Devise does not intercept 401 returned from applications anymore
This commit is contained in:
parent
2366530d55
commit
c7efb68a77
|
@ -22,6 +22,7 @@
|
|||
* default behavior changes
|
||||
* sign_out_all_scopes defaults to true as security measure
|
||||
* http authenticatable is disabled by default
|
||||
* Devise does not intercept 401 returned from applications
|
||||
|
||||
* bugfix
|
||||
* after_sign_in_path_for always receives a resource
|
||||
|
|
|
@ -126,12 +126,12 @@ GEM
|
|||
ruby-openid (2.1.8)
|
||||
ruby-openid-apps-discovery (1.2.0)
|
||||
ruby-openid (>= 2.1.7)
|
||||
sqlite3-ruby (1.3.1)
|
||||
sqlite3-ruby (1.3.2)
|
||||
thor (0.14.4)
|
||||
treetop (1.4.8)
|
||||
polyglot (>= 0.3.1)
|
||||
tzinfo (0.3.23)
|
||||
warden (1.0.1)
|
||||
warden (1.0.2)
|
||||
rack (>= 1.0.0)
|
||||
weakling (0.0.4-java)
|
||||
webrat (0.7.1)
|
||||
|
|
2
Rakefile
2
Rakefile
|
@ -46,7 +46,7 @@ begin
|
|||
s.authors = ['José Valim', 'Carlos Antônio']
|
||||
s.files = root_files + FileList["{app,config,lib}/**/*"]
|
||||
s.extra_rdoc_files = root_files
|
||||
s.add_dependency("warden", "~> 1.0.0")
|
||||
s.add_dependency("warden", "~> 1.0.2")
|
||||
s.add_dependency("orm_adapter", "~> 0.0.2")
|
||||
s.add_dependency("bcrypt-ruby", "~> 2.1.2")
|
||||
end
|
||||
|
|
|
@ -335,6 +335,7 @@ module Devise
|
|||
@@warden_configured ||= begin
|
||||
warden_config.failure_app = Devise::FailureApp
|
||||
warden_config.default_scope = Devise.default_scope
|
||||
warden_config.intercept_401 = false
|
||||
|
||||
Devise.mappings.each_value do |mapping|
|
||||
warden_config.scope_defaults mapping.name, :strategies => mapping.strategies
|
||||
|
|
|
@ -161,7 +161,8 @@ Devise.setup do |config|
|
|||
# change the failure app, you can configure them inside the config.warden block.
|
||||
#
|
||||
# config.warden do |manager|
|
||||
# manager.failure_app = AnotherApp
|
||||
# manager.failure_app = AnotherApp
|
||||
# manager.intercept_401 = false
|
||||
# manager.default_strategies(:scope => :user).unshift :some_external_strategy
|
||||
# end
|
||||
end
|
||||
|
|
|
@ -301,6 +301,11 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
|
|||
assert_equal 404, response.status
|
||||
end
|
||||
|
||||
test 'does not intercept Rails 401 responses' do
|
||||
get '/unauthenticated'
|
||||
assert_equal 401, response.status
|
||||
end
|
||||
|
||||
test 'render 404 on roles without mapping' do
|
||||
assert_raise AbstractController::ActionNotFound do
|
||||
get '/sign_in'
|
||||
|
|
|
@ -9,4 +9,8 @@ class HomeController < ApplicationController
|
|||
session["devise.foo_bar"] = "something"
|
||||
head :ok
|
||||
end
|
||||
|
||||
def unauthenticated
|
||||
render :text => "unauthenticated", :status => :unauthorized
|
||||
end
|
||||
end
|
||||
|
|
|
@ -50,5 +50,6 @@ Rails.application.routes.draw do
|
|||
end
|
||||
|
||||
match "/set", :to => "home#set"
|
||||
match "/unauthenticated", :to => "home#unauthenticated"
|
||||
root :to => "home#index"
|
||||
end
|
Loading…
Reference in New Issue