devise_token_auth 0.1.43 → 1.2.0

data/app/models/devise_token_auth/concerns/user.rb

@@ -1,4 +1,4 @@
-require 'bcrypt'
+# frozen_string_literal: true
 
 module DeviseTokenAuth::Concerns::User
   extend ActiveSupport::Concern
@@ -7,34 +7,32 @@ module DeviseTokenAuth::Concerns::User
     @token_equality_cache ||= {}
 
     key = "#{token_hash}/#{token}"
-    result = @token_equality_cache[key] ||= (::BCrypt::Password.new(token_hash) == token)
-    if @token_equality_cache.size > 10000
-      @token_equality_cache = {}
-    end
+    result = @token_equality_cache[key] ||= DeviseTokenAuth::TokenFactory.token_hash_is_token?(token_hash, token)
+    @token_equality_cache = {} if @token_equality_cache.size > 10000
     result
   end
 
   included do
     # Hack to check if devise is already enabled
-    unless self.method_defined?(:devise_modules)
-      devise :database_authenticatable, :registerable,
-          :recoverable, :trackable, :validatable, :confirmable
+    if method_defined?(:devise_modules)
+      devise_modules.delete(:omniauthable)
     else
-      self.devise_modules.delete(:omniauthable)
+      devise :database_authenticatable, :registerable,
+             :recoverable, :validatable, :confirmable
+    end
+
+    if const_defined?('ActiveRecord') && ancestors.include?(ActiveRecord::Base)
+      include DeviseTokenAuth::Concerns::ActiveRecordSupport
     end
 
-    unless tokens_has_json_column_type?
-      serialize :tokens, JSON
+    if const_defined?('Mongoid') && ancestors.include?(Mongoid::Document)
+      include DeviseTokenAuth::Concerns::MongoidSupport
     end
 
     if DeviseTokenAuth.default_callbacks
       include DeviseTokenAuth::Concerns::UserOmniauthCallbacks
     end
 
-    # can't set default on text fields in mysql, simulate here instead.
-    after_save :set_empty_token_hash
-    after_initialize :set_empty_token_hash
-
     # get rid of dead tokens
     before_save :destroy_expired_tokens
 
@@ -46,17 +44,21 @@ module DeviseTokenAuth::Concerns::User
     def email_changed?; false; end
     def will_save_change_to_email?; false; end
 
+    if DeviseTokenAuth.send_confirmation_email && devise_modules.include?(:confirmable)
+      include DeviseTokenAuth::Concerns::ConfirmableSupport
+    end
+
     def password_required?
       return false unless provider == 'email'
       super
     end
 
     # override devise method to include additional info as opts hash
-    def send_confirmation_instructions(opts={})
+    def send_confirmation_instructions(opts = {})
       generate_confirmation_token! unless @raw_confirmation_token
 
       # fall back to "default" config name
-      opts[:client_config] ||= "default"
+      opts[:client_config] ||= 'default'
       opts[:to] = unconfirmed_email if pending_reconfirmation?
       opts[:redirect_url] ||= DeviseTokenAuth.default_confirm_success_url
 
@@ -64,149 +66,126 @@ module DeviseTokenAuth::Concerns::User
     end
 
     # override devise method to include additional info as opts hash
-    def send_reset_password_instructions(opts={})
+    def send_reset_password_instructions(opts = {})
       token = set_reset_password_token
 
       # fall back to "default" config name
-      opts[:client_config] ||= "default"
+      opts[:client_config] ||= 'default'
 
       send_devise_notification(:reset_password_instructions, token, opts)
       token
     end
 
     # override devise method to include additional info as opts hash
-    def send_unlock_instructions(opts={})
+    def send_unlock_instructions(opts = {})
       raw, enc = Devise.token_generator.generate(self.class, :unlock_token)
       self.unlock_token = enc
       save(validate: false)
 
       # fall back to "default" config name
-      opts[:client_config] ||= "default"
+      opts[:client_config] ||= 'default'
 
       send_devise_notification(:unlock_instructions, raw, opts)
       raw
     end
-  end
 
-  def create_token(client_id: nil, token: nil, expiry: nil, **token_extras)
-    client_id ||= SecureRandom.urlsafe_base64(nil, false)
-    token     ||= SecureRandom.urlsafe_base64(nil, false)
-    expiry    ||= (Time.now + token_lifespan).to_i
+    def create_token(client: nil, lifespan: nil, cost: nil, **token_extras)
+      token = DeviseTokenAuth::TokenFactory.create(client: client, lifespan: lifespan, cost: cost)
 
-    self.tokens[client_id] = {
-      token: BCrypt::Password.create(token),
-      expiry: expiry
-    }.merge!(token_extras)
+      tokens[token.client] = {
+        token:  token.token_hash,
+        expiry: token.expiry
+      }.merge!(token_extras)
 
-    [client_id, token, expiry]
-  end
-
-  module ClassMethods
-    protected
-
-    def tokens_has_json_column_type?
-      database_exists? && table_exists? && self.columns_hash['tokens'] && self.columns_hash['tokens'].type.in?([:json, :jsonb])
-    end
+      clean_old_tokens
 
-    def database_exists?
-      ActiveRecord::Base.connection_pool.with_connection { |con| con.active? } rescue false
+      token
     end
   end
 
-
-  def valid_token?(token, client_id='default')
-    return false unless tokens[client_id]
-    return true if token_is_current?(token, client_id)
-    return true if token_can_be_reused?(token, client_id)
+  def valid_token?(token, client = 'default')
+    return false unless tokens[client]
+    return true if token_is_current?(token, client)
+    return true if token_can_be_reused?(token, client)
 
     # return false if none of the above conditions are met
-    return false
+    false
   end
 
-
   # this must be done from the controller so that additional params
   # can be passed on from the client
   def send_confirmation_notification?; false; end
 
-
-  def token_is_current?(token, client_id)
+  def token_is_current?(token, client)
     # ghetto HashWithIndifferentAccess
-    expiry     = tokens[client_id]['expiry'] || tokens[client_id][:expiry]
-    token_hash = tokens[client_id]['token'] || tokens[client_id][:token]
+    expiry     = tokens[client]['expiry'] || tokens[client][:expiry]
+    token_hash = tokens[client]['token'] || tokens[client][:token]
 
     return true if (
       # ensure that expiry and token are set
       expiry && token &&
 
       # ensure that the token has not yet expired
-      DateTime.strptime(expiry.to_s, '%s') > Time.now &&
+      DateTime.strptime(expiry.to_s, '%s') > Time.zone.now &&
 
       # ensure that the token is valid
       DeviseTokenAuth::Concerns::User.tokens_match?(token_hash, token)
     )
   end
 
-
   # allow batch requests to use the previous token
-  def token_can_be_reused?(token, client_id)
+  def token_can_be_reused?(token, client)
     # ghetto HashWithIndifferentAccess
-    updated_at = tokens[client_id]['updated_at'] || tokens[client_id][:updated_at]
-    last_token = tokens[client_id]['last_token'] || tokens[client_id][:last_token]
+    updated_at = tokens[client]['updated_at'] || tokens[client][:updated_at]
+    last_token_hash = tokens[client]['last_token'] || tokens[client][:last_token]
 
     return true if (
       # ensure that the last token and its creation time exist
-      updated_at && last_token &&
+      updated_at && last_token_hash &&
 
       # ensure that previous token falls within the batch buffer throttle time of the last request
-      Time.parse(updated_at) > Time.now - DeviseTokenAuth.batch_request_buffer_throttle &&
+      updated_at.to_time > Time.zone.now - DeviseTokenAuth.batch_request_buffer_throttle &&
 
       # ensure that the token is valid
-      ::BCrypt::Password.new(last_token) == token
+      DeviseTokenAuth::TokenFactory.token_hash_is_token?(last_token_hash, token)
     )
   end
 
-
   # update user's auth token (should happen on each request)
-  def create_new_auth_token(client_id=nil)
-    now = Time.now
+  def create_new_auth_token(client = nil)
+    now = Time.zone.now
 
-    client_id, token = create_token(
-      client_id: client_id,
-      expiry: (now + token_lifespan).to_i,
-      last_token: tokens.fetch(client_id, {})['token'],
+    token = create_token(
+      client: client,
+      last_token: tokens.fetch(client, {})['token'],
       updated_at: now
     )
 
-    update_auth_header(token, client_id)
+    update_auth_header(token.token, token.client)
   end
 
-  def build_auth_header(token, client_id='default')
+  def build_auth_header(token, client = 'default')
     # client may use expiry to prevent validation request if expired
     # must be cast as string or headers will break
-    expiry = tokens[client_id]['expiry'] || tokens[client_id][:expiry]
+    expiry = tokens[client]['expiry'] || tokens[client][:expiry]
 
     {
       DeviseTokenAuth.headers_names[:"access-token"] => token,
-      DeviseTokenAuth.headers_names[:"token-type"]   => "Bearer",
-      DeviseTokenAuth.headers_names[:"client"]       => client_id,
+      DeviseTokenAuth.headers_names[:"token-type"]   => 'Bearer',
+      DeviseTokenAuth.headers_names[:"client"]       => client,
       DeviseTokenAuth.headers_names[:"expiry"]       => expiry.to_s,
       DeviseTokenAuth.headers_names[:"uid"]          => uid
     }
   end
 
-  def update_auth_header(token, client_id='default')
-    headers = build_auth_header(token, client_id)
-    while tokens.length > 0 && DeviseTokenAuth.max_number_of_devices < tokens.length
-      oldest_client_id, _tk = tokens.min_by { |_cid, v| v[:expiry] || v["expiry"] }
-      tokens.delete(oldest_client_id)
-    end
-
+  def update_auth_header(token, client = 'default')
+    headers = build_auth_header(token, client)
+    clean_old_tokens
     save!
 
     headers
   end
 
-
   def build_auth_url(base_url, args)
     args[:uid]    = uid
     args[:expiry] = tokens[args[:client_id]]['expiry']
@@ -214,10 +193,9 @@ module DeviseTokenAuth::Concerns::User
     DeviseTokenAuth::Url.generate(base_url, args)
   end
 
-
-  def extend_batch_buffer(token, client_id)
-    self.tokens[client_id]['updated_at'] = Time.now
-    update_auth_header(token, client_id)
+  def extend_batch_buffer(token, client)
+    tokens[client]['updated_at'] = Time.zone.now
+    update_auth_header(token, client)
   end
 
   def confirmed?
@@ -225,36 +203,50 @@ module DeviseTokenAuth::Concerns::User
   end
 
   def token_validation_response
-    as_json(except: [:tokens, :created_at, :updated_at])
-  end
-
-  def token_lifespan
-    DeviseTokenAuth.token_lifespan
+    as_json(except: %i[tokens created_at updated_at])
   end
 
   protected
 
-  def set_empty_token_hash
-    self.tokens ||= {} if has_attribute?(:tokens)
-  end
-
   def destroy_expired_tokens
     if tokens
       tokens.delete_if do |cid, v|
-        expiry = v[:expiry] || v["expiry"]
-        DateTime.strptime(expiry.to_s, '%s') < Time.now
+        expiry = v[:expiry] || v['expiry']
+        DateTime.strptime(expiry.to_s, '%s') < Time.zone.now
       end
     end
   end
 
+  def should_remove_tokens_after_password_reset?
+    DeviseTokenAuth.remove_tokens_after_password_reset &&
+      (respond_to?(:encrypted_password_changed?) && encrypted_password_changed?)
+  end
+
   def remove_tokens_after_password_reset
-    should_remove_old_tokens = DeviseTokenAuth.remove_tokens_after_password_reset &&
-                               encrypted_password_changed? && tokens && tokens.many?
+    return unless should_remove_tokens_after_password_reset?
 
-    if should_remove_old_tokens
-      client_id, token_data = tokens.max_by { |cid, v| v[:expiry] || v["expiry"] }
-      self.tokens = {client_id => token_data}
+    if tokens.present? && tokens.many?
+      client, token_data = tokens.max_by { |cid, v| v[:expiry] || v['expiry'] }
+      self.tokens = { client => token_data }
     end
   end
 
+  def max_client_tokens_exceeded?
+    tokens.length > DeviseTokenAuth.max_number_of_devices
+  end
+
+  def clean_old_tokens
+    if tokens.present? && max_client_tokens_exceeded?
+      # Using Enumerable#sort_by on a Hash will typecast it into an associative
+      #   Array (i.e. an Array of key-value Array pairs). However, since Hashes
+      #   have an internal order in Ruby 1.9+, the resulting sorted associative
+      #   Array can be converted back into a Hash, while maintaining the sorted
+      #   order.
+      self.tokens = tokens.sort_by { |_cid, v| v[:expiry] || v['expiry'] }.to_h
+
+      # Since the tokens are sorted by expiry, shift the oldest client token
+      #   off the Hash until it no longer exceeds the maximum number of clients
+      tokens.shift while max_client_tokens_exceeded?
+    end
+  end
 end

data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb

@@ -1,13 +1,15 @@
+# frozen_string_literal: true
+
 module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
   extend ActiveSupport::Concern
 
   included do
     validates :email, presence: true,if: :email_provider?
-    validates :email, email: true, allow_nil: true, allow_blank: true, if: :email_provider?
+    validates :email, :devise_token_auth_email => true, allow_nil: true, allow_blank: true, if: :email_provider?
     validates_presence_of :uid, unless: :email_provider?
 
     # only validate unique emails among email registration users
-    validates :email, uniqueness: { scope: :provider }, on: :create, if: :email_provider?
+    validates :email, uniqueness: { case_sensitive: false, scope: :provider }, on: :create, if: :email_provider?
 
     # keep uid in sync with email
     before_save :sync_uid
@@ -21,6 +23,9 @@ module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
   end
 
   def sync_uid
-    self.uid = email if provider == 'email'
+    unless self.new_record?
+      return if devise_modules.include?(:confirmable) && !@bypass_confirmation_postpone && postpone_email_change?
+    end
+    self.uid = email if email_provider?
   end
 end

data/app/validators/{email_validator.rb → devise_token_auth_email_validator.rb}

@@ -1,7 +1,9 @@
-class EmailValidator < ActiveModel::EachValidator
+# frozen_string_literal: true
+
+class DeviseTokenAuthEmailValidator < ActiveModel::EachValidator
   def validate_each(record, attribute, value)
     unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
-      record.errors[attribute] << email_invalid_message
+      record.errors.add(attribute, email_invalid_message)
     end
   end
 
@@ -18,4 +20,4 @@ class EmailValidator < ActiveModel::EachValidator
 
     message
   end
-end
+end

data/app/views/devise_token_auth/omniauth_external_window.html.erb

@@ -15,7 +15,7 @@
             Cordova / PhoneGap)
       */
 
-      var data = JSON.parse(decodeURIComponent('<%= URI::escape( @data.to_json ) %>'));
+      var data = JSON.parse(decodeURIComponent('<%= ERB::Util.url_encode( @data.to_json ) %>'));
 
       window.addEventListener("message", function(ev) {
         if (ev.data === "requestCredentials") {

data/config/locales/da-DK.yml

@@ -2,11 +2,11 @@ da-DK:
   devise_token_auth:
     sessions:
       not_confirmed: "Der er sendt en bekræftelsesemail til din konto på '%{email}'. Følg venligst instruktionerne i emailen for at aktivere din konto."
-      bad_credentials: "Ugyldigt kombination af brugernavn og kodeord. Prøv venligst igen."
+      bad_credentials: "Ugyldig kombination af brugernavn og kodeord. Prøv venligst igen."
       not_supported: "Brug POST /sign_in for at logge ind. GET er ikke supporteret."
       user_not_found: "Brugeren er ikke fundet eller er ikke logget ind."
     token_validations:
-      invalid: "Ugyldig legitimationsoplysninger."
+      invalid: "Ugyldige legitimationsoplysninger."
     registrations:
       missing_confirm_success_url: "Der mangler et 'confirm_success_url' parameter."
       redirect_url_not_allowed: "Omdirigering til '%{redirect_url}' er ikke tilladt."
@@ -14,6 +14,8 @@ da-DK:
       account_with_uid_destroyed: "Kontoen med UID '%{uid}' er slettet."
       account_to_destroy_not_found: "Kan ikke finde kontoen som skal slettes."
       user_not_found: "Brugeren ikke fundet."
+    omniauth:
+      not_allowed_redirect_url: "Omdirigering til '%{redirect_url}' er ikke tilladt."
     passwords:
       missing_email: "Du skal udfylde email feltet."
       missing_redirect_url: "Der er ingen omdirigeringsadresse."
@@ -21,12 +23,12 @@ da-DK:
       sended: "En email er blevet sendt til '%{email}' med instruktioner for at nulstille dit kodeord."
       user_not_found: "Kan ikke finde en bruger med '%{email}'."
       password_not_required: "Denne bruger kræver ikke et kodeord. Log ind med '%{provider}' konto i stedet."
-      missing_passwords: "Du skal fylde alle felter ud som indeholder 'Password' og 'Password confirmation'."
+      missing_passwords: "Du skal udfylde både kodeord og bekræftelse af kodeord."
       successfully_updated: "Dit kodeord er opdateret."
     unlocks:
       missing_email: "Du skal udfylde en email."
       sended: "En email er blevet sendt til '%{email}', som indeholder instruktioner for at låse kontoen op."
-      user_not_found: "Kan ikke finde en burger med email '%{email}'."
+      user_not_found: "Kan ikke finde en bruger med email '%{email}'."
   errors:
     messages:
       validate_sign_up_params: "Angiv venligst passende registeringsdata i request body."
@@ -35,15 +37,15 @@ da-DK:
   devise:
     mailer:
       confirmation_instructions:
-        confirm_link_msg: "Du kan bekræfte din konto email for linket herunder:"
+        confirm_link_msg: "Du kan bekræfte din kontos email gennem linket herunder:"
         confirm_account_link: "Bekræft min konto"
       reset_password_instructions:
-        request_reset_link_msg: "Der er nogle der har anmodet om et link til at ændre dit kodeord. Det kan du gøre gennem linket nedenfor."
-        password_change_link: "Ændre mit kodeord."
+        request_reset_link_msg: "Nogen har anmodet om et link til at ændre dit kodeord. Det kan du gøre via linket nedenfor."
+        password_change_link: "Skift mit kodeord."
         ignore_mail_msg: "Hvis du ikke anmodede om dette, ignorer venligst denne email."
-        no_changes_msg: "Din kodeord vil ikke ændres indtil du går ind på linket ovenfor og laver et nyt et."
+        no_changes_msg: "Dit kodeord ændres først når du følger linket ovenfor og skaber et nyt."
       unlock_instructions:
-        account_lock_msg: "Din konto er blevet låst fordi der er for mange forkerte log ind-forsøg."
+        account_lock_msg: "Din konto er blevet låst fordi der har været for mange ugyldige log ind-forsøg."
         unlock_link_msg: "Klik linket nedenfor, for at låse din konto op:"
         unlock_link: "Lås min konto op"
   hello: "hej"

data/config/locales/de.yml

@@ -14,6 +14,8 @@ de:
       account_with_uid_destroyed: "Account mit der uid '%{uid}' wurde gelöscht."
       account_to_destroy_not_found: "Der zu löschende Account kann nicht gefunden werden."
       user_not_found: "Benutzer kann nicht gefunden werden."
+    omniauth:
+      not_allowed_redirect_url: "Weiterleitung zu '%{redirect_url}' ist nicht gestattet."
     passwords:
       missing_email: "Sie müssen eine E-Mail-Adresse angeben."
       missing_redirect_url: "Es fehlt die URL zu Weiterleitung."

data/config/locales/en.yml

@@ -14,11 +14,14 @@ en:
       account_with_uid_destroyed: "Account with UID '%{uid}' has been destroyed."
       account_to_destroy_not_found: "Unable to locate account for destruction."
       user_not_found: "User not found."
+    omniauth:
+      not_allowed_redirect_url: "Redirect to '%{redirect_url}' not allowed."
     passwords:
       missing_email: "You must provide an email address."
       missing_redirect_url: "Missing redirect URL."
       not_allowed_redirect_url: "Redirect to '%{redirect_url}' not allowed."
       sended: "An email has been sent to '%{email}' containing instructions for resetting your password."
+      sended_paranoid: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
       user_not_found: "Unable to find user with email '%{email}'."
       password_not_required: "This account does not require a password. Sign in using your '%{provider}' account instead."
       missing_passwords: "You must fill out the fields labeled 'Password' and 'Password confirmation'."
@@ -26,7 +29,14 @@ en:
     unlocks:
       missing_email: "You must provide an email address."
       sended: "An email has been sent to '%{email}' containing instructions for unlocking your account."
+      sended_paranoid: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
+      user_not_found: "Unable to find user with email '%{email}'."
+    confirmations:
+      sended: "An email has been sent to '%{email}' containing instructions for confirming your account."
+      sended_paranoid: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
       user_not_found: "Unable to find user with email '%{email}'."
+      missing_email: "You must provide an email address."
+
   errors:
     messages:
       validate_sign_up_params: "Please submit proper sign up data in request body."

data/config/locales/es.yml

@@ -14,6 +14,8 @@ es:
       account_with_uid_destroyed: "La cuenta con el identificador '%{uid}' se ha eliminado."
       account_to_destroy_not_found: "No se puede encontrar la cuenta a borrar."
       user_not_found: "Usuario no encontrado."
+    omniauth:
+      not_allowed_redirect_url: "Redirección hacia '%{redirect_url}' no esta permitida."
     passwords:
       missing_email: "Debe incluir un correo electrónico."
       missing_redirect_url: "Falta el Url de redirección."

data/config/locales/fr.yml

@@ -14,6 +14,8 @@ fr:
       account_with_uid_destroyed: "Le compte avec l'identifiant '%{uid}' a été supprimé."
       account_to_destroy_not_found: "Le compte à supprimer est introuvable."
       user_not_found: "Utilisateur introuvable."
+    omniauth:
+      not_allowed_redirect_url: "Redirection vers '%{redirect_url}' n'est pas autorisée."
     passwords:
       missing_email: "Vous devez soumettre un e-mail."
       missing_redirect_url: "URL de redirection manquante."

data/config/locales/he.yml

@@ -0,0 +1,52 @@
+he:
+  devise_token_auth:
+    sessions:
+      not_confirmed: "הודעת אישור נשלחה לחשבון שלך בכתובת '%{email}'. עליך לפעול לפי ההנחיות שבדוא\"ל לפני הפעלת החשבון שלך"
+      bad_credentials: "נתוני כניסה שגויים. בבקשה נסה שוב."
+      not_supported: "השתמש ב- POST / sign_in כדי להיכנס. GET אינו נתמך."
+      user_not_found: "המשתמש לא נמצא או לא היה מחובר."
+    token_validations:
+      invalid: "נתוני כניסה שגויים"
+    registrations:
+      missing_confirm_success_url: "חסר פרמטר 'confirm_success_url'."
+      redirect_url_not_allowed: "הפניה אל '%{redirect_url}' אינה מותרת."
+      email_already_exists: "כבר קיים חשבון עבור '%{email}'"
+      account_with_uid_destroyed: "חשבון עם UID '%{uid}' הושמד."
+      account_to_destroy_not_found: "לא ניתן לאתר חשבון להשמדה."
+      user_not_found: "המשתמש לא נמצא."
+    omniauth:
+      not_allowed_redirect_url: "הפניה אל '%{redirect_url}' אינה מותרת."
+    passwords:
+      missing_email: "עליך לספק כתובת דוא\"ל."
+      missing_redirect_url: "כתובת אתר להפניה מחדש חסרה."
+      not_allowed_redirect_url: "הפניה אל '%{redirect_url}' אינה מותרת."
+      sended: "אימייל נשלח ל '%{email}' המכיל הוראות לאיפוס הסיסמה שלך."
+      user_not_found: "לא ניתן למצוא משתמש עם הדוא\"ל '%{email}'."
+      password_not_required: "חשבון זה אינו דורש סיסמה. במקום זאת, השתמש בחשבון '%{provider}' שלך."
+      missing_passwords: "עליך למלא את השדות 'סיסמה' ו'אישור סיסמה'."
+      successfully_updated: "הסיסמה שלך עודכנה בהצלחה."
+    unlocks:
+      missing_email: "עליך לספק כתובת דוא\"ל."
+      sended: "הודעת אימייל נשלחה אל '%{email}' המכילה הוראות לביטול הנעילה של חשבונך."
+      user_not_found: "ניתן למצוא את המשתמש עם הדוא\"ל '%{email}'"
+  errors:
+    messages:
+      validate_sign_up_params: "שלח נתוני רישום תקינים בגוף הבקשה."
+      validate_account_update_params: "שלחו בבקשה נתוני עדכון חשבון תקינים בגוף הבקשה."
+      not_email: "אינו דוא\"ל"
+  devise:
+    mailer:
+      confirmation_instructions:
+        confirm_link_msg: "תוכל לאשר את כתובת הדוא\"ל של החשבון שלך באמצעות הקישור הבא:"
+        confirm_account_link: "אשר את החשבון שלי"
+      reset_password_instructions:
+        request_reset_link_msg: "מישהו ביקש קישור לשינוי הסיסמה שלך. תוכל לעשות זאת באמצעות הקישור הבא."
+        password_change_link: "שנה את הסיסמה שלי"
+        ignore_mail_msg: "אם לא ביקשת זאת, התעלם מדוא\"ל זה."
+        no_changes_msg: "הסיסמה שלך לא תשתנה עד שתגיע לקישור שלמעלה ותיצור סיסמה חדשה."
+      unlock_instructions:
+        account_lock_msg: "החשבון שלך ננעל עקב מספר מופרז של ניסיונות כניסה לא מוצלחים."
+        unlock_link_msg: "לחץ על הקישור למטה כדי לבטל את נעילת החשבון שלך:"
+        unlock_link: "בטל את הנעילה של החשבון שלי"
+  hello: "שלום"
+  welcome: "ברוך הבא"

data/config/locales/it.yml

@@ -14,6 +14,8 @@ it:
       account_with_uid_destroyed: "L'account con UID '%{uid}' è stato eliminato."
       account_to_destroy_not_found: "Impossibile trovare l'account da eliminare."
       user_not_found: "Utente non trovato."
+    omniauth:
+      not_allowed_redirect_url: "Redirezione a '%{redirect_url}' non consentita."
     passwords:
       missing_email: "Devi fornire un indirizzo email."
       missing_redirect_url: "Redirect URL mancante."

data/config/locales/ja.yml

@@ -14,6 +14,8 @@ ja:
       account_with_uid_destroyed: "'%{uid}' のアカウントは削除されました。"
       account_to_destroy_not_found: "削除するアカウントが見つかりません。"
       user_not_found: "ユーザーが見つかりません。"
+    omniauth:
+      not_allowed_redirect_url:  "'%{redirect_url}' へのリダイレクトは許可されていません。"
     passwords:
       missing_email: "メールアドレスが与えられていません。"
       missing_redirect_url: "リダイレクト URL が与えられていません。"
@@ -27,14 +29,14 @@ ja:
     messages:
       validate_sign_up_params: "リクエストボディに適切なアカウント新規登録データを送信してください。"
       validate_account_update_params: "リクエストボディに適切なアカウント更新のデータを送信してください。"
-      not_email: "はメールアドレスではありません"
+      not_email: "は有効ではありません"
   devise:
     mailer:
       confirmation_instructions:
         confirm_link_msg: "下記のリンクからアカウントを有効化できます:"
         confirm_account_link: "アカウントを有効化する"
       reset_password_instructions:
-        request_reset_link_msg: "パスワード変更のリクエストが送信されました。下記のリンクからパスワードの変更をできます。"
+        request_reset_link_msg: "パスワード変更のリクエストが送信されました。下記のリンクからパスワードの変更ができます。"
         password_change_link: "パスワードを変更する"
         ignore_mail_msg: "もしこの内容に覚えがない場合は、このメールを無視してください。"
         no_changes_msg: "上記のリンクにアクセスして新しいパスワードを作成するまで、現在のパスワードは変更されません。"