Merge branch 'master' of git@github.com:plataformatec/devise
This commit is contained in:
commit
4ddd162e62
|
@ -49,7 +49,7 @@ module Devise
|
|||
# Verifies whether an incoming_password (ie from login) is the user
|
||||
# password.
|
||||
def valid_password?(incoming_password)
|
||||
password_digest(incoming_password) == encrypted_password
|
||||
!incoming_password.blank? && password_digest(incoming_password) == encrypted_password
|
||||
end
|
||||
|
||||
protected
|
||||
|
@ -104,17 +104,28 @@ module Devise
|
|||
end
|
||||
|
||||
# Contains the logic used in authentication. Overwritten by other devise modules.
|
||||
#
|
||||
def valid_for_authentication(resource, attributes)
|
||||
resource if resource.valid_password?(attributes[:password])
|
||||
end
|
||||
|
||||
# Attempt to find a user by it's email. If not user is found, returns a
|
||||
# new user with an email not found error.
|
||||
def find_or_initialize_with_error_by_email(email)
|
||||
attributes = { :email => email }
|
||||
record = find(:first, :conditions => attributes) || new(attributes)
|
||||
record.errors.add(:email, :not_found, :default => 'not found') if record.new_record?
|
||||
# Find an initialize a record setting an error if it can't be found
|
||||
def find_or_initialize_with_error_by(attribute, value, error=:invalid)
|
||||
if value
|
||||
conditions = { attribute => value }
|
||||
record = find(:first, :conditions => conditions)
|
||||
end
|
||||
|
||||
unless record
|
||||
record = new
|
||||
|
||||
if value
|
||||
record.send(:"#{attribute}=", value)
|
||||
record.errors.add(attribute, error, :default => error.to_s.gsub("_", " "))
|
||||
else
|
||||
record.errors.add(attribute, :blank)
|
||||
end
|
||||
end
|
||||
|
||||
record
|
||||
end
|
||||
|
||||
|
|
|
@ -128,7 +128,7 @@ module Devise
|
|||
# with an email not found error.
|
||||
# Options must contain the user email
|
||||
def send_confirmation_instructions(attributes={})
|
||||
confirmable = find_or_initialize_with_error_by_email(attributes[:email])
|
||||
confirmable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)
|
||||
confirmable.reset_confirmation! unless confirmable.new_record?
|
||||
confirmable
|
||||
end
|
||||
|
@ -138,12 +138,8 @@ module Devise
|
|||
# If the user is already confirmed, create an error for the user
|
||||
# Options must have the confirmation_token
|
||||
def confirm!(attributes={})
|
||||
confirmable = find_or_initialize_by_confirmation_token(attributes[:confirmation_token])
|
||||
if confirmable.new_record?
|
||||
confirmable.errors.add(:confirmation_token, :invalid)
|
||||
else
|
||||
confirmable.confirm!
|
||||
end
|
||||
confirmable = find_or_initialize_with_error_by(:confirmation_token, attributes[:confirmation_token])
|
||||
confirmable.confirm! unless confirmable.new_record?
|
||||
confirmable
|
||||
end
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ module Devise
|
|||
# with an email not found error.
|
||||
# Attributes must contain the user email
|
||||
def send_reset_password_instructions(attributes={})
|
||||
recoverable = find_or_initialize_with_error_by_email(attributes[:email])
|
||||
recoverable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)
|
||||
recoverable.send_reset_password_instructions unless recoverable.new_record?
|
||||
recoverable
|
||||
end
|
||||
|
@ -75,12 +75,8 @@ module Devise
|
|||
# containing an error in reset_password_token attribute.
|
||||
# Attributes must contain reset_password_token, password and confirmation
|
||||
def reset_password!(attributes={})
|
||||
recoverable = find_or_initialize_by_reset_password_token(attributes[:reset_password_token])
|
||||
if recoverable.new_record?
|
||||
recoverable.errors.add(:reset_password_token, :invalid)
|
||||
else
|
||||
recoverable.reset_password!(attributes[:password], attributes[:password_confirmation])
|
||||
end
|
||||
recoverable = find_or_initialize_with_error_by(:reset_password_token, attributes[:reset_password_token])
|
||||
recoverable.reset_password!(attributes[:password], attributes[:password_confirmation]) unless recoverable.new_record?
|
||||
recoverable
|
||||
end
|
||||
end
|
||||
|
|
|
@ -82,7 +82,7 @@ module Devise
|
|||
# Recreate the user based on the stored cookie
|
||||
def serialize_from_cookie(cookie)
|
||||
rememberable_id, remember_token = cookie.split('::')
|
||||
rememberable = find_by_id(rememberable_id) if rememberable_id
|
||||
rememberable = find(:first, :conditions => { :id => rememberable_id }) if rememberable_id
|
||||
rememberable if rememberable.try(:valid_remember_token?, remember_token)
|
||||
end
|
||||
|
||||
|
|
|
@ -39,6 +39,15 @@ module Devise
|
|||
end
|
||||
end
|
||||
|
||||
# In Datamapper, we need to call save! if we don't want to execute callbacks.
|
||||
def save(flag=nil)
|
||||
if flag == false
|
||||
save!
|
||||
else
|
||||
super()
|
||||
end
|
||||
end
|
||||
|
||||
# Tell how to apply schema methods. This automatically maps :limit to
|
||||
# :length and :null to :nullable.
|
||||
def apply_schema(name, type, options={})
|
||||
|
|
|
@ -42,7 +42,7 @@ module Devise
|
|||
end
|
||||
|
||||
# Creates sign_in_count, current_sign_in_at, last_sign_in_at,
|
||||
# current_sign_in_ip, last_sign_in_in.
|
||||
# current_sign_in_ip, last_sign_in_ip.
|
||||
def trackable
|
||||
apply_schema :sign_in_count, Integer
|
||||
apply_schema :current_sign_in_at, DateTime
|
||||
|
|
|
@ -43,7 +43,8 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|||
end
|
||||
|
||||
test 'user already confirmed user should not be able to confirm the account again' do
|
||||
user = create_user
|
||||
user = create_user(:confirm => false)
|
||||
user.update_attribute(:confirmed_at, Time.now)
|
||||
visit_user_confirmation_with_token(user.confirmation_token)
|
||||
|
||||
assert_template 'confirmations/new'
|
||||
|
|
|
@ -81,7 +81,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|||
|
||||
test 'should generate errors for a user email if user is already confirmed' do
|
||||
user = create_user
|
||||
user.confirm!
|
||||
user.update_attribute(:confirmed_at, Time.now)
|
||||
confirmed_user = User.confirm!(:confirmation_token => user.confirmation_token)
|
||||
assert confirmed_user.confirmed?
|
||||
assert confirmed_user.errors[:email]
|
||||
|
|
|
@ -109,6 +109,8 @@ class RecoverableTest < ActiveSupport::TestCase
|
|||
|
||||
test 'should find a user to reset it\'s password based on reset_password_token' do
|
||||
user = create_user
|
||||
user.send :generate_reset_password_token!
|
||||
|
||||
reset_password_user = User.reset_password!(:reset_password_token => user.reset_password_token)
|
||||
assert_not_nil reset_password_user
|
||||
assert_equal reset_password_user, user
|
||||
|
@ -129,12 +131,15 @@ class RecoverableTest < ActiveSupport::TestCase
|
|||
test 'should reset successfully user password given the new password and confirmation' do
|
||||
user = create_user
|
||||
old_password = user.password
|
||||
user.send :generate_reset_password_token!
|
||||
|
||||
reset_password_user = User.reset_password!(
|
||||
:reset_password_token => user.reset_password_token,
|
||||
:password => 'new_password',
|
||||
:password_confirmation => 'new_password'
|
||||
)
|
||||
user.reload
|
||||
|
||||
assert_not user.valid_password?(old_password)
|
||||
assert user.valid_password?('new_password')
|
||||
end
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
class User < ActiveRecord::Base
|
||||
devise :all
|
||||
attr_accessible :username, :email, :password, :password_confirmation
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue