loyal_devise 2.1.2 → 2.1.3

data/devise.gemspec

@@ -3,24 +3,24 @@ $:.push File.expand_path("../lib", __FILE__)
 require "devise/version"
 
 Gem::Specification.new do |s|
-  s.name        = "loyal_devise"
+  s.name        = "devise"
   s.version     = Devise::VERSION.dup
   s.platform    = Gem::Platform::RUBY
+  s.licenses    = ["MIT"]
   s.summary     = "Flexible authentication solution for Rails with Warden"
   s.email       = "contact@plataformatec.com.br"
-  s.homepage    = "http://github.com/blogsoso/devise"
+  s.homepage    = "http://github.com/plataformatec/devise"
   s.description = "Flexible authentication solution for Rails with Warden"
   s.authors     = ['José Valim', 'Carlos Antônio']
 
-  # s.rubyforge_project = "devise"
+  s.rubyforge_project = "devise"
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- test/*`.split("\n")
   s.require_paths = ["lib"]
 
-  s.add_dependency("loyal_warden", "~> 2.0.0")
-  # s.add_dependency("warden", "~> 2.0.0")
+  s.add_dependency("warden", "~> 1.2.1")
   s.add_dependency("orm_adapter", "~> 0.1")
   s.add_dependency("bcrypt-ruby", "~> 3.0")
-  # s.add_dependency("railties", "~> 3.1")
+  s.add_dependency("railties", ">= 3.2.6", "< 5")
 end

data/gemfiles/{Gemfile.rails-3.1.x → Gemfile.rails-3.2.x}

@@ -1,8 +1,8 @@
-source "http://rubygems.org"
+source "https://rubygems.org"
 
-gem "loyal_devise", :path => ".."
+gemspec :path => '..'
 
-gem "rails", "~> 3.1.0"
+gem "rails", "~> 3.2.6"
 gem "omniauth", "~> 1.0.0"
 gem "omniauth-oauth2", "~> 1.0.0"
 gem "rdoc"
@@ -10,12 +10,8 @@ gem "rdoc"
 group :test do
   gem "omniauth-facebook"
   gem "omniauth-openid", "~> 1.0.1"
-  gem "webrat", "0.7.2", :require => false
-  gem "mocha", :require => false
-
-  platforms :mri_18 do
-    gem "ruby-debug", ">= 0.10.3"
-  end
+  gem "webrat", "0.7.3", :require => false
+  gem "mocha", "~> 0.13.1", :require => false
 end
 
 platforms :jruby do
@@ -26,10 +22,10 @@ end
 
 platforms :ruby do
   gem "sqlite3"
+end
 
+platforms :mri_19, :mri_20 do
   group :mongoid do
-    gem "mongo", "~> 1.3.0"
-    gem "mongoid", "~> 2.0"
-    gem "bson_ext", "~> 1.3.0"
+    gem "mongoid", "~> 3.0"
   end
 end

data/gemfiles/Gemfile.rails-3.2.x.lock

@@ -0,0 +1,156 @@
+PATH
+  remote: ..
+  specs:
+    devise (3.0.0.rc)
+      bcrypt-ruby (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 3.2.6, < 5)
+      warden (~> 1.2.1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionmailer (3.2.13)
+      actionpack (= 3.2.13)
+      mail (~> 2.5.3)
+    actionpack (3.2.13)
+      activemodel (= 3.2.13)
+      activesupport (= 3.2.13)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      journey (~> 1.0.4)
+      rack (~> 1.4.5)
+      rack-cache (~> 1.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.2.1)
+    activemodel (3.2.13)
+      activesupport (= 3.2.13)
+      builder (~> 3.0.0)
+    activerecord (3.2.13)
+      activemodel (= 3.2.13)
+      activesupport (= 3.2.13)
+      arel (~> 3.0.2)
+      tzinfo (~> 0.3.29)
+    activeresource (3.2.13)
+      activemodel (= 3.2.13)
+      activesupport (= 3.2.13)
+    activesupport (3.2.13)
+      i18n (= 0.6.1)
+      multi_json (~> 1.0)
+    arel (3.0.2)
+    bcrypt-ruby (3.0.1)
+    builder (3.0.4)
+    erubis (2.7.0)
+    faraday (0.8.7)
+      multipart-post (~> 1.1)
+    hashie (1.2.0)
+    hike (1.2.2)
+    httpauth (0.2.0)
+    i18n (0.6.1)
+    journey (1.0.4)
+    json (1.7.7)
+    jwt (0.1.8)
+      multi_json (>= 1.5)
+    mail (2.5.3)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    metaclass (0.0.1)
+    mime-types (1.23)
+    mocha (0.13.3)
+      metaclass (~> 0.0.1)
+    mongoid (3.1.3)
+      activemodel (~> 3.2)
+      moped (~> 1.4.2)
+      origin (~> 1.0)
+      tzinfo (~> 0.3.22)
+    moped (1.4.5)
+    multi_json (1.7.3)
+    multipart-post (1.2.0)
+    nokogiri (1.5.9)
+    oauth2 (0.8.1)
+      faraday (~> 0.8)
+      httpauth (~> 0.1)
+      jwt (~> 0.1.4)
+      multi_json (~> 1.0)
+      rack (~> 1.2)
+    omniauth (1.0.3)
+      hashie (~> 1.2)
+      rack
+    omniauth-facebook (1.4.0)
+      omniauth-oauth2 (~> 1.0.2)
+    omniauth-oauth2 (1.0.3)
+      oauth2 (~> 0.8.0)
+      omniauth (~> 1.0)
+    omniauth-openid (1.0.1)
+      omniauth (~> 1.0)
+      rack-openid (~> 1.3.1)
+    origin (1.1.0)
+    orm_adapter (0.4.0)
+    polyglot (0.3.3)
+    rack (1.4.5)
+    rack-cache (1.2)
+      rack (>= 0.4)
+    rack-openid (1.3.1)
+      rack (>= 1.1.0)
+      ruby-openid (>= 2.1.8)
+    rack-ssl (1.3.3)
+      rack
+    rack-test (0.6.2)
+      rack (>= 1.0)
+    rails (3.2.13)
+      actionmailer (= 3.2.13)
+      actionpack (= 3.2.13)
+      activerecord (= 3.2.13)
+      activeresource (= 3.2.13)
+      activesupport (= 3.2.13)
+      bundler (~> 1.0)
+      railties (= 3.2.13)
+    railties (3.2.13)
+      actionpack (= 3.2.13)
+      activesupport (= 3.2.13)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (>= 0.14.6, < 2.0)
+    rake (10.0.4)
+    rdoc (3.12.2)
+      json (~> 1.4)
+    ruby-openid (2.2.3)
+    sprockets (2.2.2)
+      hike (~> 1.2)
+      multi_json (~> 1.0)
+      rack (~> 1.0)
+      tilt (~> 1.1, != 1.3.0)
+    sqlite3 (1.3.7)
+    thor (0.18.1)
+    tilt (1.4.0)
+    treetop (1.4.12)
+      polyglot
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.37)
+    warden (1.2.1)
+      rack (>= 1.0)
+    webrat (0.7.3)
+      nokogiri (>= 1.2.0)
+      rack (>= 1.0)
+      rack-test (>= 0.5.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activerecord-jdbc-adapter
+  activerecord-jdbcsqlite3-adapter
+  devise!
+  jruby-openssl
+  mocha (~> 0.13.1)
+  mongoid (~> 3.0)
+  omniauth (~> 1.0.0)
+  omniauth-facebook
+  omniauth-oauth2 (~> 1.0.0)
+  omniauth-openid (~> 1.0.1)
+  rails (~> 3.2.6)
+  rdoc
+  sqlite3
+  webrat (= 0.7.3)

data/lib/devise.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 require 'rails'
 require 'active_support/core_ext/numeric/time'
 require 'active_support/dependencies'
@@ -7,12 +6,14 @@ require 'set'
 require 'securerandom'
 
 module Devise
-  autoload :Delegator,     'devise/delegator'
-  autoload :FailureApp,    'devise/failure_app'
-  autoload :OmniAuth,      'devise/omniauth'
-  autoload :ParamFilter,   'devise/param_filter'
-  autoload :TestHelpers,   'devise/test_helpers'
-  autoload :TimeInflector, 'devise/time_inflector'
+  autoload :Delegator,          'devise/delegator'
+  autoload :FailureApp,         'devise/failure_app'
+  autoload :OmniAuth,           'devise/omniauth'
+  autoload :ParameterFilter,    'devise/parameter_filter'
+  autoload :BaseSanitizer,      'devise/parameter_sanitizer'
+  autoload :ParameterSanitizer, 'devise/parameter_sanitizer'
+  autoload :TestHelpers,        'devise/test_helpers'
+  autoload :TimeInflector,      'devise/time_inflector'
 
   module Controllers
     autoload :Helpers, 'devise/controllers/helpers'
@@ -44,7 +45,7 @@ module Devise
   # True values used to check params
   TRUE_VALUES = [true, 1, '1', 't', 'T', 'true', 'TRUE']
 
-  # Custom domain for cookies. Not set by default
+  # Custom domain or key for cookies. Not set by default
   mattr_accessor :rememberable_options
   @@rememberable_options = {}
 
@@ -52,6 +53,10 @@ module Devise
   mattr_accessor :stretches
   @@stretches = 10
 
+  # The default key used when authenticating over http auth.
+  mattr_accessor :http_authentication_key
+  @@http_authentication_key = nil
+
   # Keys used when authenticating a user.
   mattr_accessor :authentication_keys
   @@authentication_keys = [ :email ]
@@ -88,7 +93,7 @@ module Devise
   # an one (and only one) @ exists in the given string. This is mainly
   # to give user feedback and not to assert the e-mail validity.
   mattr_accessor :email_regexp
-  @@email_regexp = /\A[^@]+@([^@\.]+\.)+[^@\.]+\z/
+  @@email_regexp = /\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/
 
   # Range validation for password length
   mattr_accessor :password_length
@@ -103,6 +108,7 @@ module Devise
   @@extend_remember_period = false
 
   # Time interval you can access your account before confirming your account.
+  # nil - allows unconfirmed access for unlimited time
   mattr_accessor :allow_unconfirmed_access_for
   @@allow_unconfirmed_access_for = 0.days
 
@@ -200,6 +206,12 @@ module Devise
   mattr_accessor :parent_controller
   @@parent_controller = "ApplicationController"
 
+  # The parent mailer all Devise mailers inherit from.
+  # Defaults to ActionMailer::Base. This should be set early
+  # in the initialization process and should be set to a string.
+  mattr_accessor :parent_mailer
+  @@parent_mailer = "ActionMailer::Base"
+
   # The router Devise should use to generate routes. Defaults
   # to :main_app. Should be overriden by engines in order
   # to provide custom routes.
@@ -305,7 +317,7 @@ module Devise
   # == Options:
   #
   #   +model+      - String representing the load path to a custom *model* for this module (to autoload.)
-  #   +controller+ - Symbol representing the name of an exisiting or custom *controller* for this module.
+  #   +controller+ - Symbol representing the name of an existing or custom *controller* for this module.
   #   +route+      - Symbol representing the named *route* helper for this module.
   #   +strategy+   - Symbol representing if this module got a custom *strategy*.
   #
@@ -415,6 +427,17 @@ module Devise
 
       Devise.mappings.each_value do |mapping|
         warden_config.scope_defaults mapping.name, :strategies => mapping.strategies
+
+        warden_config.serialize_into_session(mapping.name) do |record|
+          mapping.to.serialize_into_session(record)
+        end
+
+        warden_config.serialize_from_session(mapping.name) do |key|
+          # Previous versions contained an additional entry at the beginning of
+          # key with the record's class name.
+          args = key[-2, 2]
+          mapping.to.serialize_from_session(*args)
+        end
       end
 
       @@warden_config_block.try :call, Devise.warden_config
@@ -422,7 +445,7 @@ module Devise
     end
   end
 
-  # Generate a friendly string randomically to be used as token.
+  # Generate a friendly string randomly to be used as token.
   def self.friendly_token
     SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
   end

data/lib/devise/controllers/helpers.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 module Devise
   module Controllers
     # Those helpers are convenience methods added to ApplicationController.
@@ -81,6 +80,17 @@ module Devise
         is_a?(DeviseController)
       end
 
+      # Setup a param sanitizer to filter parameters using strong_parameters. See
+      # lib/devise/parameter_sanitizer.rb for more info. Override this
+      # method in your application controller to use your own parameter sanitizer.
+      def devise_parameter_sanitizer
+        @devise_parameter_sanitizer ||= if defined?(ActionController::StrongParameters)
+          Devise::ParameterSanitizer.new(resource_class, resource_name, params)
+        else
+          Devise::BaseSanitizer.new(resource_class, resource_name, params)
+        end
+      end
+
       # Tell warden that params authentication is allowed for that specific page.
       def allow_params_authentication!
         request.env["devise.allow_params_authentication"] = true
@@ -163,8 +173,8 @@ module Devise
         users.any?
       end
 
-      # Returns and delete the url stored in the session for the given scope. Useful
-      # for giving redirect backs after sign up:
+      # Returns and delete (if it's navigational format) the url stored in the session for
+      # the given scope. Useful for giving redirect backs after sign up:
       #
       # Example:
       #
@@ -172,7 +182,12 @@ module Devise
       #
       def stored_location_for(resource_or_scope)
         scope = Devise::Mapping.find_scope!(resource_or_scope)
-        session.delete("#{scope}_return_to")
+
+        if is_navigational_format?
+          session.delete("#{scope}_return_to")
+        else
+          session["#{scope}_return_to"]
+        end
       end
 
       # The scope root url to be used when he's signed in. By default, it first
@@ -257,12 +272,23 @@ module Devise
       # Overwrite Rails' handle unverified request to sign out all scopes,
       # clear run strategies and remove cached variables.
       def handle_unverified_request
-        sign_out_all_scopes(false)
-        request.env["devise.skip_storage"] = true
-        expire_devise_cached_variables!
+        if sign_in?
+          sign_out_all_scopes(false)
+          request.env["devise.skip_storage"] = true
+          expire_devise_cached_variables!
+        end
+
         super # call the default behaviour which resets the session
       end
 
+      def request_format
+        @request_format ||= request.format.try(:ref)
+      end
+
+      def is_navigational_format?
+        Devise.navigational_formats.include?(request_format)
+      end
+
       private
 
       def expire_devise_cached_variables!

data/lib/devise/controllers/rememberable.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 module Devise
   module Controllers
     # A module that may be optionally included in a controller in order
@@ -24,14 +23,14 @@ module Devise
       def remember_me(resource)
         scope = Devise::Mapping.find_scope!(resource)
         resource.remember_me!(resource.extend_remember_period)
-        cookies.signed["remember_#{scope}_token"] = remember_cookie_values(resource)
+        cookies.signed[remember_key(resource, scope)] = remember_cookie_values(resource)
       end
 
       # Forgets the given resource by deleting a cookie
       def forget_me(resource)
         scope = Devise::Mapping.find_scope!(resource)
         resource.forget_me!
-        cookies.delete("remember_#{scope}_token", forget_cookie_values(resource))
+        cookies.delete(remember_key(resource, scope), forget_cookie_values(resource))
       end
 
       protected
@@ -48,6 +47,10 @@ module Devise
           :expires => resource.remember_expires_at
         )
       end
+
+      def remember_key(resource, scope)
+        resource.rememberable_options.fetch(:key, "remember_#{scope}_token")
+      end
     end
   end
 end

data/lib/devise/controllers/scoped_views.rb

@@ -1,4 +1,3 @@
-# -*- encoding : utf-8 -*-
 module Devise
   module Controllers
     module ScopedViews
@@ -15,4 +14,4 @@ module Devise
       end
     end
   end
-end
+end