Merge branch 'master' into rails4

2022-11-09 12:18:31 -05:00 · 2013-03-28 13:51:12 -03:00 · 2013-03-28 13:51:12 -03:00 · 335a6af861
commit 335a6af861
parent d29b744d92 72cbafa322
9 changed files with 60 additions and 11 deletions
--- a/2
+++ b/2
@ -1,4 +1,4 @@
-source "http://rubygems.org"
+source "https://rubygems.org"

 gemspec

--- a/README.md
+++ b/README.md
@ -1,8 +1,8 @@
-## Devise
+![Devise Logo](https://raw.github.com/plataformatec/devise/master/devise.png)

-[![Build Status](https://secure.travis-ci.org/plataformatec/devise.png?branch=master)](http://travis-ci.org/plataformatec/devise)
-[![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/plataformatec/devise)
 [![Gem Version](https://fury-badge.herokuapp.com/rb/devise.png)](http://badge.fury.io/rb/devise)
+[![Build Status](https://secure.travis-ci.org/plataformatec/devise.png?branch=master)](http://travis-ci.org/plataformatec/devise)
+[![Code Climate](https://codeclimate.com/github/plataformatec/devise.png)](https://codeclimate.com/github/plataformatec/devise)

 This README is [also available in a friendly navigable format](http://devise.plataformatec.com.br/).

@ -394,3 +394,5 @@ https://github.com/plataformatec/devise/contributors
 ## License

 MIT License. Copyright 2009-2013 Plataformatec. http://plataformatec.com.br
+
+You are not granted rights or licenses to the trademarks of the Plataformatec, including without limitation the Devise name or logo.
--- a/devise.gemspec
+++ b/devise.gemspec
@ -6,6 +6,7 @@ Gem::Specification.new do |s|
  s.name        = "devise"
  s.version     = Devise::VERSION.dup
  s.platform    = Gem::Platform::RUBY
+  s.license     = "MIT"
  s.summary     = "Flexible authentication solution for Rails with Warden"
  s.email       = "contact@plataformatec.com.br"
  s.homepage    = "http://github.com/plataformatec/devise"
--- a/devise.png
+++ b/devise.png
--- a/lib/devise.rb
+++ b/lib/devise.rb
@ -51,6 +51,10 @@ module Devise
  mattr_accessor :stretches
  @@stretches = 10

+  # The default key used when authenticating over http auth.
+  mattr_accessor :http_auth_key
+  @@http_auth_key = nil
+
  # Keys used when authenticating a user.
  mattr_accessor :authentication_keys
  @@authentication_keys = [ :email ]
--- a/lib/devise/models/authenticatable.rb
+++ b/lib/devise/models/authenticatable.rb
@ -10,6 +10,9 @@ module Devise
    #
    #   * +authentication_keys+: parameters used for authentication. By default [:email].
    #
+    #   * +http_auth_key+: map the username passed via HTTP Auth to this parameter. Defaults to
+    #     the first element in +authentication_keys+.
+    #
    #   * +request_keys+: parameters from the request object used for authentication.
    #     By specifying a symbol (which should be a request method), it will automatically be
    #     passed to find_for_authentication method and considered in your model lookup.
@ -140,14 +143,26 @@ module Devise
      #
      #       protected
      #
-      #       def send_devise_notification(notification)
-      #         pending_notifications << notification
+      #       def send_devise_notification(notification, opts = {})
+      #         # if the record is new or changed then delay the
+      #         # delivery until the after_commit callback otherwise
+      #         # send now because after_commit will not be called.
+      #         if new_record? || changed?
+      #           pending_notifications << [notification, opts]
+      #         else
+      #           devise_mailer.send(notification, self, opts).deliver
+      #         end
      #       end
      #
      #       def send_pending_notifications
-      #         pending_notifications.each do |n|
-      #           devise_mailer.send(n, self).deliver
+      #         pending_notifications.each do |n, opts|
+      #           devise_mailer.send(n, self, opts).deliver
      #         end
+      #
+      #         # Empty the pending notifications array because the
+      #         # after_commit hook can be called multiple times which
+      #         # could cause multiple emails to be sent.
+      #         pending_notifications.clear
      #       end
      #
      #       def pending_notifications
@ -182,7 +197,8 @@ module Devise

      module ClassMethods
        Devise::Models.config(self, :authentication_keys, :request_keys, :strip_whitespace_keys,
-          :case_insensitive_keys, :http_authenticatable, :params_authenticatable, :skip_session_storage)
+          :case_insensitive_keys, :http_authenticatable, :params_authenticatable, :skip_session_storage,
+          :http_auth_key)

        def serialize_into_session(record)
          [record.to_key, record.authenticatable_salt]
--- a/lib/devise/models/recoverable.rb
+++ b/lib/devise/models/recoverable.rb
@ -1,7 +1,7 @@
 module Devise
  module Models

-    # Recoverable takes care of reseting the user password and send reset instructions.
+    # Recoverable takes care of resetting the user password and send reset instructions.
    #
    # ==Options
    #
--- a/lib/devise/strategies/authenticatable.rb
+++ b/lib/devise/strategies/authenticatable.rb
@ -100,7 +100,7 @@ module Devise

      # Extract a hash with attributes:values from the http params.
      def http_auth_hash
-        keys = [authentication_keys.first, :password]
+        keys = [http_auth_key, :password]
        Hash[*keys.zip(decode_credentials).flatten]
      end

@ -139,6 +139,14 @@ module Devise
        @authentication_keys ||= mapping.to.authentication_keys
      end

+      def http_auth_key
+        @http_auth_key ||= mapping.to.http_auth_key
+        @http_auth_key ||= case authentication_keys
+          when Array then authentication_keys.first
+          when Hash then authentication_keys.keys.first
+        end
+      end
+
      # Holds request keys.
      def request_keys
        @request_keys ||= mapping.to.request_keys
--- a/test/integration/http_authenticatable_test.rb
+++ b/test/integration/http_authenticatable_test.rb
@ -62,6 +62,24 @@ class HttpAuthenticationTest < ActionDispatch::IntegrationTest
    end
  end

+  test 'it uses appropriate authentication_keys when configured with hash' do
+    swap Devise, :authentication_keys => { :username => false, :email => false } do
+      sign_in_as_new_user_with_http("usertest")
+      assert_response :success
+      assert_match '<email>user@test.com</email>', response.body
+      assert warden.authenticated?(:user)
+    end
+  end
+
+  test 'it uses the appropriate key when configured explicitly' do
+    swap Devise, :authentication_keys => { :email => false, :username => false }, :http_auth_key => :username do
+      sign_in_as_new_user_with_http("usertest")
+      assert_response :success
+      assert_match '<email>user@test.com</email>', response.body
+      assert warden.authenticated?(:user)
+    end
+  end
+
  test 'test request with oauth2 header doesnt get mistaken for basic authentication' do
    swap Devise, :http_authenticatable => true do
      add_oauth2_header