diff --git a/app/controllers/devise/registrations_controller.rb b/app/controllers/devise/registrations_controller.rb index 40ef53ef..f6d13811 100644 --- a/app/controllers/devise/registrations_controller.rb +++ b/app/controllers/devise/registrations_controller.rb @@ -5,8 +5,8 @@ class Devise::RegistrationsController < ApplicationController # GET /resource/sign_up def new - build_resource({}) - render_with_scope :new + resource = build_resource({}) + respond_with_navigational(resource){ render_with_scope :new } end # POST /resource diff --git a/app/controllers/devise/sessions_controller.rb b/app/controllers/devise/sessions_controller.rb index 73c77110..d7074f67 100644 --- a/app/controllers/devise/sessions_controller.rb +++ b/app/controllers/devise/sessions_controller.rb @@ -38,8 +38,8 @@ class Devise::SessionsController < ApplicationController protected def stub_options(resource) - hash = { :only => resource_class.authentication_keys } - hash[:methods] = [:password] if resource.respond_to?(:password) - hash + array = resource_class.authentication_keys.dup + array << :password if resource.respond_to?(:password) + { :methods => array, :only => [:password] } end end \ No newline at end of file diff --git a/lib/devise/models/authenticatable.rb b/lib/devise/models/authenticatable.rb index 999b4be7..b2b0cce6 100644 --- a/lib/devise/models/authenticatable.rb +++ b/lib/devise/models/authenticatable.rb @@ -76,6 +76,19 @@ module Devise def authenticatable_salt end + %w(to_xml to_json).each do |method| + class_eval <<-RUBY, __FILE__, __LINE__ + def #{method}(options={}) + if self.class.respond_to?(:accessible_attributes) + options = { :only => self.class.accessible_attributes.to_a }.merge(options || {}) + super(options) + else + super + end + end + RUBY + end + module ClassMethods Devise::Models.config(self, :authentication_keys, :request_keys, :case_insensitive_keys, :http_authenticatable, :params_authenticatable) diff --git a/test/integration/authenticatable_test.rb b/test/integration/authenticatable_test.rb index 1a611e93..044adfff 100644 --- a/test/integration/authenticatable_test.rb +++ b/test/integration/authenticatable_test.rb @@ -348,6 +348,15 @@ class AuthenticationOthersTest < ActionController::IntegrationTest assert_match '"password":""', response.body end + test 'sign in stub in json with non attribute key' do + swap Devise, :authentication_keys => [:other_key] do + get new_user_session_path(:format => 'json') + assert_match '{"user":{', response.body + assert_match '"other_key":null', response.body + assert_match '"password":""', response.body + end + end + test 'uses the mapping from router' do sign_in_as_user :visit => "/as/sign_in" assert warden.authenticated?(:user) diff --git a/test/integration/registerable_test.rb b/test/integration/registerable_test.rb index 58bea1cd..36d32a60 100644 --- a/test/integration/registerable_test.rb +++ b/test/integration/registerable_test.rb @@ -207,6 +207,20 @@ class RegistrationTest < ActionController::IntegrationTest assert_redirected_to new_user_registration_path end + test 'a user with XML sign up stub' do + get new_user_registration_path(:format => 'xml') + assert_response :success + assert_match %(\n), response.body + assert_no_match(//, response.body) if DEVISE_ORM == :active_record + end + + test 'a user with JSON sign up stub' do + get new_user_registration_path(:format => 'json') + assert_response :success + assert_match %({"user":), response.body + assert_no_match(/"confirmation_token"/, response.body) if DEVISE_ORM == :active_record + end + test 'an admin sign up with valid information in XML format should return valid response' do post admin_registration_path(:format => 'xml'), :admin => { :email => 'new_user@test.com', :password => 'new_user123', :password_confirmation => 'new_user123' } assert_response :success diff --git a/test/rails_app/lib/shared_user.rb b/test/rails_app/lib/shared_user.rb index eca7463d..e4bd8712 100644 --- a/test/rails_app/lib/shared_user.rb +++ b/test/rails_app/lib/shared_user.rb @@ -6,6 +6,8 @@ module SharedUser :registerable, :rememberable, :timeoutable, :token_authenticatable, :trackable, :validatable, :omniauthable + attr_accessor :other_key + # They need to be included after Devise is called. extend ExtendMethods end