Carlos Antonio da Silva
ae4448403c
Change flash message to alert instead of error
...
Devise uses the defaults :notice and :alert everywhere, this one seems to
have been missed since it was introduced in
ff75341c75
.
2013-05-29 21:34:28 -03:00
Jesse B. Hannah
545a5cec3b
Fix redundant assignment of self.resource in Devise::RegistrationsController
...
Devise::RegistrationsController#create set self.resource to the return value of build_resource--which is nil, because build_resource sets self.resource to an actual resource object. This caused attempting to save the resource (two lines down) to fail with "undefined method `save' on nil:NilClass."
2013-05-09 18:33:30 -06:00
Carlos Antonio da Silva
eb0ad1c21a
Merge branch 'master' into rails4
2013-05-07 13:01:34 -03:00
José Valim
ef2a2280a3
Update examples to be compatible with Rails 4
2013-05-07 08:18:12 -06:00
Sebastian Wramba
43f7cf0f12
No redirect when Devise API is accessed via JSON
2013-05-07 10:18:23 +02:00
Tan Jun Rong
804fbdf6d5
Fix spelling error, 'reseting' to 'resetting'
2013-04-22 22:25:40 +08:00
Tan Jun Rong
e4987e8bb7
Fix resource_name to resource
2013-04-22 21:40:52 +08:00
Tan Jun Rong
9d5a9c8a61
Add ability to override the redirect path after user has reset their password
2013-04-22 20:22:53 +08:00
Lucas Mazza
93013c2e89
Merge pull request #2366 from hauleth/extract-lookup-for-i18n
...
Extract get_message
2013-04-14 08:21:19 -07:00
José Valim
8a93c34080
Clean up Devise parameter sanitizer
2013-04-13 23:21:46 -07:00
Carlos Antonio da Silva
36557ef641
✂️ [ci skip]
2013-04-13 10:53:49 -03:00
Drew Ulmer
d20fdf87b6
Introduce BaseSanitizer null sanitizer and controller-specific callbacks
...
This updates Devise's StrongParameter support to feature:
- A Null base sanitizer to support existing Rails 3.x installations that
don't want to use StrongParameters yet
- A new, simpler API for ParameterSanitizer: #permit, #permit!, and #forbid
- Overrideable callbacks on a controller-basis, e.g. #create_sessions_params
for passing the current scope's parameters through StrongParameters and
a helper method, whitelisted_params, for rolling your own implementations
of #create_x_params in your own controllers.
- Lots of tests!
2013-04-10 10:33:50 -05:00
Łukasz Niemier
95f56258d7
Rename get_message
to find_message
and fix set_flash_message
2013-04-07 08:52:11 +02:00
Łukasz Niemier
8e9ad4626e
Extract get_message
2013-04-06 18:46:21 +02:00
Drew Ulmer
77203e3d97
Change parameter sanitizer instance method to scope to devise
...
This way it's very explicit that this method is for devise and it won't
run into any naming collisions with user code.
2013-04-01 09:46:46 -05:00
Drew Ulmer
78f137368c
Add support for Rails 4 strong_parameters
...
This brings support for Rails 4 StrongParameters changes.
- Parameter sanitizing is setup for Devise controllers via
resource_params except Omniauth Callbacks which doesn't use
resource_params.
- Change #build_resource to not call resource_params for get requests.
Parameter sanitizing is only needed when params are posted to the
server so there's no need to try to construct resource params on get
requests (new, edit).
2013-03-31 21:31:48 -05:00
Puneet Goyal
ddea9359a6
Removing an extra full stop
2013-03-15 15:19:52 +05:30
Carlos Antonio da Silva
af37800c1d
Change match routes to get / post
...
match without a verb is deprecated in Rails master.
2013-01-28 20:23:13 -02:00
Jay Shepherd
cc017b1f0d
Allow parent_mailer to be customizable via Devise.parent_mailer, useful for engines
2013-01-18 02:26:41 -06:00
José Valim
0c4615e337
Properly check if reconfirmable is available
2013-01-13 09:53:26 +01:00
Steve Robinson
70e38fe66d
Changed link_to to button_to for delete user
...
It is advisable to use link_to for mostly GET operations. Actions like DESTROY when presented as a link can cause severe vulnerabilities.
Hence using a button is advisable.
2013-01-12 01:53:09 +05:30
José Valim
8fa3951bea
Update app/controllers/devise/sessions_controller.rb
2013-01-06 11:07:51 +01:00
Alan Larkin
f2de7bf84c
Fixed bug in SessionsController#destroy which caused all XHR requests, regardless of `Accept' header, to be treated as 'text/html'.
2013-01-06 03:50:26 +00:00
José Valim
19b5bcbe0f
Accept mail options in Devise::Mailer and deprecate headers_for
2013-01-04 18:52:49 +01:00
Graham Wagener
5745d97232
Improved grammar of reset password e-mail.
2012-12-14 15:08:55 +13:00
José Valim
86f0bff332
Apparently Rails 3.1 does not like @headers as ivar
2012-12-13 09:59:36 +01:00
José Valim
30ab6f923d
Release 2.2.0.rc
2012-12-13 09:20:46 +01:00
José Valim
839e8fc8ac
Show if there is an e-mail waiting for confirmation, closes #2060
2012-12-13 09:13:33 +01:00
José Valim
4c83743263
unconfirmed_email now uses the proper e-mail on salutation, related to #2060
2012-12-13 09:02:59 +01:00
Marcin Balinski
ac58c28617
Unlock user when re-setting password and unlock strategy is :email or :both
2012-11-07 10:45:46 +01:00
Vasiliy Ermolovich
5d86327e4d
move is_navigational_format? and request_format methods to helpers
2012-11-05 09:54:22 +03:00
José Valim
18c377e0d7
Merge pull request #2112 from latortuga/patch-1
...
Make #set_flash_message respect i18n-set resource_name
2012-10-26 02:05:42 -07:00
Drew Ulmer
b853871667
Make #set_flash_message respect i18n-set resource_name
...
Using #devise_i18n_options allows overriding any i18n keys but the
resulting call to I18n.t does not respect an override of resource_name.
2012-10-24 11:50:26 -05:00
Philip Poots
692175b897
Moves sign_up from helpers to controller
2012-10-23 20:29:41 +01:00
Philip Poots
68dc20cba2
Separates sign_up and sign_in on Registration
...
See #2104
Completed with the help of @rubynortheast
2012-10-23 20:05:45 +01:00
Adam McNamara
564e588f5e
Assigns object to self.resource, changing variable scope.
2012-10-10 10:01:35 -04:00
James Mead
e873e2aeed
Use "number of" instead of "amount of" for countable nouns.
2012-09-28 10:52:37 +01:00
Radagaisus
4962fbcb51
no need for {} they said
2012-08-22 02:15:48 +03:00
Radagaisus
be2b481385
fixed for 1.8.7 syntax
2012-08-22 02:13:38 +03:00
Radagaisus
d169ef3641
extra whitespace
2012-08-22 02:01:01 +03:00
Radagaisus
2a64972321
html5 autofocus for a better ux from the get go
2012-08-22 01:58:26 +03:00
Víctor Manuel Cruz Dueñas
73f617db7b
Checking if unconfirmed_email has changed before to set update_needs_confirmation flash message.
...
Conflicts:
test/integration/registerable_test.rb
Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
2012-07-23 16:20:51 +02:00
Andrey Koleshko
972ac3b5f0
refactor is_navigational_format?
method
2012-06-26 17:58:50 +03:00
Mathieu Lajugie
8171ad39e0
Allow to destroy a session using JSON format (or any non navigational format) when Rails flash feature is not enabled (i.e.: when using rails-api).
2012-06-23 10:49:33 -07:00
Sai
6eeb9e4b7d
Update patch-1
2012-06-22 14:03:56 -03:00
Sai
80b2240ef0
Camelize correctly - e.g. omniauth-paypal sets this via OmniAuth.config.add_camelization
2012-06-22 10:55:23 -03:00
José Valim
b1633f2454
Delegate omniauth_authorize_path to the router, closes #1843
2012-06-16 13:43:11 +02:00
José Valim
41a91188f5
Do not trigger timeout on sign in related actions
2012-06-16 13:24:07 +02:00
Vasiliy Ermolovich
13f35d80a9
use data-confirm option as :confirm was deprecated in rails 3.2.6
2012-06-14 22:27:40 +03:00
Gregory Bataille
ff75341c75
Redirect to sign in page when trying to access password#edit without a
...
reset_password_token (i.e. not coming from a reset password email)
2012-06-08 10:08:35 +02:00