1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00
Commit graph

286 commits

Author SHA1 Message Date
Carlos Antonio da Silva
ae4448403c Change flash message to alert instead of error
Devise uses the defaults :notice and :alert everywhere, this one seems to
have been missed since it was introduced in
ff75341c75.
2013-05-29 21:34:28 -03:00
Jesse B. Hannah
545a5cec3b Fix redundant assignment of self.resource in Devise::RegistrationsController
Devise::RegistrationsController#create set self.resource to the return value of build_resource--which is nil, because build_resource sets self.resource to an actual resource object. This caused attempting to save the resource (two lines down) to fail with "undefined method `save' on nil:NilClass."
2013-05-09 18:33:30 -06:00
Carlos Antonio da Silva
eb0ad1c21a Merge branch 'master' into rails4 2013-05-07 13:01:34 -03:00
José Valim
ef2a2280a3 Update examples to be compatible with Rails 4 2013-05-07 08:18:12 -06:00
Sebastian Wramba
43f7cf0f12 No redirect when Devise API is accessed via JSON 2013-05-07 10:18:23 +02:00
Tan Jun Rong
804fbdf6d5 Fix spelling error, 'reseting' to 'resetting' 2013-04-22 22:25:40 +08:00
Tan Jun Rong
e4987e8bb7 Fix resource_name to resource 2013-04-22 21:40:52 +08:00
Tan Jun Rong
9d5a9c8a61 Add ability to override the redirect path after user has reset their password 2013-04-22 20:22:53 +08:00
Lucas Mazza
93013c2e89 Merge pull request from hauleth/extract-lookup-for-i18n
Extract get_message
2013-04-14 08:21:19 -07:00
José Valim
8a93c34080 Clean up Devise parameter sanitizer 2013-04-13 23:21:46 -07:00
Carlos Antonio da Silva
36557ef641 ✂️ [ci skip] 2013-04-13 10:53:49 -03:00
Drew Ulmer
d20fdf87b6 Introduce BaseSanitizer null sanitizer and controller-specific callbacks
This updates Devise's StrongParameter support to feature:

- A Null base sanitizer to support existing Rails 3.x installations that
  don't want to use StrongParameters yet
- A new, simpler API for ParameterSanitizer: #permit, #permit!, and #forbid
- Overrideable callbacks on a controller-basis, e.g. #create_sessions_params
  for passing the current scope's parameters through StrongParameters and
  a helper method, whitelisted_params, for rolling your own implementations
  of #create_x_params in your own controllers.
- Lots of tests!
2013-04-10 10:33:50 -05:00
Łukasz Niemier
95f56258d7 Rename get_message to find_message and fix set_flash_message 2013-04-07 08:52:11 +02:00
Łukasz Niemier
8e9ad4626e Extract get_message 2013-04-06 18:46:21 +02:00
Drew Ulmer
77203e3d97 Change parameter sanitizer instance method to scope to devise
This way it's very explicit that this method is for devise and it won't
run into any naming collisions with user code.
2013-04-01 09:46:46 -05:00
Drew Ulmer
78f137368c Add support for Rails 4 strong_parameters
This brings support for Rails 4 StrongParameters changes.

- Parameter sanitizing is setup for Devise controllers via
  resource_params except Omniauth Callbacks which doesn't use
  resource_params.

- Change #build_resource to not call resource_params for get requests.
  Parameter sanitizing is only needed when params are posted to the
  server so there's no need to try to construct resource params on get
  requests (new, edit).
2013-03-31 21:31:48 -05:00
Puneet Goyal
ddea9359a6 Removing an extra full stop 2013-03-15 15:19:52 +05:30
Carlos Antonio da Silva
af37800c1d Change match routes to get / post
match without a verb is deprecated in Rails master.
2013-01-28 20:23:13 -02:00
Jay Shepherd
cc017b1f0d Allow parent_mailer to be customizable via Devise.parent_mailer, useful for engines 2013-01-18 02:26:41 -06:00
José Valim
0c4615e337 Properly check if reconfirmable is available 2013-01-13 09:53:26 +01:00
Steve Robinson
70e38fe66d Changed link_to to button_to for delete user
It is advisable to use link_to for mostly GET operations. Actions like DESTROY when presented as a link can cause severe vulnerabilities.
Hence using a button is advisable.
2013-01-12 01:53:09 +05:30
José Valim
8fa3951bea Update app/controllers/devise/sessions_controller.rb 2013-01-06 11:07:51 +01:00
Alan Larkin
f2de7bf84c Fixed bug in SessionsController#destroy which caused all XHR requests, regardless of `Accept' header, to be treated as 'text/html'. 2013-01-06 03:50:26 +00:00
José Valim
19b5bcbe0f Accept mail options in Devise::Mailer and deprecate headers_for 2013-01-04 18:52:49 +01:00
Graham Wagener
5745d97232 Improved grammar of reset password e-mail. 2012-12-14 15:08:55 +13:00
José Valim
86f0bff332 Apparently Rails 3.1 does not like @headers as ivar 2012-12-13 09:59:36 +01:00
José Valim
30ab6f923d Release 2.2.0.rc 2012-12-13 09:20:46 +01:00
José Valim
839e8fc8ac Show if there is an e-mail waiting for confirmation, closes 2012-12-13 09:13:33 +01:00
José Valim
4c83743263 unconfirmed_email now uses the proper e-mail on salutation, related to 2012-12-13 09:02:59 +01:00
Marcin Balinski
ac58c28617 Unlock user when re-setting password and unlock strategy is :email or :both 2012-11-07 10:45:46 +01:00
Vasiliy Ermolovich
5d86327e4d move is_navigational_format? and request_format methods to helpers 2012-11-05 09:54:22 +03:00
José Valim
18c377e0d7 Merge pull request from latortuga/patch-1
Make #set_flash_message respect i18n-set resource_name
2012-10-26 02:05:42 -07:00
Drew Ulmer
b853871667 Make #set_flash_message respect i18n-set resource_name
Using #devise_i18n_options allows overriding any i18n keys but the
resulting call to I18n.t does not respect an override of resource_name.
2012-10-24 11:50:26 -05:00
Philip Poots
692175b897 Moves sign_up from helpers to controller 2012-10-23 20:29:41 +01:00
Philip Poots
68dc20cba2 Separates sign_up and sign_in on Registration
See 

Completed with the help of @rubynortheast
2012-10-23 20:05:45 +01:00
Adam McNamara
564e588f5e Assigns object to self.resource, changing variable scope. 2012-10-10 10:01:35 -04:00
James Mead
e873e2aeed Use "number of" instead of "amount of" for countable nouns. 2012-09-28 10:52:37 +01:00
Radagaisus
4962fbcb51 no need for {} they said 2012-08-22 02:15:48 +03:00
Radagaisus
be2b481385 fixed for 1.8.7 syntax 2012-08-22 02:13:38 +03:00
Radagaisus
d169ef3641 extra whitespace 2012-08-22 02:01:01 +03:00
Radagaisus
2a64972321 html5 autofocus for a better ux from the get go 2012-08-22 01:58:26 +03:00
Víctor Manuel Cruz Dueñas
73f617db7b Checking if unconfirmed_email has changed before to set update_needs_confirmation flash message.
Conflicts:

	test/integration/registerable_test.rb

Signed-off-by: José Valim <jose.valim@plataformatec.com.br>
2012-07-23 16:20:51 +02:00
Andrey Koleshko
972ac3b5f0 refactor is_navigational_format? method 2012-06-26 17:58:50 +03:00
Mathieu Lajugie
8171ad39e0 Allow to destroy a session using JSON format (or any non navigational format) when Rails flash feature is not enabled (i.e.: when using rails-api). 2012-06-23 10:49:33 -07:00
Sai
6eeb9e4b7d Update patch-1 2012-06-22 14:03:56 -03:00
Sai
80b2240ef0 Camelize correctly - e.g. omniauth-paypal sets this via OmniAuth.config.add_camelization 2012-06-22 10:55:23 -03:00
José Valim
b1633f2454 Delegate omniauth_authorize_path to the router, closes 2012-06-16 13:43:11 +02:00
José Valim
41a91188f5 Do not trigger timeout on sign in related actions 2012-06-16 13:24:07 +02:00
Vasiliy Ermolovich
13f35d80a9 use data-confirm option as :confirm was deprecated in rails 3.2.6 2012-06-14 22:27:40 +03:00
Gregory Bataille
ff75341c75 Redirect to sign in page when trying to access password#edit without a
reset_password_token (i.e. not coming from a reset password email)
2012-06-08 10:08:35 +02:00