From 16666b75870339e22b74906e41b705cb29bc71d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Thu, 1 Apr 2010 13:11:02 +0200 Subject: [PATCH] Get rid of flash hook and clean up passwords after registration. --- .../devise/registrations_controller.rb | 5 ++-- app/controllers/devise/sessions_controller.rb | 23 +++++-------------- lib/devise/controllers/internal_helpers.rb | 12 ++++++---- lib/devise/models/database_authenticatable.rb | 3 +-- .../app/controllers/sessions_controller.rb | 2 +- .../app/views/layouts/application.html.erb | 2 +- 6 files changed, 20 insertions(+), 27 deletions(-) diff --git a/app/controllers/devise/registrations_controller.rb b/app/controllers/devise/registrations_controller.rb index 32a24a36..96ea5898 100644 --- a/app/controllers/devise/registrations_controller.rb +++ b/app/controllers/devise/registrations_controller.rb @@ -5,7 +5,7 @@ class Devise::RegistrationsController < ApplicationController # GET /resource/sign_up def new - build_resource + build_resource({}) render_with_scope :new end @@ -14,10 +14,10 @@ class Devise::RegistrationsController < ApplicationController build_resource if resource.save - flash[:"#{resource_name}_signed_up"] = true set_flash_message :notice, :signed_up sign_in_and_redirect(resource_name, resource) else + clean_up_passwords(resource) render_with_scope :new end end @@ -33,6 +33,7 @@ class Devise::RegistrationsController < ApplicationController set_flash_message :notice, :updated redirect_to after_sign_in_path_for(self.resource) else + clean_up_passwords(resource) render_with_scope :edit end end diff --git a/app/controllers/devise/sessions_controller.rb b/app/controllers/devise/sessions_controller.rb index 7f4b7a23..22f00ad2 100644 --- a/app/controllers/devise/sessions_controller.rb +++ b/app/controllers/devise/sessions_controller.rb @@ -4,13 +4,10 @@ class Devise::SessionsController < ApplicationController # GET /resource/sign_in def new - unless resource_just_signed_up? - Devise::FLASH_MESSAGES.each do |message| - set_now_flash_message :alert, message if params.try(:[], message) == "true" - end - end - - build_resource + Devise::FLASH_MESSAGES.each do |message| + set_now_flash_message :alert, message if params.try(:[], message) == "true" + end unless flash[:notice] + build_resource({}) render_with_scope :new end @@ -19,6 +16,8 @@ class Devise::SessionsController < ApplicationController if resource = authenticate(resource_name) set_flash_message :notice, :signed_in sign_in_and_redirect(resource_name, resource, true) + elsif warden.winning_strategy && warden.result != :failure + authenticate! else set_now_flash_message :alert, (warden.message || :invalid) clean_up_passwords(build_resource) @@ -31,14 +30,4 @@ class Devise::SessionsController < ApplicationController set_flash_message :notice, :signed_out if signed_in?(resource_name) sign_out_and_redirect(resource_name) end - - protected - - def resource_just_signed_up? - flash[:"#{resource_name}_signed_up"] - end - - def clean_up_passwords(object) - object.clean_up_passwords if object.respond_to?(:clean_up_passwords) - end end diff --git a/lib/devise/controllers/internal_helpers.rb b/lib/devise/controllers/internal_helpers.rb index b128505b..af20f4d1 100644 --- a/lib/devise/controllers/internal_helpers.rb +++ b/lib/devise/controllers/internal_helpers.rb @@ -63,8 +63,9 @@ module Devise end # Build a devise resource. - def build_resource - self.resource = resource_class.new(params[resource_name] || {}) + def build_resource(hash=nil) + hash ||= params[resource_name] || {} + self.resource = resource_class.new(hash) end # Helper for use in before_filters where no authentication is required. @@ -91,8 +92,8 @@ module Devise # available. def set_flash_message(key, kind, now=false) flash_hash = now ? flash.now : flash - flash_hash[key] = I18n.t(:"#{resource_name}.#{kind}", - :scope => [:devise, controller_name.to_sym], :default => kind) + flash_hash[key] = I18n.t(:"#{resource_name}.#{kind}", :resource_name => resource_name, + :scope => [:devise, controller_name.to_sym], :default => kind) end # Shortcut to set flash.now message. Same rules applied from set_flash_message @@ -100,6 +101,9 @@ module Devise set_flash_message(key, kind, true) end + def clean_up_passwords(object) + object.clean_up_passwords if object.respond_to?(:clean_up_passwords) + end end end end diff --git a/lib/devise/models/database_authenticatable.rb b/lib/devise/models/database_authenticatable.rb index 4a662b15..1dffb632 100644 --- a/lib/devise/models/database_authenticatable.rb +++ b/lib/devise/models/database_authenticatable.rb @@ -67,11 +67,10 @@ module Devise update_attributes(params) else self.errors.add(:current_password, current_password.blank? ? :blank : :invalid) - self.attributes = params + self.attributes = params.except(:password, :password_confirmation) false end - clean_up_passwords unless result result end diff --git a/test/rails_app/app/controllers/sessions_controller.rb b/test/rails_app/app/controllers/sessions_controller.rb index 81325fed..7a24b276 100644 --- a/test/rails_app/app/controllers/sessions_controller.rb +++ b/test/rails_app/app/controllers/sessions_controller.rb @@ -1,6 +1,6 @@ class SessionsController < Devise::SessionsController def new - flash[:notice] = "Welcome to #{controller_path.inspect} controller!" + flash[:special] = "Welcome to #{controller_path.inspect} controller!" super end end \ No newline at end of file diff --git a/test/rails_app/app/views/layouts/application.html.erb b/test/rails_app/app/views/layouts/application.html.erb index c0e51507..5a4c0048 100644 --- a/test/rails_app/app/views/layouts/application.html.erb +++ b/test/rails_app/app/views/layouts/application.html.erb @@ -7,7 +7,7 @@
<%- flash.each do |name, msg| -%> - <%= content_tag :div, msg, :id => "flash_#{name}" if msg.is_a?(String) %> + <%= content_tag :div, msg, :id => "flash_#{name}" %> <%- end -%> <% if user_signed_in? -%>