All tests passing (except two which are errors in Rails). Now generators and initialization process.

app/controllers/registrations_controller.rb

@@ -34,6 +34,8 @@ class RegistrationsController < ApplicationController
       set_flash_message :notice, :updated
       redirect_to after_sign_in_path_for(self.resource)
     else
+      build_resource
+      send(:"current_#{resource_name}").reload
       render_with_scope :edit
     end
   end
@@ -50,6 +52,6 @@ class RegistrationsController < ApplicationController
     # Authenticates the current scope and dup the resource
     def authenticate_scope!
       send(:"authenticate_#{resource_name}!")
-      self.resource = send(:"current_#{resource_name}").dup
+      self.resource = send(:"current_#{resource_name}")
     end
 end

lib/devise/controllers/internal_helpers.rb

@@ -8,7 +8,6 @@ module Devise
       def self.included(base)
         base.class_eval do
           extend ScopedViews
-          unloadable
 
           helper_method :resource, :scope_name, :resource_name, :resource_class, :devise_mapping, :devise_controller?
           hide_action   :resource, :scope_name, :resource_name, :resource_class, :devise_mapping, :devise_controller?
@@ -72,7 +71,7 @@ module Devise
 
       # Build a devise resource.
       def build_resource
-        self.resource ||= resource_class.new(params[resource_name] || {})
+        self.resource = resource_class.new(params[resource_name] || {})
       end
 
       # Helper for use in before_filters where no authentication is required.

test/integration/http_authenticatable_test.rb

@@ -38,7 +38,7 @@ class HttpAuthenticationTest < ActionController::IntegrationTest
 
     def sign_in_as_new_user_with_http(username="user@test.com", password="123456")
       user = create_user
-      get users_path, {}, :authorization => "Basic #{ActiveSupport::Base64.encode64("#{username}:#{password}")}"
+      get users_path, {}, "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("#{username}:#{password}")}"
       user
     end
 end

test/integration/recoverable_test.rb

@@ -134,7 +134,7 @@ class PasswordTest < ActionController::IntegrationTest
     request_forgot_password
     reset_password :reset_password_token => user.reload.reset_password_token
 
-    assert_redirected_to new_user_session_path(:unconfirmed => true)
+    assert_current_path new_user_session_path(:unconfirmed => true)
     assert !warden.authenticated?(:user)
   end
 

test/integration/registerable_test.rb

@@ -28,15 +28,9 @@ class RegistrationTest < ActionController::IntegrationTest
     fill_in 'password confirmation', :with => 'new_user123'
     click_button 'Sign up'
 
-    assert_equal true, @controller.send(:flash)[:"user_signed_up"]
-    assert_equal "You have signed up successfully.", @controller.send(:flash)[:notice]
-
-    # For some reason flash is not being set correctly, so instead of getting the
-    # "signed_up" message we get the unconfirmed one. Seems to be an issue with
-    # the internal redirect by the hook and the tests.
-    # follow_redirect!
-    # assert_contain 'You have signed up successfully.'
-    # assert_not_contain 'confirm your account'
+    assert_contain 'You have signed up successfully.'
+    assert_contain 'Sign in'
+    assert_not_contain 'Confirm your account'
 
     assert_not warden.authenticated?(:user)
 
@@ -79,14 +73,13 @@ class RegistrationTest < ActionController::IntegrationTest
 
   test 'a guest should not be able to change account' do
     get edit_user_registration_path
-    follow_redirect!
-    assert_template 'sessions/new'
+    assert_redirected_to new_user_session_path(:unauthenticated => true)
   end
 
   test 'a signed in user should not be able to access sign up' do
     sign_in_as_user
     get new_user_registration_path
-    assert_template 'home/index'
+    assert_redirected_to root_path
   end
 
   test 'a signed in user should be able to edit his account' do
@@ -103,6 +96,22 @@ class RegistrationTest < ActionController::IntegrationTest
     assert_equal "user.new@email.com", User.first.email
   end
 
+  test 'a signed in user should not change his current user with invalid password' do
+    sign_in_as_user
+    get edit_user_registration_path
+
+    fill_in 'email', :with => 'user.new@email.com'
+    fill_in 'current password', :with => 'invalid'
+    click_button 'Update'
+
+    assert_template 'registrations/edit'
+    assert_contain 'user@test.com'
+    assert_have_selector 'form input[value="user.new@email.com"]'
+
+    assert_equal "user@test.com", User.first.email
+  end
+
+
   test 'a signed in user should be able to edit his password' do
     sign_in_as_user
     get edit_user_registration_path
@@ -122,7 +131,7 @@ class RegistrationTest < ActionController::IntegrationTest
     sign_in_as_user
     get edit_user_registration_path
 
-    click_link "Cancel my account"
+    click_link "Cancel my account", :method => :delete
     assert_contain "Bye! Your account was successfully cancelled. We hope to see you again soon."
 
     assert User.all.empty?

test/integration/rememberable_test.rb

@@ -31,16 +31,17 @@ class RememberMeTest < ActionController::IntegrationTest
   test 'do not remember with invalid token' do
     user = create_user_and_remember('add')
     get users_path
-    assert_response :success
     assert_not warden.authenticated?(:user)
+    assert_redirected_to new_user_session_path(:unauthenticated => true)
   end
 
   test 'do not remember with token expired' do
     user = create_user_and_remember
-    Devise.remember_for = 0
-    get users_path
-    assert_response :success
-    assert_not warden.authenticated?(:user)
+    swap Devise, :remember_for => 0 do
+      get users_path
+      assert_not warden.authenticated?(:user)
+      assert_redirected_to new_user_session_path(:unauthenticated => true)
+    end
   end
 
   test 'forget the user before sign out' do

test/mailers/confirmation_instructions_test.rb

@@ -59,14 +59,14 @@ class ConfirmationInstructionsTest < ActionMailer::TestCase
 
   test 'renders a scoped if scoped_views is set to true' do
     swap Devise, :scoped_views => true do
-      assert_equal user.email, mail.body
+      assert_equal user.email, mail.body.decoded
     end
   end
 
   test 'renders a scoped if scoped_views is set in the mailer class' do
     begin
       DeviseMailer.scoped_views = true
-      assert_equal user.email, mail.body
+      assert_equal user.email, mail.body.decoded
     ensure
       DeviseMailer.send :remove_instance_variable, :@scoped_views
     end

test/models/rememberable_test.rb

@@ -1,11 +1,6 @@
 require 'test/test_helper'
 
 class RememberableTest < ActiveSupport::TestCase
-
-  def setup
-    Devise.remember_for = 1
-  end
-
   test 'should respond to remember_me attribute' do
     user = new_user
     assert user.respond_to?(:remember_me)
@@ -54,11 +49,13 @@ class RememberableTest < ActiveSupport::TestCase
   end
 
   test 'valid remember token should also verify if remember is not expired' do
-    user = create_user
-    user.remember_me!
-    user.remember_created_at = 3.days.ago
-    user.save
-    assert_not user.valid_remember_token?(user.remember_token)
+    swap Devise, :remember_for => 1.day do
+      user = create_user
+      user.remember_me!
+      user.remember_created_at = 3.days.ago
+      user.save
+      assert_not user.valid_remember_token?(user.remember_token)
+    end
   end
 
   test 'serialize into cookie' do

test/rails_app/app/views/layouts/application.html.erb

@@ -11,7 +11,7 @@
       <%- end -%>
 
       <% if user_signed_in? -%>
-        <p>Hello User! You are signed in!</p>
+        <p>Hello User <%= current_user.email %>! You are signed in!</p>
       <% end -%>
 
       <%= yield %>