RubyGems - deviseOne - Versions diffs - 1.0.0 - Mend

deviseOne 1.0.0

Files changed (246) hide show

checksums.yaml +7 -0
data/.gitignore +12 -0
data/.travis.yml +38 -0
data/.yardopts +9 -0
data/CHANGELOG.md +1117 -0
data/CONTRIBUTING.md +14 -0
data/Gemfile +29 -0
data/Gemfile.lock +199 -0
data/MIT-LICENSE +20 -0
data/README.md +529 -0
data/Rakefile +35 -0
data/app/controllers/devise/confirmations_controller.rb +47 -0
data/app/controllers/devise/omniauth_callbacks_controller.rb +30 -0
data/app/controllers/devise/passwords_controller.rb +71 -0
data/app/controllers/devise/registrations_controller.rb +143 -0
data/app/controllers/devise/sessions_controller.rb +166 -0
data/app/controllers/devise/unlocks_controller.rb +46 -0
data/app/controllers/devise_controller.rb +193 -0
data/app/helpers/devise_helper.rb +25 -0
data/app/mailers/devise/mailer.rb +20 -0
data/app/views/devise/confirmations/new.html.erb +16 -0
data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
data/app/views/devise/passwords/edit.html.erb +25 -0
data/app/views/devise/passwords/new.html.erb +16 -0
data/app/views/devise/registrations/edit.html.erb +39 -0
data/app/views/devise/registrations/new.html.erb +29 -0
data/app/views/devise/sessions/new.html.erb +27 -0
data/app/views/devise/shared/_links.html.erb +21 -0
data/app/views/devise/unlocks/new.html.erb +16 -0
data/config/locales/en.yml +70 -0
data/devise.gemspec +33 -0
data/devise.png +0 -0
data/gemfiles/Gemfile.rails-3.2-stable +29 -0
data/gemfiles/Gemfile.rails-3.2-stable.lock +169 -0
data/gemfiles/Gemfile.rails-4.0-stable +29 -0
data/gemfiles/Gemfile.rails-4.0-stable.lock +165 -0
data/gemfiles/Gemfile.rails-4.1-stable +29 -0
data/gemfiles/Gemfile.rails-4.1-stable.lock +170 -0
data/lib/devise.rb +499 -0
data/lib/devise/controllers/helpers.rb +284 -0
data/lib/devise/controllers/rememberable.rb +47 -0
data/lib/devise/controllers/scoped_views.rb +17 -0
data/lib/devise/controllers/sign_in_out.rb +102 -0
data/lib/devise/controllers/store_location.rb +58 -0
data/lib/devise/controllers/url_helpers.rb +69 -0
data/lib/devise/delegator.rb +16 -0
data/lib/devise/failure_app.rb +212 -0
data/lib/devise/hooks/activatable.rb +10 -0
data/lib/devise/hooks/csrf_cleaner.rb +7 -0
data/lib/devise/hooks/forgetable.rb +9 -0
data/lib/devise/hooks/lockable.rb +7 -0
data/lib/devise/hooks/proxy.rb +21 -0
data/lib/devise/hooks/rememberable.rb +7 -0
data/lib/devise/hooks/timeoutable.rb +35 -0
data/lib/devise/hooks/trackable.rb +9 -0
data/lib/devise/mailers/helpers.rb +90 -0
data/lib/devise/mapping.rb +175 -0
data/lib/devise/models.rb +119 -0
data/lib/devise/models/authenticatable.rb +290 -0
data/lib/devise/models/confirmable.rb +305 -0
data/lib/devise/models/database_authenticatable.rb +164 -0
data/lib/devise/models/lockable.rb +196 -0
data/lib/devise/models/omniauthable.rb +27 -0
data/lib/devise/models/recoverable.rb +157 -0
data/lib/devise/models/registerable.rb +25 -0
data/lib/devise/models/rememberable.rb +142 -0
data/lib/devise/models/timeoutable.rb +49 -0
data/lib/devise/models/trackable.rb +38 -0
data/lib/devise/models/validatable.rb +66 -0
data/lib/devise/modules.rb +28 -0
data/lib/devise/omniauth.rb +28 -0
data/lib/devise/omniauth/config.rb +45 -0
data/lib/devise/omniauth/url_helpers.rb +18 -0
data/lib/devise/orm/active_record.rb +3 -0
data/lib/devise/orm/mongoid.rb +3 -0
data/lib/devise/parameter_filter.rb +40 -0
data/lib/devise/parameter_sanitizer.rb +99 -0
data/lib/devise/rails.rb +56 -0
data/lib/devise/rails/routes.rb +495 -0
data/lib/devise/rails/warden_compat.rb +22 -0
data/lib/devise/strategies/authenticatable.rb +173 -0
data/lib/devise/strategies/base.rb +20 -0
data/lib/devise/strategies/database_authenticatable.rb +24 -0
data/lib/devise/strategies/rememberable.rb +59 -0
data/lib/devise/test_helpers.rb +132 -0
data/lib/devise/time_inflector.rb +14 -0
data/lib/devise/token_generator.rb +70 -0
data/lib/devise/version.rb +3 -0
data/lib/generators/active_record/devise_generator.rb +91 -0
data/lib/generators/active_record/templates/migration.rb +18 -0
data/lib/generators/active_record/templates/migration_existing.rb +25 -0
data/lib/generators/devise/controllers_generator.rb +44 -0
data/lib/generators/devise/devise_generator.rb +26 -0
data/lib/generators/devise/install_generator.rb +29 -0
data/lib/generators/devise/orm_helpers.rb +51 -0
data/lib/generators/devise/views_generator.rb +135 -0
data/lib/generators/mongoid/devise_generator.rb +55 -0
data/lib/generators/templates/README +35 -0
data/lib/generators/templates/controllers/README +14 -0
data/lib/generators/templates/controllers/confirmations_controller.rb +28 -0
data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +28 -0
data/lib/generators/templates/controllers/passwords_controller.rb +32 -0
data/lib/generators/templates/controllers/registrations_controller.rb +60 -0
data/lib/generators/templates/controllers/sessions_controller.rb +25 -0
data/lib/generators/templates/controllers/unlocks_controller.rb +28 -0
data/lib/generators/templates/devise.rb +263 -0
data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +16 -0
data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +19 -0
data/lib/generators/templates/simple_form_for/passwords/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +27 -0
data/lib/generators/templates/simple_form_for/registrations/new.html.erb +17 -0
data/lib/generators/templates/simple_form_for/sessions/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +16 -0
data/script/cached-bundle +49 -0
data/script/s3-put +71 -0
data/test/controllers/custom_registrations_controller_test.rb +35 -0
data/test/controllers/custom_strategy_test.rb +62 -0
data/test/controllers/helpers_test.rb +316 -0
data/test/controllers/internal_helpers_test.rb +129 -0
data/test/controllers/load_hooks_controller_test.rb +19 -0
data/test/controllers/passwords_controller_test.rb +31 -0
data/test/controllers/sessions_controller_test.rb +102 -0
data/test/controllers/url_helpers_test.rb +65 -0
data/test/delegator_test.rb +19 -0
data/test/devise_test.rb +107 -0
data/test/failure_app_test.rb +275 -0
data/test/generators/active_record_generator_test.rb +109 -0
data/test/generators/controllers_generator_test.rb +48 -0
data/test/generators/devise_generator_test.rb +39 -0
data/test/generators/install_generator_test.rb +13 -0
data/test/generators/mongoid_generator_test.rb +23 -0
data/test/generators/views_generator_test.rb +96 -0
data/test/helpers/devise_helper_test.rb +49 -0
data/test/integration/authenticatable_test.rb +731 -0
data/test/integration/confirmable_test.rb +324 -0
data/test/integration/database_authenticatable_test.rb +94 -0
data/test/integration/http_authenticatable_test.rb +105 -0
data/test/integration/lockable_test.rb +239 -0
data/test/integration/omniauthable_test.rb +133 -0
data/test/integration/recoverable_test.rb +334 -0
data/test/integration/registerable_test.rb +361 -0
data/test/integration/rememberable_test.rb +176 -0
data/test/integration/timeoutable_test.rb +189 -0
data/test/integration/trackable_test.rb +92 -0
data/test/mailers/confirmation_instructions_test.rb +115 -0
data/test/mailers/reset_password_instructions_test.rb +96 -0
data/test/mailers/unlock_instructions_test.rb +91 -0
data/test/mapping_test.rb +128 -0
data/test/models/authenticatable_test.rb +23 -0
data/test/models/confirmable_test.rb +461 -0
data/test/models/database_authenticatable_test.rb +249 -0
data/test/models/lockable_test.rb +328 -0
data/test/models/omniauthable_test.rb +7 -0
data/test/models/recoverable_test.rb +205 -0
data/test/models/registerable_test.rb +7 -0
data/test/models/rememberable_test.rb +198 -0
data/test/models/serializable_test.rb +49 -0
data/test/models/timeoutable_test.rb +51 -0
data/test/models/trackable_test.rb +41 -0
data/test/models/validatable_test.rb +127 -0
data/test/models_test.rb +144 -0
data/test/omniauth/config_test.rb +57 -0
data/test/omniauth/url_helpers_test.rb +54 -0
data/test/orm/active_record.rb +10 -0
data/test/orm/mongoid.rb +13 -0
data/test/parameter_sanitizer_test.rb +81 -0
data/test/rails_app/Rakefile +6 -0
data/test/rails_app/app/active_record/admin.rb +6 -0
data/test/rails_app/app/active_record/shim.rb +2 -0
data/test/rails_app/app/active_record/user.rb +6 -0
data/test/rails_app/app/active_record/user_on_engine.rb +7 -0
data/test/rails_app/app/active_record/user_on_main_app.rb +7 -0
data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
data/test/rails_app/app/controllers/admins_controller.rb +11 -0
data/test/rails_app/app/controllers/application_controller.rb +12 -0
data/test/rails_app/app/controllers/application_with_fake_engine.rb +30 -0
data/test/rails_app/app/controllers/custom/registrations_controller.rb +21 -0
data/test/rails_app/app/controllers/home_controller.rb +25 -0
data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +14 -0
data/test/rails_app/app/controllers/users_controller.rb +31 -0
data/test/rails_app/app/helpers/application_helper.rb +3 -0
data/test/rails_app/app/mailers/users/from_proc_mailer.rb +3 -0
data/test/rails_app/app/mailers/users/mailer.rb +3 -0
data/test/rails_app/app/mailers/users/reply_to_mailer.rb +4 -0
data/test/rails_app/app/mongoid/admin.rb +29 -0
data/test/rails_app/app/mongoid/shim.rb +23 -0
data/test/rails_app/app/mongoid/user.rb +39 -0
data/test/rails_app/app/mongoid/user_on_engine.rb +39 -0
data/test/rails_app/app/mongoid/user_on_main_app.rb +39 -0
data/test/rails_app/app/views/admins/index.html.erb +1 -0
data/test/rails_app/app/views/admins/sessions/new.html.erb +2 -0
data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -0
data/test/rails_app/app/views/home/index.html.erb +1 -0
data/test/rails_app/app/views/home/join.html.erb +1 -0
data/test/rails_app/app/views/home/private.html.erb +1 -0
data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -0
data/test/rails_app/app/views/layouts/application.html.erb +24 -0
data/test/rails_app/app/views/users/edit_form.html.erb +1 -0
data/test/rails_app/app/views/users/index.html.erb +1 -0
data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +1 -0
data/test/rails_app/app/views/users/sessions/new.html.erb +1 -0
data/test/rails_app/bin/bundle +3 -0
data/test/rails_app/bin/rails +4 -0
data/test/rails_app/bin/rake +4 -0
data/test/rails_app/config.ru +4 -0
data/test/rails_app/config/application.rb +40 -0
data/test/rails_app/config/boot.rb +14 -0
data/test/rails_app/config/database.yml +18 -0
data/test/rails_app/config/environment.rb +5 -0
data/test/rails_app/config/environments/development.rb +30 -0
data/test/rails_app/config/environments/production.rb +80 -0
data/test/rails_app/config/environments/test.rb +36 -0
data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
data/test/rails_app/config/initializers/devise.rb +180 -0
data/test/rails_app/config/initializers/inflections.rb +2 -0
data/test/rails_app/config/initializers/secret_token.rb +8 -0
data/test/rails_app/config/initializers/session_store.rb +1 -0
data/test/rails_app/config/routes.rb +122 -0
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +71 -0
data/test/rails_app/db/schema.rb +55 -0
data/test/rails_app/lib/shared_admin.rb +17 -0
data/test/rails_app/lib/shared_user.rb +29 -0
data/test/rails_app/lib/shared_user_without_omniauth.rb +13 -0
data/test/rails_app/public/404.html +26 -0
data/test/rails_app/public/422.html +26 -0
data/test/rails_app/public/500.html +26 -0
data/test/rails_app/public/favicon.ico +0 -0
data/test/routes_test.rb +264 -0
data/test/support/action_controller/record_identifier.rb +10 -0
data/test/support/assertions.rb +39 -0
data/test/support/helpers.rb +73 -0
data/test/support/integration.rb +92 -0
data/test/support/locale/en.yml +8 -0
data/test/support/mongoid.yml +6 -0
data/test/support/webrat/integrations/rails.rb +24 -0
data/test/test_helper.rb +34 -0
data/test/test_helpers_test.rb +163 -0
data/test/test_models.rb +33 -0
metadata +531 -0

data/lib/devise/rails/warden_compat.rb ADDED

@@ -0,0 +1,22 @@
+module Warden::Mixins::Common
+  def request
+    @request ||= ActionDispatch::Request.new(env)
+  end
+  # Deprecate: Remove this check once we move to Rails 4 only.
+  NULL_STORE =
+    defined?(ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullSessionHash) ?
+      ActionController::RequestForgeryProtection::ProtectionMethods::NullSession::NullSessionHash : nil
+  def reset_session!
+    # Calling reset_session on NULL_STORE causes it fail.
+    # This is a bug that needs to be fixed in Rails.
+    unless NULL_STORE && request.session.is_a?(NULL_STORE)
+      request.reset_session
+    end
+  end
+  def cookies
+    request.cookie_jar
+  end
+end

data/lib/devise/strategies/authenticatable.rb ADDED

@@ -0,0 +1,173 @@
+require 'devise/strategies/base'
+module Devise
+  module Strategies
+    # This strategy should be used as basis for authentication strategies. It retrieves
+    # parameters both from params or from http authorization headers. See database_authenticatable
+    # for an example.
+    class Authenticatable < Base
+      attr_accessor :authentication_hash, :authentication_type, :password
+      def store?
+        super && !mapping.to.skip_session_storage.include?(authentication_type)
+      end
+      def valid?
+        valid_for_params_auth? || valid_for_http_auth?
+      end
+      # Override and set to false for things like OmniAuth that technically
+      # run through Authentication (user_set) very often, which would normally
+      # reset CSRF data in the session
+      def clean_up_csrf?
+        true
+      end
+    private
+      # Receives a resource and check if it is valid by calling valid_for_authentication?
+      # An optional block that will be triggered while validating can be optionally
+      # given as parameter. Check Devise::Models::Authenticable.valid_for_authentication?
+      # for more information.
+      #
+      # In case the resource can't be validated, it will fail with the given
+      # unauthenticated_message.
+      def validate(resource, &block)
+        result = resource && resource.valid_for_authentication?(&block)
+        if result
+          true
+        else
+          if resource
+            fail!(resource.unauthenticated_message)
+          end
+          false
+        end
+      end
+      # Get values from params and set in the resource.
+      def remember_me(resource)
+        resource.remember_me = remember_me? if resource.respond_to?(:remember_me=)
+      end
+      # Should this resource be marked to be remembered?
+      def remember_me?
+        valid_params? && Devise::TRUE_VALUES.include?(params_auth_hash[:remember_me])
+      end
+      # Check if this is a valid strategy for http authentication by:
+      #
+      #   * Validating if the model allows params authentication;
+      #   * If any of the authorization headers were sent;
+      #   * If all authentication keys are present;
+      #
+      def valid_for_http_auth?
+        http_authenticatable? && request.authorization && with_authentication_hash(:http_auth, http_auth_hash)
+      end
+      # Check if this is a valid strategy for params authentication by:
+      #
+      #   * Validating if the model allows params authentication;
+      #   * If the request hits the sessions controller through POST;
+      #   * If the params[scope] returns a hash with credentials;
+      #   * If all authentication keys are present;
+      #
+      def valid_for_params_auth?
+        params_authenticatable? && valid_params_request? &&
+          valid_params? && with_authentication_hash(:params_auth, params_auth_hash)
+      end
+      # Check if the model accepts this strategy as http authenticatable.
+      def http_authenticatable?
+        mapping.to.http_authenticatable?(authenticatable_name)
+      end
+      # Check if the model accepts this strategy as params authenticatable.
+      def params_authenticatable?
+        mapping.to.params_authenticatable?(authenticatable_name)
+      end
+      # Extract the appropriate subhash for authentication from params.
+      def params_auth_hash
+        params[scope]
+      end
+      # Extract a hash with attributes:values from the http params.
+      def http_auth_hash
+        keys = [http_authentication_key, :password]
+        Hash[*keys.zip(decode_credentials).flatten]
+      end
+      # By default, a request is valid if the controller set the proper env variable.
+      def valid_params_request?
+        !!env["devise.allow_params_authentication"]
+      end
+      # If the request is valid, finally check if params_auth_hash returns a hash.
+      def valid_params?
+        params_auth_hash.is_a?(Hash)
+      end
+      # Check if password is present.
+      def valid_password?
+        password.present?
+      end
+      # Helper to decode credentials from HTTP.
+      def decode_credentials
+        return [] unless request.authorization && request.authorization =~ /^Basic (.*)/m
+        Base64.decode64($1).split(/:/, 2)
+      end
+      # Sets the authentication hash and the password from params_auth_hash or http_auth_hash.
+      def with_authentication_hash(auth_type, auth_values)
+        self.authentication_hash, self.authentication_type = {}, auth_type
+        self.password = auth_values[:password]
+        parse_authentication_key_values(auth_values, authentication_keys) &&
+        parse_authentication_key_values(request_values, request_keys)
+      end
+      def authentication_keys
+        @authentication_keys ||= mapping.to.authentication_keys
+      end
+      def http_authentication_key
+        @http_authentication_key ||= mapping.to.http_authentication_key || case authentication_keys
+          when Array then authentication_keys.first
+          when Hash then authentication_keys.keys.first
+        end
+      end
+      def request_keys
+        @request_keys ||= mapping.to.request_keys
+      end
+      def request_values
+        keys = request_keys.respond_to?(:keys) ? request_keys.keys : request_keys
+        values = keys.map { |k| self.request.send(k) }
+        Hash[keys.zip(values)]
+      end
+      def parse_authentication_key_values(hash, keys)
+        keys.each do |key, enforce|
+          value = hash[key].presence
+          if value
+            self.authentication_hash[key] = value
+          else
+            return false unless enforce == false
+          end
+        end
+        true
+      end
+      # Holds the authenticatable name for this class. Devise::Strategies::DatabaseAuthenticatable
+      # becomes simply :database.
+      def authenticatable_name
+        @authenticatable_name ||=
+          ActiveSupport::Inflector.underscore(self.class.name.split("::").last).
+            sub("_authenticatable", "").to_sym
+      end
+    end
+  end
+end

data/lib/devise/strategies/base.rb ADDED

@@ -0,0 +1,20 @@
+module Devise
+  module Strategies
+    # Base strategy for Devise. Responsible for verifying correct scope and mapping.
+    class Base < ::Warden::Strategies::Base
+      # Whenever CSRF cannot be verified, we turn off any kind of storage
+      def store?
+        !env["devise.skip_storage"]
+      end
+      # Checks if a valid scope was given for devise and find mapping based on this scope.
+      def mapping
+        @mapping ||= begin
+          mapping = Devise.mappings[scope]
+          raise "Could not find mapping for #{scope}" unless mapping
+          mapping
+        end
+      end
+    end
+  end
+end

data/lib/devise/strategies/database_authenticatable.rb ADDED

@@ -0,0 +1,24 @@
+require 'devise/strategies/authenticatable'
+module Devise
+  module Strategies
+    # Default strategy for signing in a user, based on their email and password in the database.
+    class DatabaseAuthenticatable < Authenticatable
+      def authenticate!
+        resource  = valid_password? && mapping.to.find_for_database_authentication(authentication_hash)
+        encrypted = false
+        if validate(resource){ encrypted = true; resource.valid_password?(password) }
+          remember_me(resource)
+          resource.after_database_authentication
+          success!(resource)
+        end
+        mapping.to.new.password = password if !encrypted && Devise.paranoid
+        fail(:not_found_in_database) unless resource
+      end
+    end
+  end
+end
+Warden::Strategies.add(:database_authenticatable, Devise::Strategies::DatabaseAuthenticatable)

data/lib/devise/strategies/rememberable.rb ADDED

@@ -0,0 +1,59 @@
+require 'devise/strategies/authenticatable'
+module Devise
+  module Strategies
+    # Remember the user through the remember token. This strategy is responsible
+    # to verify whether there is a cookie with the remember token, and to
+    # recreate the user from this cookie if it exists. Must be called *before*
+    # authenticatable.
+    class Rememberable < Authenticatable
+      # A valid strategy for rememberable needs a remember token in the cookies.
+      def valid?
+        @remember_cookie = nil
+        remember_cookie.present?
+      end
+      # To authenticate a user we deserialize the cookie and attempt finding
+      # the record in the database. If the attempt fails, we pass to another
+      # strategy handle the authentication.
+      def authenticate!
+        resource = mapping.to.serialize_from_cookie(*remember_cookie)
+        unless resource
+          cookies.delete(remember_key)
+          return pass
+        end
+        if validate(resource)
+          remember_me(resource)
+          extend_remember_me_period(resource)
+          resource.after_remembered
+          success!(resource)
+        end
+      end
+    private
+      def extend_remember_me_period(resource)
+        if resource.respond_to?(:extend_remember_period=)
+          resource.extend_remember_period = mapping.to.extend_remember_period
+        end
+      end
+      def remember_me?
+        true
+      end
+      def remember_key
+        mapping.to.rememberable_options.fetch(:key, "remember_#{scope}_token")
+      end
+      def remember_cookie
+        @remember_cookie ||= cookies.signed[remember_key]
+      end
+    end
+  end
+end
+Warden::Strategies.add(:rememberable, Devise::Strategies::Rememberable)

data/lib/devise/test_helpers.rb ADDED

@@ -0,0 +1,132 @@
+module Devise
+  # Devise::TestHelpers provides a facility to test controllers in isolation
+  # when using ActionController::TestCase allowing you to quickly sign_in or
+  # sign_out a user. Do not use Devise::TestHelpers in integration tests.
+  #
+  # Notice you should not test Warden specific behavior (like Warden callbacks)
+  # using Devise::TestHelpers since it is a stub of the actual behavior. Such
+  # callbacks should be tested in your integration suite instead.
+  module TestHelpers
+    def self.included(base)
+      base.class_eval do
+        setup :setup_controller_for_warden, :warden if respond_to?(:setup)
+      end
+    end
+    # Override process to consider warden.
+    def process(*)
+      # Make sure we always return @response, a la ActionController::TestCase::Behaviour#process, even if warden interrupts
+      _catch_warden { super } || @response
+    end
+    # We need to setup the environment variables and the response in the controller.
+    def setup_controller_for_warden #:nodoc:
+      @request.env['action_controller.instance'] = @controller
+    end
+    # Quick access to Warden::Proxy.
+    def warden #:nodoc:
+      @warden ||= begin
+        manager = Warden::Manager.new(nil) do |config|
+          config.merge! Devise.warden_config
+        end
+        @request.env['warden'] = Warden::Proxy.new(@request.env, manager)
+      end
+    end
+    # sign_in a given resource by storing its keys in the session.
+    # This method bypass any warden authentication callback.
+    #
+    # Examples:
+    #
+    #   sign_in :user, @user   # sign_in(scope, resource)
+    #   sign_in @user          # sign_in(resource)
+    #
+    def sign_in(resource_or_scope, resource=nil)
+      scope    ||= Devise::Mapping.find_scope!(resource_or_scope)
+      resource ||= resource_or_scope
+      warden.instance_variable_get(:@users).delete(scope)
+      warden.session_serializer.store(resource, scope)
+    end
+    # Sign out a given resource or scope by calling logout on Warden.
+    # This method bypass any warden logout callback.
+    #
+    # Examples:
+    #
+    #   sign_out :user     # sign_out(scope)
+    #   sign_out @user     # sign_out(resource)
+    #
+    def sign_out(resource_or_scope)
+      scope = Devise::Mapping.find_scope!(resource_or_scope)
+      @controller.instance_variable_set(:"@current_#{scope}", nil)
+      user = warden.instance_variable_get(:@users).delete(scope)
+      warden.session_serializer.delete(scope, user)
+    end
+    protected
+    # Catch warden continuations and handle like the middleware would.
+    # Returns nil when interrupted, otherwise the normal result of the block.
+    def _catch_warden(&block)
+      result = catch(:warden, &block)
+      env = @controller.request.env
+      result ||= {}
+      # Set the response. In production, the rack result is returned
+      # from Warden::Manager#call, which the following is modelled on.
+      case result
+      when Array
+        if result.first == 401 && intercept_401?(env) # does this happen during testing?
+          _process_unauthenticated(env)
+        else
+          result
+        end
+      when Hash
+        _process_unauthenticated(env, result)
+      else
+        result
+      end
+    end
+    def _process_unauthenticated(env, options = {})
+      options[:action] ||= :unauthenticated
+      proxy = env['warden']
+      result = options[:result] || proxy.result
+      ret = case result
+      when :redirect
+        body = proxy.message || "You are being redirected to #{proxy.headers['Location']}"
+        [proxy.status, proxy.headers, [body]]
+      when :custom
+        proxy.custom_response
+      else
+        env["PATH_INFO"] = "/#{options[:action]}"
+        env["warden.options"] = options
+        Warden::Manager._run_callbacks(:before_failure, env, options)
+        status, headers, response = Devise.warden_config[:failure_app].call(env).to_a
+        @controller.response.headers.merge!(headers)
+        @controller.send :render, status: status, text: response.body,
+          content_type: headers["Content-Type"], location: headers["Location"]
+        nil # causes process return @response
+      end
+      # ensure that the controller response is set up. In production, this is
+      # not necessary since warden returns the results to rack. However, at
+      # testing time, we want the response to be available to the testing
+      # framework to verify what would be returned to rack.
+      if ret.is_a?(Array)
+        # ensure the controller response is set to our response.
+        @controller.response ||= @response
+        @response.status = ret.first
+        @response.headers = ret.second
+        @response.body = ret.third
+      end
+      ret
+    end
+  end
+end

data/lib/devise/time_inflector.rb ADDED

@@ -0,0 +1,14 @@
+require "active_support/core_ext/module/delegation"
+module Devise
+  class TimeInflector
+    include ActionView::Helpers::DateHelper
+    class << self
+      attr_reader :instance
+      delegate :time_ago_in_words, to: :instance
+    end
+    @instance = new
+  end
+end