Fix bug where activation messages were shown first than the credentials error message, closes #1410
This commit is contained in:
parent
d448e7d841
commit
a816e538ab
|
@ -7,6 +7,7 @@
|
|||
* Allow idempotent API requests
|
||||
* Fix bug where logs did not show 401 as status code
|
||||
* Change paranoid settings to behave as success instead of as failure
|
||||
* Fix bug where activation messages were shown first than the credentials error message
|
||||
|
||||
* deprecation
|
||||
* redirect_location is deprecated, please use after_sign_in_path_for
|
||||
|
|
|
@ -61,10 +61,11 @@ module Devise
|
|||
# However, you should not overwrite this method, you should overwrite active_for_authentication?
|
||||
# and inactive_message instead.
|
||||
def valid_for_authentication?
|
||||
if active_for_authentication?
|
||||
block_given? ? yield : true
|
||||
authenticated = block_given? ? yield : true
|
||||
if authenticated
|
||||
active_for_authentication? || inactive_message
|
||||
else
|
||||
inactive_message
|
||||
authenticated
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -156,7 +157,7 @@ module Devise
|
|||
conditions[k] = v.to_s if auth_param_requires_string_conversion?(v)
|
||||
end if conditions.is_a?(Hash)
|
||||
end
|
||||
|
||||
|
||||
# Determine which values should be transformed to string or passed as-is to the query builder underneath
|
||||
def auth_param_requires_string_conversion?(value)
|
||||
true unless value.is_a?(TrueClass) || value.is_a?(FalseClass) || value.is_a?(Fixnum)
|
||||
|
|
|
@ -85,12 +85,11 @@ module Devise
|
|||
when TrueClass
|
||||
self.failed_attempts = 0
|
||||
save(:validate => false)
|
||||
when FalseClass
|
||||
# PostgreSQL uses nil as the default value for integer columns set to 0
|
||||
else
|
||||
self.failed_attempts ||= 0
|
||||
self.failed_attempts += 1
|
||||
if attempts_exceeded?
|
||||
lock_access!
|
||||
lock_access! unless access_locked?
|
||||
return :locked
|
||||
else
|
||||
save(:validate => false)
|
||||
|
|
|
@ -93,6 +93,17 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|||
end
|
||||
end
|
||||
|
||||
test 'not confirmed user should not see confirmation message if invalid credentials are given' do
|
||||
swap Devise, :confirm_within => 0.days do
|
||||
sign_in_as_user(:confirm => false) do
|
||||
fill_in 'password', :with => 'invalid'
|
||||
end
|
||||
|
||||
assert_contain 'Invalid email or password'
|
||||
assert_not warden.authenticated?(:user)
|
||||
end
|
||||
end
|
||||
|
||||
test 'not confirmed user but configured with some days to confirm should be able to sign in' do
|
||||
swap Devise, :confirm_within => 1.day do
|
||||
sign_in_as_user(:confirm => false)
|
||||
|
|
Loading…
Reference in New Issue