb +2 -0
  175. data/test/rails_app/app/active_record/user.rb +6 -0
  176. data/test/rails_app/app/active_record/user_on_engine.rb +7 -0
  177. data/test/rails_app/app/active_record/user_on_main_app.rb +7 -0
  178. data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
  179. data/test/rails_app/app/controllers/admins_controller.rb +11 -0
  180. data/test/rails_app/app/controllers/application_controller.rb +12 -0
  181. data/test/rails_app/app/controllers/application_with_fake_engine.rb +30 -0
  182. data/test/rails_app/app/controllers/custom/registrations_controller.rb +21 -0
  183. data/test/rails_app/app/controllers/home_controller.rb +25 -0
  184. data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
  185. data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
  186. data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +14 -0
  187. data/test/rails_app/app/controllers/users_controller.rb +31 -0
  188. data/test/rails_app/app/helpers/application_helper.rb +3 -0
  189. data/test/rails_app/app/mailers/users/from_proc_mailer.rb +3 -0
  190. data/test/rails_app/app/mailers/users/mailer.rb +3 -0
  191. data/test/rails_app/app/mailers/users/reply_to_mailer.rb +4 -0
  192. data/test/rails_app/app/mongoid/admin.rb +29 -0
  193. data/test/rails_app/app/mongoid/shim.rb +23 -0
  194. data/test/rails_app/app/mongoid/user.rb +39 -0
  195. data/test/rails_app/app/mongoid/user_on_engine.rb +39 -0
  196. data/test/rails_app/app/mongoid/user_on_main_app.rb +39 -0
  197. data/test/rails_app/app/views/admins/index.html.erb +1 -0
  198. data/test/rails_app/app/views/admins/sessions/new.html.erb +2 -0
  199. data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -0
  200. data/test/rails_app/app/views/home/index.html.erb +1 -0
  201. data/test/rails_app/app/views/home/join.html.erb +1 -0
  202. data/test/rails_app/app/views/home/private.html.erb +1 -0
  203. data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -0
  204. data/test/rails_app/app/views/layouts/application.html.erb +24 -0
  205. data/test/rails_app/app/views/users/edit_form.html.erb +1 -0
  206. data/test/rails_app/app/views/users/index.html.erb +1 -0
  207. data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +1 -0
  208. data/test/rails_app/app/views/users/sessions/new.html.erb +1 -0
  209. data/test/rails_app/bin/bundle +3 -0
  210. data/test/rails_app/bin/rails +4 -0
  211. data/test/rails_app/bin/rake +4 -0
  212. data/test/rails_app/config.ru +4 -0
  213. data/test/rails_app/config/application.rb +40 -0
  214. data/test/rails_app/config/boot.rb +14 -0
  215. data/test/rails_app/config/database.yml +18 -0
  216. data/test/rails_app/config/environment.rb +5 -0
  217. data/test/rails_app/config/environments/development.rb +30 -0
  218. data/test/rails_app/config/environments/production.rb +80 -0
  219. data/test/rails_app/config/environments/test.rb +36 -0
  220. data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
  221. data/test/rails_app/config/initializers/devise.rb +180 -0
  222. data/test/rails_app/config/initializers/inflections.rb +2 -0
  223. data/test/rails_app/config/initializers/secret_token.rb +8 -0
  224. data/test/rails_app/config/initializers/session_store.rb +1 -0
  225. data/test/rails_app/config/routes.rb +122 -0
  226. data/test/rails_app/db/migrate/20100401102949_create_tables.rb +71 -0
  227. data/test/rails_app/db/schema.rb +55 -0
  228. data/test/rails_app/lib/shared_admin.rb +17 -0
  229. data/test/rails_app/lib/shared_user.rb +29 -0
  230. data/test/rails_app/lib/shared_user_without_omniauth.rb +13 -0
  231. data/test/rails_app/public/404.html +26 -0
  232. data/test/rails_app/public/422.html +26 -0
  233. data/test/rails_app/public/500.html +26 -0
  234. data/test/rails_app/public/favicon.ico +0 -0
  235. data/test/routes_test.rb +264 -0
  236. data/test/support/action_controller/record_identifier.rb +10 -0
  237. data/test/support/assertions.rb +39 -0
  238. data/test/support/helpers.rb +73 -0
  239. data/test/support/integration.rb +92 -0
  240. data/test/support/locale/en.yml +8 -0
  241. data/test/support/mongoid.yml +6 -0
  242. data/test/support/webrat/integrations/rails.rb +24 -0
  243. data/test/test_helper.rb +34 -0
  244. data/test/test_helpers_test.rb +163 -0
  245. data/test/test_models.rb +33 -0
  246. metadata +531 -0
@@ -0,0 +1,495 @@
1
+ require "active_support/core_ext/object/try"
2
+ require "active_support/core_ext/hash/slice"
3
+
4
+ module ActionDispatch::Routing
5
+ class RouteSet #:nodoc:
6
+ # Ensure Devise modules are included only after loading routes, because we
7
+ # need devise_for mappings already declared to create filters and helpers.
8
+ def finalize_with_devise!
9
+ result = finalize_without_devise!
10
+
11
+ @devise_finalized ||= begin
12
+ if Devise.router_name.nil? && defined?(@devise_finalized) && self != Rails.application.try(:routes)
13
+ warn "[DEVISE] We have detected that you are using devise_for inside engine routes. " \
14
+ "In this case, you probably want to set Devise.router_name = MOUNT_POINT, where " \
15
+ "MOUNT_POINT is a symbol representing where this engine will be mounted at. For " \
16
+ "now Devise will default the mount point to :main_app. You can explicitly set it" \
17
+ " to :main_app as well in case you want to keep the current behavior."
18
+ end
19
+
20
+ Devise.configure_warden!
21
+ Devise.regenerate_helpers!
22
+ true
23
+ end
24
+
25
+ result
26
+ end
27
+ alias_method_chain :finalize!, :devise
28
+ end
29
+
30
+ class Mapper
31
+ # Includes devise_for method for routes. This method is responsible to
32
+ # generate all needed routes for devise, based on what modules you have
33
+ # defined in your model.
34
+ #
35
+ # ==== Examples
36
+ #
37
+ # Let's say you have an User model configured to use authenticatable,
38
+ # confirmable and recoverable modules. After creating this inside your routes:
39
+ #
40
+ # devise_for :users
41
+ #
42
+ # This method is going to look inside your User model and create the
43
+ # needed routes:
44
+ #
45
+ # # Session routes for Authenticatable (default)
46
+ # new_user_session GET /users/sign_in {controller:"devise/sessions", action:"new"}
47
+ # user_session POST /users/sign_in {controller:"devise/sessions", action:"create"}
48
+ # destroy_user_session DELETE /users/sign_out {controller:"devise/sessions", action:"destroy"}
49
+ #
50
+ # # Password routes for Recoverable, if User model has :recoverable configured
51
+ # new_user_password GET /users/password/new(.:format) {controller:"devise/passwords", action:"new"}
52
+ # edit_user_password GET /users/password/edit(.:format) {controller:"devise/passwords", action:"edit"}
53
+ # user_password PUT /users/password(.:format) {controller:"devise/passwords", action:"update"}
54
+ # POST /users/password(.:format) {controller:"devise/passwords", action:"create"}
55
+ #
56
+ # # Confirmation routes for Confirmable, if User model has :confirmable configured
57
+ # new_user_confirmation GET /users/confirmation/new(.:format) {controller:"devise/confirmations", action:"new"}
58
+ # user_confirmation GET /users/confirmation(.:format) {controller:"devise/confirmations", action:"show"}
59
+ # POST /users/confirmation(.:format) {controller:"devise/confirmations", action:"create"}
60
+ #
61
+ # ==== Routes integration
62
+ #
63
+ # +devise_for+ is meant to play nicely with other routes methods. For example,
64
+ # by calling +devise_for+ inside a namespace, it automatically nests your devise
65
+ # controllers:
66
+ #
67
+ # namespace :publisher do
68
+ # devise_for :account
69
+ # end
70
+ #
71
+ # The snippet above will use publisher/sessions controller instead of devise/sessions
72
+ # controller. You can revert this change or configure it directly by passing the :module
73
+ # option described below to +devise_for+.
74
+ #
75
+ # Also note that when you use a namespace it will affect all the helpers and methods
76
+ # for controllers and views. For example, using the above setup you'll end with
77
+ # following methods: current_publisher_account, authenticate_publisher_account!,
78
+ # publisher_account_signed_in, etc.
79
+ #
80
+ # The only aspect not affect by the router configuration is the model name. The
81
+ # model name can be explicitly set via the :class_name option.
82
+ #
83
+ # ==== Options
84
+ #
85
+ # You can configure your routes with some options:
86
+ #
87
+ # * class_name: setup a different class to be looked up by devise, if it cannot be
88
+ # properly found by the route name.
89
+ #
90
+ # devise_for :users, class_name: 'Account'
91
+ #
92
+ # * path: allows you to setup path name that will be used, as rails routes does.
93
+ # The following route configuration would setup your route as /accounts instead of /users:
94
+ #
95
+ # devise_for :users, path: 'accounts'
96
+ #
97
+ # * singular: setup the singular name for the given resource. This is used as the instance variable
98
+ # name in controller, as the name in routes and the scope given to warden.
99
+ #
100
+ # devise_for :users, singular: :user
101
+ #
102
+ # * path_names: configure different path names to overwrite defaults :sign_in, :sign_out, :sign_up,
103
+ # :password, :confirmation, :unlock.
104
+ #
105
+ # devise_for :users, path_names: {
106
+ # sign_in: 'login', sign_out: 'logout',
107
+ # password: 'secret', confirmation: 'verification',
108
+ # registration: 'register', edit: 'edit/profile'
109
+ # }
110
+ #
111
+ # * controllers: the controller which should be used. All routes by default points to Devise controllers.
112
+ # However, if you want them to point to custom controller, you should do:
113
+ #
114
+ # devise_for :users, controllers: { sessions: "users/sessions" }
115
+ #
116
+ # * failure_app: a rack app which is invoked whenever there is a failure. Strings representing a given
117
+ # are also allowed as parameter.
118
+ #
119
+ # * sign_out_via: the HTTP method(s) accepted for the :sign_out action (default: :get),
120
+ # if you wish to restrict this to accept only :post or :delete requests you should do:
121
+ #
122
+ # devise_for :users, sign_out_via: [ :post, :delete ]
123
+ #
124
+ # You need to make sure that your sign_out controls trigger a request with a matching HTTP method.
125
+ #
126
+ # * module: the namespace to find controllers (default: "devise", thus
127
+ # accessing devise/sessions, devise/registrations, and so on). If you want
128
+ # to namespace all at once, use module:
129
+ #
130
+ # devise_for :users, module: "users"
131
+ #
132
+ # * skip: tell which controller you want to skip routes from being created.
133
+ # It accepts :all as an option, meaning it will not generate any route at all:
134
+ #
135
+ # devise_for :users, skip: :sessions
136
+ #
137
+ # * only: the opposite of :skip, tell which controllers only to generate routes to:
138
+ #
139
+ # devise_for :users, only: :sessions
140
+ #
141
+ # * skip_helpers: skip generating Devise url helpers like new_session_path(@user).
142
+ # This is useful to avoid conflicts with previous routes and is false by default.
143
+ # It accepts true as option, meaning it will skip all the helpers for the controllers
144
+ # given in :skip but it also accepts specific helpers to be skipped:
145
+ #
146
+ # devise_for :users, skip: [:registrations, :confirmations], skip_helpers: true
147
+ # devise_for :users, skip_helpers: [:registrations, :confirmations]
148
+ #
149
+ # * format: include "(.:format)" in the generated routes? true by default, set to false to disable:
150
+ #
151
+ # devise_for :users, format: false
152
+ #
153
+ # * constraints: works the same as Rails' constraints
154
+ #
155
+ # * defaults: works the same as Rails' defaults
156
+ #
157
+ # * router_name: allows application level router name to be overwritten for the current scope
158
+ #
159
+ # ==== Scoping
160
+ #
161
+ # Following Rails 3 routes DSL, you can nest devise_for calls inside a scope:
162
+ #
163
+ # scope "/my" do
164
+ # devise_for :users
165
+ # end
166
+ #
167
+ # However, since Devise uses the request path to retrieve the current user,
168
+ # this has one caveat: If you are using a dynamic segment, like so ...
169
+ #
170
+ # scope ":locale" do
171
+ # devise_for :users
172
+ # end
173
+ #
174
+ # you are required to configure default_url_options in your
175
+ # ApplicationController class, so Devise can pick it:
176
+ #
177
+ # class ApplicationController < ActionController::Base
178
+ # def self.default_url_options
179
+ # { locale: I18n.locale }
180
+ # end
181
+ # end
182
+ #
183
+ # ==== Adding custom actions to override controllers
184
+ #
185
+ # You can pass a block to devise_for that will add any routes defined in the block to Devise's
186
+ # list of known actions. This is important if you add a custom action to a controller that
187
+ # overrides an out of the box Devise controller.
188
+ # For example:
189
+ #
190
+ # class RegistrationsController < Devise::RegistrationsController
191
+ # def update
192
+ # # do something different here
193
+ # end
194
+ #
195
+ # def deactivate
196
+ # # not a standard action
197
+ # # deactivate code here
198
+ # end
199
+ # end
200
+ #
201
+ # In order to get Devise to recognize the deactivate action, your devise_scope entry should look like this:
202
+ #
203
+ # devise_scope :owner do
204
+ # post "deactivate", to: "registrations#deactivate", as: "deactivate_registration"
205
+ # end
206
+ #
207
+ def devise_for(*resources)
208
+ @devise_finalized = false
209
+ raise_no_secret_key unless Devise.secret_key
210
+ options = resources.extract_options!
211
+
212
+ options[:as] ||= @scope[:as] if @scope[:as].present?
213
+ options[:module] ||= @scope[:module] if @scope[:module].present?
214
+ options[:path_prefix] ||= @scope[:path] if @scope[:path].present?
215
+ options[:path_names] = (@scope[:path_names] || {}).merge(options[:path_names] || {})
216
+ options[:constraints] = (@scope[:constraints] || {}).merge(options[:constraints] || {})
217
+ options[:defaults] = (@scope[:defaults] || {}).merge(options[:defaults] || {})
218
+ options[:options] = @scope[:options] || {}
219
+ options[:options][:format] = false if options[:format] == false
220
+
221
+ resources.map!(&:to_sym)
222
+
223
+ resources.each do |resource|
224
+ mapping = Devise.add_mapping(resource, options)
225
+
226
+ begin
227
+ raise_no_devise_method_error!(mapping.class_name) unless mapping.to.respond_to?(:devise)
228
+ rescue NameError => e
229
+ raise unless mapping.class_name == resource.to_s.classify
230
+ warn "[WARNING] You provided devise_for #{resource.inspect} but there is " \
231
+ "no model #{mapping.class_name} defined in your application"
232
+ next
233
+ rescue NoMethodError => e
234
+ raise unless e.message.include?("undefined method `devise'")
235
+ raise_no_devise_method_error!(mapping.class_name)
236
+ end
237
+
238
+ if options[:controllers] && options[:controllers][:omniauth_callbacks]
239
+ unless mapping.omniauthable?
240
+ raise ArgumentError, "Mapping omniauth_callbacks on a resource that is not omniauthable\n" \
241
+ "Please add `devise :omniauthable` to the `#{mapping.class_name}` model"
242
+ end
243
+ end
244
+
245
+ routes = mapping.used_routes
246
+
247
+ devise_scope mapping.name do
248
+ with_devise_exclusive_scope mapping.fullpath, mapping.name, options do
249
+ routes.each { |mod| send("devise_#{mod}", mapping, mapping.controllers) }
250
+ end
251
+ end
252
+ end
253
+ end
254
+
255
+ # Allow you to add authentication request from the router.
256
+ # Takes an optional scope and block to provide constraints
257
+ # on the model instance itself.
258
+ #
259
+ # authenticate do
260
+ # resources :post
261
+ # end
262
+ #
263
+ # authenticate(:admin) do
264
+ # resources :users
265
+ # end
266
+ #
267
+ # authenticate :user, lambda {|u| u.role == "admin"} do
268
+ # root to: "admin/dashboard#show", as: :user_root
269
+ # end
270
+ #
271
+ def authenticate(scope=nil, block=nil)
272
+ constraints_for(:authenticate!, scope, block) do
273
+ yield
274
+ end
275
+ end
276
+
277
+ # Allow you to route based on whether a scope is authenticated. You
278
+ # can optionally specify which scope and a block. The block accepts
279
+ # a model and allows extra constraints to be done on the instance.
280
+ #
281
+ # authenticated :admin do
282
+ # root to: 'admin/dashboard#show', as: :admin_root
283
+ # end
284
+ #
285
+ # authenticated do
286
+ # root to: 'dashboard#show', as: :authenticated_root
287
+ # end
288
+ #
289
+ # authenticated :user, lambda {|u| u.role == "admin"} do
290
+ # root to: "admin/dashboard#show", as: :user_root
291
+ # end
292
+ #
293
+ # root to: 'landing#show'
294
+ #
295
+ def authenticated(scope=nil, block=nil)
296
+ constraints_for(:authenticate?, scope, block) do
297
+ yield
298
+ end
299
+ end
300
+
301
+ # Allow you to route based on whether a scope is *not* authenticated.
302
+ # You can optionally specify which scope.
303
+ #
304
+ # unauthenticated do
305
+ # as :user do
306
+ # root to: 'devise/registrations#new'
307
+ # end
308
+ # end
309
+ #
310
+ # root to: 'dashboard#show'
311
+ #
312
+ def unauthenticated(scope=nil)
313
+ constraint = lambda do |request|
314
+ not request.env["warden"].authenticate? scope: scope
315
+ end
316
+
317
+ constraints(constraint) do
318
+ yield
319
+ end
320
+ end
321
+
322
+ # Sets the devise scope to be used in the controller. If you have custom routes,
323
+ # you are required to call this method (also aliased as :as) in order to specify
324
+ # to which controller it is targetted.
325
+ #
326
+ # as :user do
327
+ # get "sign_in", to: "devise/sessions#new"
328
+ # end
329
+ #
330
+ # Notice you cannot have two scopes mapping to the same URL. And remember, if
331
+ # you try to access a devise controller without specifying a scope, it will
332
+ # raise ActionNotFound error.
333
+ #
334
+ # Also be aware of that 'devise_scope' and 'as' use the singular form of the
335
+ # noun where other devise route commands expect the plural form. This would be a
336
+ # good and working example.
337
+ #
338
+ # devise_scope :user do
339
+ # get "/some/route" => "some_devise_controller"
340
+ # end
341
+ # devise_for :users
342
+ #
343
+ # Notice and be aware of the differences above between :user and :users
344
+ def devise_scope(scope)
345
+ constraint = lambda do |request|
346
+ request.env["devise.mapping"] = Devise.mappings[scope]
347
+ true
348
+ end
349
+
350
+ constraints(constraint) do
351
+ yield
352
+ end
353
+ end
354
+ alias :as :devise_scope
355
+
356
+ protected
357
+
358
+ def devise_session(mapping, controllers) #:nodoc:
359
+ resource :session, only: [], controller: controllers[:sessions], path: "" do
360
+ get :new, path: mapping.path_names[:sign_in], as: "new"
361
+ post :create, path: mapping.path_names[:sign_in]
362
+ match :destroy, path: mapping.path_names[:sign_out], as: "destroy", via: mapping.sign_out_via
363
+ end
364
+ end
365
+
366
+ def devise_password(mapping, controllers) #:nodoc:
367
+ resource :password, only: [:new, :create, :edit, :update],
368
+ path: mapping.path_names[:password], controller: controllers[:passwords]
369
+ end
370
+
371
+ def devise_confirmation(mapping, controllers) #:nodoc:
372
+ resource :confirmation, only: [:new, :create, :show],
373
+ path: mapping.path_names[:confirmation], controller: controllers[:confirmations]
374
+ end
375
+
376
+ def devise_unlock(mapping, controllers) #:nodoc:
377
+ if mapping.to.unlock_strategy_enabled?(:email)
378
+ resource :unlock, only: [:new, :create, :show],
379
+ path: mapping.path_names[:unlock], controller: controllers[:unlocks]
380
+ end
381
+ end
382
+
383
+ def devise_registration(mapping, controllers) #:nodoc:
384
+ path_names = {
385
+ new: mapping.path_names[:sign_up],
386
+ edit: mapping.path_names[:edit],
387
+ cancel: mapping.path_names[:cancel]
388
+ }
389
+
390
+ options = {
391
+ only: [:new, :create, :edit, :update, :destroy],
392
+ path: mapping.path_names[:registration],
393
+ path_names: path_names,
394
+ controller: controllers[:registrations]
395
+ }
396
+
397
+ resource :registration, options do
398
+ get :cancel
399
+ end
400
+ end
401
+
402
+ def devise_omniauth_callback(mapping, controllers) #:nodoc:
403
+ if mapping.fullpath =~ /:[a-zA-Z_]/
404
+ raise <<-ERROR
405
+ Devise does not support scoping OmniAuth callbacks under a dynamic segment
406
+ and you have set #{mapping.fullpath.inspect}. You can work around by passing
407
+ `skip: :omniauth_callbacks` and manually defining the routes. Here is an example:
408
+
409
+ match "/users/auth/:provider",
410
+ constraints: { provider: /google|facebook/ },
411
+ to: "devise/omniauth_callbacks#passthru",
412
+ as: :omniauth_authorize,
413
+ via: [:get, :post]
414
+
415
+ match "/users/auth/:action/callback",
416
+ constraints: { action: /google|facebook/ },
417
+ to: "devise/omniauth_callbacks",
418
+ as: :omniauth_callback,
419
+ via: [:get, :post]
420
+ ERROR
421
+ end
422
+
423
+ path, @scope[:path] = @scope[:path], nil
424
+ path_prefix = Devise.omniauth_path_prefix || "/#{mapping.fullpath}/auth".squeeze("/")
425
+
426
+ set_omniauth_path_prefix!(path_prefix)
427
+
428
+ providers = Regexp.union(mapping.to.omniauth_providers.map(&:to_s))
429
+
430
+ match "#{path_prefix}/:provider",
431
+ constraints: { provider: providers },
432
+ to: "#{controllers[:omniauth_callbacks]}#passthru",
433
+ as: :omniauth_authorize,
434
+ via: [:get, :post]
435
+
436
+ match "#{path_prefix}/:action/callback",
437
+ constraints: { action: providers },
438
+ to: "#{controllers[:omniauth_callbacks]}#:action",
439
+ as: :omniauth_callback,
440
+ via: [:get, :post]
441
+ ensure
442
+ @scope[:path] = path
443
+ end
444
+
445
+ def with_devise_exclusive_scope(new_path, new_as, options) #:nodoc:
446
+ current_scope = @scope.dup
447
+
448
+ exclusive = { as: new_as, path: new_path, module: nil }
449
+ exclusive.merge!(options.slice(:constraints, :defaults, :options))
450
+
451
+ exclusive.each_pair { |key, value| @scope[key] = value }
452
+ yield
453
+ ensure
454
+ @scope = current_scope
455
+ end
456
+
457
+ def constraints_for(method_to_apply, scope=nil, block=nil)
458
+ constraint = lambda do |request|
459
+ request.env['warden'].send(method_to_apply, scope: scope) &&
460
+ (block.nil? || block.call(request.env["warden"].user(scope)))
461
+ end
462
+
463
+ constraints(constraint) do
464
+ yield
465
+ end
466
+ end
467
+
468
+ def set_omniauth_path_prefix!(path_prefix) #:nodoc:
469
+ if ::OmniAuth.config.path_prefix && ::OmniAuth.config.path_prefix != path_prefix
470
+ raise "Wrong OmniAuth configuration. If you are getting this exception, it means that either:\n\n" \
471
+ "1) You are manually setting OmniAuth.config.path_prefix and it doesn't match the Devise one\n" \
472
+ "2) You are setting :omniauthable in more than one model\n" \
473
+ "3) You changed your Devise routes/OmniAuth setting and haven't restarted your server"
474
+ else
475
+ ::OmniAuth.config.path_prefix = path_prefix
476
+ end
477
+ end
478
+
479
+ def raise_no_secret_key #:nodoc:
480
+ raise <<-ERROR
481
+ Devise.secret_key was not set. Please add the following to your Devise initializer:
482
+
483
+ config.secret_key = '#{SecureRandom.hex(64)}'
484
+
485
+ Please ensure you restarted your application after installing Devise or setting the key.
486
+ ERROR
487
+ end
488
+
489
+ def raise_no_devise_method_error!(klass) #:nodoc:
490
+ raise "#{klass} does not respond to 'devise' method. This usually means you haven't " \
491
+ "loaded your ORM file or it's being loaded too late. To fix it, be sure to require 'devise/orm/YOUR_ORM' " \
492
+ "inside 'config/initializers/devise.rb' or before your application definition in 'config/application.rb'"
493
+ end
494
+ end
495
+ end