Pat Allan
|
f39c6fd927
|
Add the frozen_string_literal pragma comment to all Ruby files. (#4725)
|
2017-12-21 15:36:29 -02:00 |
Lucas Mazza
|
9499736593
|
Remove safeguard against a previously broken `NullSessionHash#reset_session`.
This behavior was fixed on https://github.com/rails/rails/pull/12279.
|
2015-12-18 14:47:32 -02:00 |
José Valim
|
32648027e2
|
Add Devise::KeyGenerator
|
2013-08-05 11:47:36 +02:00 |
José Valim
|
f5a77ac598
|
Skip storage for cookies on unverified requests
|
2013-08-05 10:24:11 +02:00 |
Philipe Fatio
|
c22d755cf4
|
Make use of warden's scoped serialization
|
2013-02-25 07:38:42 +01:00 |
Rodrigo Rosenfeld Rosas
|
411b565cca
|
Better handling of previously enabled Devise model deserialization
|
2012-05-02 13:03:34 -03:00 |
José Valim
|
7c11564613
|
Remove Rails 3.0 only code.
|
2012-01-02 20:43:39 +01:00 |
José Valim
|
7396c6911d
|
Quack, quack, quack. Use duck typing instead of hardcoding everything, closes #1281.
|
2011-08-29 14:40:49 +02:00 |
José Valim
|
fa6c8ab321
|
Use inflector to avoid conflicts.
|
2011-04-16 13:30:15 +02:00 |
Jared Beck
|
cb2cb2cff7
|
more helpful message re: secret_token
|
2011-04-10 04:47:55 +08:00 |
José Valim
|
ec5bfe9119
|
Ensure to convert keys on indifferent hash.
|
2010-11-27 19:45:25 +01:00 |
José Valim
|
4977bd1222
|
Fix indifferent access on session issue.
|
2010-11-25 00:06:39 +01:00 |
José Valim
|
71450998c5
|
Avoid session fixation attacks.
|
2010-11-20 23:18:41 +01:00 |
José Valim
|
b2496d1bc1
|
Smallish updates.
|
2010-11-11 13:53:52 +01:00 |
José Valim
|
4210499f7f
|
Improve error messages, closes #574
|
2010-11-05 10:08:38 -02:00 |
Jared Morgan
|
0aa21dca4c
|
Use to_adapter.get in Warden::SessionSerializer#deserialize
|
2010-10-17 04:22:22 +08:00 |
Jared Morgan
|
31170b9100
|
Use to_adapter in two more methods
Authenticatable.generate_token and Warden::SessionSerializer#deserialize
|
2010-10-17 04:22:22 +08:00 |
José Valim
|
e4c5158851
|
Sign out by default will destroy the existing session.
|
2010-10-10 17:51:32 +02:00 |
Sean Cribbs
|
9f032350e3
|
Use ActiveModel's to_key instead of id.
Signed-off-by: José Valim <jose.valim@gmail.com>
|
2010-10-10 17:51:32 +02:00 |
José Valim
|
617e142e34
|
Store the salt in session and expire the session if the user changes his password
|
2010-09-25 17:24:56 +02:00 |
José Valim
|
817a7802e1
|
Remove deprecated stuff, tag 1.2.0 as version.
|
2010-07-26 20:39:40 +02:00 |
José Valim
|
abfd7e5a4b
|
Warn in case you are using the previous session schema, closes #386
|
2010-07-19 00:11:51 +02:00 |
José Valim
|
05d23f1a00
|
Do not check the constant, otherwise class renaming will trigger errors as well.
|
2010-07-12 10:42:02 +02:00 |
José Valim
|
e567c00dd8
|
Store classes as string in session, to avoid serialization and stale data issues, closes #356
|
2010-07-12 07:48:19 +02:00 |
José Valim
|
015c74e734
|
Use message verifier in cookies. Previous implementation allowed brute force attacks by cookies. Even though it is impossible for the brute force attack to succeed, the current implementation blocks the attacker even before hitting the database.
|
2010-03-31 13:31:45 +02:00 |
José Valim
|
b3e11c5aca
|
Got another bunch of tests passing on Rails 3. 369 tests, 731 assertions, 33 failures, 53 errors.
|
2010-02-16 14:57:10 +01:00 |
José Valim
|
2afad49a96
|
Bring rememberable back.
|
2010-01-14 15:47:14 +01:00 |
José Valim
|
f46d1b1d81
|
Add support to Warden 0.9.0.pre
|
2010-01-14 13:38:02 +01:00 |
José Valim
|
dbe0b48bca
|
Do not store mappings since they can change by scope in serializers.
|
2009-11-15 02:13:54 -02:00 |
José Valim
|
4894059828
|
Remember token is now properly stored and specified one for each user.
|
2009-11-13 17:23:32 -02:00 |
José Valim
|
371a9bb0d0
|
Major refactoring. Allow Warden::Manager to be configured through Devise, undeprecate Devise.confirm_within, Devise.pepper and friends and move Rails hooks to their own file.
|
2009-11-03 09:35:11 -02:00 |