Skip to content

Commit

Permalink
Be sure to halt on failures, closes heartcombo#856
Browse files Browse the repository at this point in the history
  • Loading branch information
@josevalim
josevalim committed Feb 24, 2011
1 parent 43a3431 commit 392e664
Show file tree
Hide file tree
Showing 5 changed files with 5 additions and 3 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.rdoc
View file
Expand Up @@ -16,6 +16,7 @@
* Custom failure apps no longer ignored in test mode (by github.com/jaghion)
* Do not depend on ActiveModel::Dirty
* Manual sign_in now triggers remember token
* Be sure to halt strategies on failures

* deprecations
* Deprecated anybody_signed_in? in favor of signed_in? (by github.com/gavinhughes)
Expand Down
1 change: 1 addition & 0 deletions lib/devise/strategies/authenticatable.rb
View file
Expand Up @@ -21,6 +21,7 @@ def validate(resource, &block)
case result
when String, Symbol
fail!(result)
false
when TrueClass
decorate(resource)
true
Expand Down
2 changes: 1 addition & 1 deletion lib/devise/strategies/database_authenticatable.rb
View file
Expand Up @@ -10,7 +10,7 @@ def authenticate!
if validate(resource){ resource.valid_password?(password) }
resource.after_database_authentication
success!(resource)
else
elsif !halted?
fail(:invalid)
end
end
Expand Down
2 changes: 1 addition & 1 deletion lib/devise/strategies/rememberable.rb
View file
Expand Up @@ -20,7 +20,7 @@ def authenticate!

if validate(resource)
success!(resource)
else
elsif !halted?
cookies.delete(remember_key)
pass
end
Expand Down
2 changes: 1 addition & 1 deletion lib/devise/strategies/token_authenticatable.rb
View file
Expand Up @@ -20,7 +20,7 @@ def authenticate!
if validate(resource)
resource.after_token_authentication
success!(resource)
else
elsif !halted?
fail(:invalid_token)
end
end
Expand Down

0 comments on commit 392e664

Please sign in to comment.