Get rid of flash hook and clean up passwords after registration.

2010-04-01 13:11:02 +02:00 · 2010-04-01 13:11:02 +02:00 · 16666b7587
parent dac7887d7c
commit 16666b7587
6 changed files with 20 additions and 27 deletions
--- a/app/controllers/devise/registrations_controller.rb
+++ b/app/controllers/devise/registrations_controller.rb
@ -5,7 +5,7 @@ class Devise::RegistrationsController < ApplicationController

  # GET /resource/sign_up
  def new
-    build_resource
+    build_resource({})
    render_with_scope :new
  end

@ -14,10 +14,10 @@ class Devise::RegistrationsController < ApplicationController
    build_resource

    if resource.save
-      flash[:"#{resource_name}_signed_up"] = true
      set_flash_message :notice, :signed_up
      sign_in_and_redirect(resource_name, resource)
    else
+      clean_up_passwords(resource)
      render_with_scope :new
    end
  end
@ -33,6 +33,7 @@ class Devise::RegistrationsController < ApplicationController
      set_flash_message :notice, :updated
      redirect_to after_sign_in_path_for(self.resource)
    else
+      clean_up_passwords(resource)
      render_with_scope :edit
    end
  end
--- a/app/controllers/devise/sessions_controller.rb
+++ b/app/controllers/devise/sessions_controller.rb
@ -4,13 +4,10 @@ class Devise::SessionsController < ApplicationController

  # GET /resource/sign_in
  def new
-    unless resource_just_signed_up?
-      Devise::FLASH_MESSAGES.each do |message|
-        set_now_flash_message :alert, message if params.try(:[], message) == "true"
-      end
-    end
-
-    build_resource
+    Devise::FLASH_MESSAGES.each do |message|
+      set_now_flash_message :alert, message if params.try(:[], message) == "true"
+    end unless flash[:notice]
+    build_resource({})
    render_with_scope :new
  end

@ -19,6 +16,8 @@ class Devise::SessionsController < ApplicationController
    if resource = authenticate(resource_name)
      set_flash_message :notice, :signed_in
      sign_in_and_redirect(resource_name, resource, true)
+    elsif warden.winning_strategy && warden.result != :failure
+      authenticate!
    else
      set_now_flash_message :alert, (warden.message || :invalid)
      clean_up_passwords(build_resource)
@ -31,14 +30,4 @@ class Devise::SessionsController < ApplicationController
    set_flash_message :notice, :signed_out if signed_in?(resource_name)
    sign_out_and_redirect(resource_name)
  end
-
-  protected
-
-    def resource_just_signed_up?
-      flash[:"#{resource_name}_signed_up"]
-    end
-
-    def clean_up_passwords(object)
-      object.clean_up_passwords if object.respond_to?(:clean_up_passwords)
-    end
 end
--- a/lib/devise/controllers/internal_helpers.rb
+++ b/lib/devise/controllers/internal_helpers.rb
@ -63,8 +63,9 @@ module Devise
      end

      # Build a devise resource.
-      def build_resource
-        self.resource = resource_class.new(params[resource_name] || {})
+      def build_resource(hash=nil)
+        hash ||= params[resource_name] || {}
+        self.resource = resource_class.new(hash)
      end

      # Helper for use in before_filters where no authentication is required.
@ -91,8 +92,8 @@ module Devise
      # available.
      def set_flash_message(key, kind, now=false)
        flash_hash = now ? flash.now : flash
-        flash_hash[key] = I18n.t(:"#{resource_name}.#{kind}",
-                            :scope => [:devise, controller_name.to_sym], :default => kind)
+        flash_hash[key] = I18n.t(:"#{resource_name}.#{kind}", :resource_name => resource_name,
+                                 :scope => [:devise, controller_name.to_sym], :default => kind)
      end

      # Shortcut to set flash.now message. Same rules applied from set_flash_message
@ -100,6 +101,9 @@ module Devise
        set_flash_message(key, kind, true)
      end

+      def clean_up_passwords(object)
+        object.clean_up_passwords if object.respond_to?(:clean_up_passwords)
+      end
    end
  end
 end
--- a/lib/devise/models/database_authenticatable.rb
+++ b/lib/devise/models/database_authenticatable.rb
@ -67,11 +67,10 @@ module Devise
          update_attributes(params)
        else
          self.errors.add(:current_password, current_password.blank? ? :blank : :invalid)
-          self.attributes = params
+          self.attributes = params.except(:password, :password_confirmation)
          false
        end

-        clean_up_passwords unless result
        result
      end

--- a/test/rails_app/app/controllers/sessions_controller.rb
+++ b/test/rails_app/app/controllers/sessions_controller.rb
@ -1,6 +1,6 @@
 class SessionsController < Devise::SessionsController
  def new
-    flash[:notice] = "Welcome to #{controller_path.inspect} controller!"
+    flash[:special] = "Welcome to #{controller_path.inspect} controller!"
    super
  end
 end
--- a/test/rails_app/app/views/layouts/application.html.erb
+++ b/test/rails_app/app/views/layouts/application.html.erb
@ -7,7 +7,7 @@
  <body>
    <div id="container">
      <%- flash.each do |name, msg| -%>
-        <%= content_tag :div, msg, :id => "flash_#{name}" if msg.is_a?(String) %>
+        <%= content_tag :div, msg, :id => "flash_#{name}" %>
      <%- end -%>

      <% if user_signed_in? -%>