Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 953 lines (701 sloc) 33.818 kb
beeb48c @josevalim Release v2.2.8
josevalim authored
1 == 2.2.8
2
3 Security announcement: http://blog.plataformatec.com.br/2013/11/e-mail-enumeration-in-devise-in-paranoid-mode
4
5 * bug fix
6 * Avoid e-mail enumeration on sign in when in paranoid mode
7
cd98212 @josevalim Release 2.2.7
josevalim authored
8 == 2.2.7
9
10 * bug fix
11 * Do not confirm account after reset password
12
02a2976 @josevalim Release v2.2.6
josevalim authored
13 == 2.2.6
14
15 * bug fix
16 * Skip storage for cookies on unverified requests
17
b3eace2 @josevalim Update CHANGELOG
josevalim authored
18 == 2.2.5
19
20 * bug fix
21 * Clean up CSRF token after authentication (by @homakov). Notice this change will clean up the CSRF Token after authentication (sign in, sign up, etc). So if you are using AJAX for such features, you will need to fetch a new CSRF token from the server.
22
f5e3308 @carlosantoniodasilva Release 2.2.4
carlosantoniodasilva authored
23 == 2.2.4
83ad67b @carlosantoniodasilva Fix inheriting mailer templates from Devise::Mailer
carlosantoniodasilva authored
24
395a69b @nashby allow_unconfirmed_access_for set to nil means unconfirmed access for unl...
nashby authored
25 * enhancements
fb07558 @carlosantoniodasilva Update changelog with latest fixes [ci skip]
carlosantoniodasilva authored
26 * Add `destroy_with_password` to `DatabaseAuthenticatable`. Allows destroying a record when `:current_password` matches, similarly to how `update_with_password` works. (by @michiel3)
0a588fa @nashby update CHANGELOG [ci skip]
nashby authored
27 * Allow to override path after password resetting (by @worker8)
77b960f @gregates Changelog for #2296
gregates authored
28 * Add `#skip_confirmation_notification!` method to `Confirmable`. Allows skipping confirmation email without auto-confirming. (by @gregates)
395a69b @nashby allow_unconfirmed_access_for set to nil means unconfirmed access for unl...
nashby authored
29 * allow_unconfirmed_access_for config from `:confirmable` module can be set to `nil` that means unconfirmed access for unlimited time. (by @nashby)
2dfa7e1 @josevalim Update CHANGELOG
josevalim authored
30 * Support Rails' token strategy on authentication (by @robhurring)
1f68309 @carlosantoniodasilva :scissors: changelog [ci skip]
carlosantoniodasilva authored
31 * Support explicitly setting the http authentication key via `config.http_authentication_key` (by @neo)
395a69b @nashby allow_unconfirmed_access_for set to nil means unconfirmed access for unl...
nashby authored
32
83ad67b @carlosantoniodasilva Fix inheriting mailer templates from Devise::Mailer
carlosantoniodasilva authored
33 * bug fix
fb07558 @carlosantoniodasilva Update changelog with latest fixes [ci skip]
carlosantoniodasilva authored
34 * Do not redirect when accessing devise API via JSON. (by @sebastianwr)
f822f92 @nashby use scoped path to shared views if scope is present
nashby authored
35 * Generating scoped devise views now uses the correct scoped shared links partial instead of the default devise one (by @nashby)
83ad67b @carlosantoniodasilva Fix inheriting mailer templates from Devise::Mailer
carlosantoniodasilva authored
36 * Fix inheriting mailer templates from `Devise::Mailer`
2dfa7e1 @josevalim Update CHANGELOG
josevalim authored
37 * Fix a bug when procs are used as default mailer in Devise (by @tomasv)
83ad67b @carlosantoniodasilva Fix inheriting mailer templates from Devise::Mailer
carlosantoniodasilva authored
38
d099d8f @josevalim Release v2.2.3
josevalim authored
39 == 2.2.3
40
d9364f7 @josevalim Update CHANGELOG.rdoc
josevalim authored
41 Security announcement: http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/
42
d099d8f @josevalim Release v2.2.3
josevalim authored
43 * bug fix
44 * Require string conversion for all values
45
6c2f51e @josevalim Release 2.2.2
josevalim authored
46 == 2.2.2
47
48 * bug fix
49 * Fix bug when checking for reconfirmable in templates
50
872ef2b @josevalim Release 2.2.1 with fixes for 2.2.0 regressions
josevalim authored
51 == 2.2.1
52
53 * bug fix
54 * Fix regression with case_insensitive_keys
55 * Fix regression when password is blank when it is invalid
56
b2b8b5b @josevalim Release v2.2.0
josevalim authored
57 == 2.2.0
58
59 * backwards incompatible changes
19b5bcb @josevalim Accept mail options in Devise::Mailer and deprecate headers_for
josevalim authored
60 * `headers_for` is deprecated, customize the mailer directly instead
61 * All mailer methods now expect a second argument with delivery options
30ab6f9 @josevalim Release 2.2.0.rc
josevalim authored
62 * Default minimum password length is now 8 (by @carlosgaldino)
b2b8b5b @josevalim Release v2.2.0
josevalim authored
63 * Support alternate sign in error message when email record does not exist (this adds a new I18n key to the locale file) (by @gabetax)
30ab6f9 @josevalim Release 2.2.0.rc
josevalim authored
64 * DeviseController responds only to HTML requests by default (call `DeviseController.respond_to` or `ApplicationController.respond_to` to add new formats)
65 * Support Mongoid 3 onwards (by @durran)
66
67 * enhancements
b2b8b5b @josevalim Release v2.2.0
josevalim authored
68 * Fix unlockable which could leak account existence on paranoid mode (by @latortuga)
1da8490 @josevalim Add a note about APIs in token authenticatable, closes #1959
josevalim authored
69 * Confirmable now has a confirm_within option to set a period while the confirmation token is still valid (by @promisedlandt)
30ab6f9 @josevalim Release 2.2.0.rc
josevalim authored
70 * Flash messages in controller now respects `resource_name` (by @latortuga)
d5a2a9b @josevalim Update CHANGELOG
josevalim authored
71 * Separate `sign_in` and `sign_up` on RegistrationsController (by @rubynortheast)
72 * Add autofocus to default views (by @Radagaisus)
fbf667e @josevalim Update CHANGELOG
josevalim authored
73 * Unlock user on password reset (by @marcinb)
e1fde19 @josevalim Update CHANGELOG
josevalim authored
74 * Allow validation callbacks to apply to virtual attributes (by @latortuga)
1aca139 Changelog update
Rodrigo Flores authored
75
1579ec9 @josevalim Update CHANGELOG
josevalim authored
76 * bug fix
4c83743 @josevalim unconfirmed_email now uses the proper e-mail on salutation, related to #...
josevalim authored
77 * unconfirmed_email now uses the proper e-mail on salutation
e1fde19 @josevalim Update CHANGELOG
josevalim authored
78 * Fix default email_regexp config to not allow spaces (by @kukula)
1579ec9 @josevalim Update CHANGELOG
josevalim authored
79 * Fix a regression introduced on warden 1.2.1 (by @ejfinneran)
80 * Properly camelize omniauth strategies (by @saizai)
81 * Do not set flash messages for non navigational requests on session sign out (by @mathieul)
82 * Set the proper fields as required on the lockable module (by @nickhoffman)
83 * Respects Devise mailer default's reply_to (by @mrchrisadams)
fbf667e @josevalim Update CHANGELOG
josevalim authored
84 * Properly assign resource on `sign_in` related action (by @adammcnamara)
85 * `update_with_password` doesn't change encrypted password when it is invalid (by @nashby)
86 * Properly handle namespaced models on Active Record generator (by @nashby)
1579ec9 @josevalim Update CHANGELOG
josevalim authored
87
174c290 @josevalim Release 2.1.2
josevalim authored
88 == 2.1.2
ba2e44c @josevalim Release 2.1.1
josevalim authored
89
1579ec9 @josevalim Update CHANGELOG
josevalim authored
90 * enhancements
174c290 @josevalim Release 2.1.2
josevalim authored
91 * Handle backwards incompatibility between Rails 3.2.6 and Thor 0.15.x
92
93 * bug fix
94 * Fix regression on strategy validation on previous release
95
96 == 2.1.1 (yanked)
ba2e44c @josevalim Release 2.1.1
josevalim authored
97
6dd7cce @josevalim Add more docs, remove 3.0 related code, update CHANGELOG
josevalim authored
98 * enhancements
ba2e44c @josevalim Release 2.1.1
josevalim authored
99 * `sign_out_all_scopes` now locks warden and does not allow new logins in the same action
6dd7cce @josevalim Add more docs, remove 3.0 related code, update CHANGELOG
josevalim authored
100 * `Devise.omniauth_path_prefix` is available to configure omniauth path prefix
101 * Redirect to sign in page when trying to access password#edit without a token (by @gbataille)
85c9067 @josevalim Update CHANGELOG
josevalim authored
102 * Allow a lambda in authenticate(d) routes helpers to further select the scope
103 * Removed warnings on Rails 3.2.6 (by @nashby)
6dd7cce @josevalim Add more docs, remove 3.0 related code, update CHANGELOG
josevalim authored
104
105 * bug fix
106 * `update_with_password` now relies on assign_attributes and forwards the :as option (by @wtn)
41a9118 @josevalim Do not trigger timeout on sign in related actions
josevalim authored
107 * Do not trigger timeout on sign in related actions
4bc2ff9 @josevalim Timeout does not explode when reset_authentication_token! is accidentall...
josevalim authored
108 * Timeout does not explode when reset_authentication_token! is accidentally defined by Active Model (by @remomueller)
6dd7cce @josevalim Add more docs, remove 3.0 related code, update CHANGELOG
josevalim authored
109
d4e5424 @josevalim Simplify validation logic inside strategies
josevalim authored
110 * deprecations
111 * Strategy#validate() no longer validates nil resources
112
f625953 @josevalim Update CHANGELOG.rdoc
josevalim authored
113 == 2.1.0
114
7aa93a3 @josevalim Update CHANGELOG
josevalim authored
115 * enhancements
f625953 @josevalim Update CHANGELOG.rdoc
josevalim authored
116 * Add `check_fields!(model_class)` method on Devise::Models to check if the model includes the fields that Devise uses
117 * Add `skip_reconfirmation!` to skip reconfirmation
7aa93a3 @josevalim Update CHANGELOG
josevalim authored
118 * Devise model generator now works with engines
2e50204 Changelog
Rodrigo Flores authored
119 * Devise encryptable was moved to its new gem (http://github.com/plataformatec/devise-encryptable)
7aa93a3 @josevalim Update CHANGELOG
josevalim authored
120
121 * deprecations
122 * Deprecations warnings added on Devise 2.0 are now removed with their features
f625953 @josevalim Update CHANGELOG.rdoc
josevalim authored
123 * All devise modules should now have a `required_fields(klass)` module method to help gathering missing attributes
124 * `use_salt_as_remember_token` and `apply_schema` does not have any effect since 2.0 and are now deprecated
125 * `valid_for_authentication?` must now return a boolean
7aa93a3 @josevalim Update CHANGELOG
josevalim authored
126
ca73dae Changelog
Rodrigo Flores authored
127 * bug fix
f625953 @josevalim Update CHANGELOG.rdoc
josevalim authored
128 * Ensure after sign in hook is not called without a resource
129 * Fix a term: now on Omniauth related flash messages, we say that we're authenticating from an omniauth provider instead of authorizing
130 * Fixed redirect when authenticated mounted apps (by @hakanensari)
65ef259 @josevalim Add a test case to previous commit
josevalim authored
131 * Ensure the failure app still respects config.relative_url_root
c3c0f4b @josevalim Update CHANGELOG.rdoc
josevalim authored
132 * `/users/sign_in` doesn't choke on protected attributes used to select sign in scope (by @Paymium)
133 * `failed_attempts` is set to zero after any sign in (including via reset password) (by @rodrigoflores)
07ef99a Changelog and a minor change on the test title
Rodrigo Flores authored
134 * Added token expiration on timeout (by @antiarchitect)
dacdc72 @josevalim Do not accidently mark _prefixes as private.
josevalim authored
135 * Do not accidentally mark `_prefixes` as private
7aa93a3 @josevalim Update CHANGELOG
josevalim authored
136 * Better support for custom strategies on test helpers (by @mattconnolly)
137 * Return `head :no_content` in SessionsController now that most JS libraries handle it (by @julianvargasalvarez)
ca73dae Changelog
Rodrigo Flores authored
138
d15d0ba @josevalim Update CHANGELOG.
josevalim authored
139 == 2.0.4
140
141 Notes: https://github.com/plataformatec/devise/wiki/How-To:-Upgrade-to-Devise-2.0
142
143 * bug fix
a394cea @josevalim Update CHANGELOG.
josevalim authored
144 * Fix when :host is used with devise_for (by @mreinsch)
d15d0ba @josevalim Update CHANGELOG.
josevalim authored
145 * Fix a regression that caused Warden to be initialized too late
146
147 == 2.0.3 (yanked)
9f4f973 Bumping new version
Rodrigo Flores authored
148
71f5a01 @josevalim Update CHANGELOG.
josevalim authored
149 * bug fix
150 * Ensure warning is not shown by mistake on apps with mounted engines
151 * Fixes related to remember_token and rememberable_options
152 * Ensure serializable_hash does not depend on accessible attributes
91d0360 Changelog
Rodrigo Flores authored
153 * Ensure that timeout callback does not run on sign out action
71f5a01 @josevalim Update CHANGELOG.
josevalim authored
154
2e27d1f @josevalim Update CHANGELOG, release 2.0.2
josevalim authored
155 == 2.0.2
dd2a66d @josevalim Update CHANGELOG.
josevalim authored
156
c3f864f @josevalim Allow parent controller to be customizable.
josevalim authored
157 * enhancements
2e27d1f @josevalim Update CHANGELOG, release 2.0.2
josevalim authored
158 * Add devise_i18n_options to customize I18n message
159
160 * bug fix
161 * Ensure Devise.available_router_name defaults to :main_app
162 * Set autocomplete to off for password on edit forms
163 * Better error messages in case a trackable model can't be saved
164 * Show a warning in case someone gives a pluralized name to devise generator
165 * Fix test behavior for rspec subject requests (by @sj26)
166
167 == 2.0.1
168
169 * enhancements
f1a27b8 @josevalim Release 2.0.1.
josevalim authored
170 * Improved error messages on deprecation warnings
171 * Hide Devise's internal generators from `rails g` command
172
173 * bug fix
174 * Removed tmp and log files from gem
175
176 == 2.0.0
177
178 * enhancements
a71a352 @josevalim Release 2.0.0
josevalim authored
179 * Add support for e-mail reconfirmation on change (by @Mandaryn and @heimidal)
180 * Redirect users to sign in page after unlock (by @nashby)
275c480 @josevalim Redirect to the previous URL on timeout, closes #1596
josevalim authored
181 * Redirect to the previous URL on timeout
aa2d15a @josevalim Move devise/shared/_links.erb to devise/_links.erb
josevalim authored
182 * Inherit from the same Devise parent controller (by @sj26)
897c1c6 @josevalim Allow router_name to be customizable via Devise.router_name, useful for ...
josevalim authored
183 * Allow parent_controller to be customizable via Devise.parent_controller, useful for engines
184 * Allow router_name to be customizable via Devise.router_name, useful for engines
a71a352 @josevalim Release 2.0.0
josevalim authored
185 * Allow alternate ORMs to run compatibility setup code before Authenticatable is included (by @jm81)
aa2d15a @josevalim Move devise/shared/_links.erb to devise/_links.erb
josevalim authored
186
187 * deprecation
a71a352 @josevalim Release 2.0.0
josevalim authored
188 * Devise now only supports Rails 3.1 forward
189 * Devise.confirm_within was deprecated in favor Devise.allow_unconfirmed_access_for
190 * Devise.stateless_token= is deprecated in favor of appending :token_auth to Devise.skip_session_storage
191 * Usage of Devise.apply_schema is deprecated
192 * Usage of Devise migration helpers are deprecated
5a11c65 @josevalim Usage of Devise.stateless_token= is deprecated in favor of appending :to...
josevalim authored
193 * Usage of Devise.remember_across_browsers was deprecated
930b324 @josevalim Usage of confirm_within was deprecated in favor allow_unconfirmed_access...
josevalim authored
194 * Usage of rememberable with remember_token was removed
195 * Usage of recoverable without reset_password_sent_at was removed
5a11c65 @josevalim Usage of Devise.stateless_token= is deprecated in favor of appending :to...
josevalim authored
196 * Usage of Devise.case_insensitive_keys equals to false was removed
a71a352 @josevalim Release 2.0.0
josevalim authored
197 * Move devise/shared/_links.erb to devise/_links.erb
198 * Deprecated support of nested devise_for blocks
199 * Deprecated support to devise.registrations.reasons and devise.registrations.inactive_signed_up in favor of devise.registrations.signed_up_but_*
64c99bc Updated changelog to include the removal of render_with_scope
Rodrigo Flores authored
200 * Protected method render_with_scope was removed.
fa4d420 @josevalim Update CHANGELOG.
josevalim authored
201
059d385 @josevalim Update CHANGELOG.
josevalim authored
202 == 1.5.3
203
204 * bug fix
a1464db @josevalim Replace github.com/ by @
josevalim authored
205 * Ensure delegator converts scope to symbol (by @dmitriy-kiriyenko)
059d385 @josevalim Update CHANGELOG.
josevalim authored
206 * Ensure passing :format => false to devise_for is not permanent
207 * Ensure path checker does not check invalid routes
208
4243791 Bumping to 1.5.2
Rodrigo Flores authored
209 == 1.5.2
5909d6a @josevalim Fix up previous commit and update CHANGELOG.
josevalim authored
210
211 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
212 * Add support for Rails 3.1 new mass assignment conventions (by @kirs)
213 * Add timeout_in method to Timeoutable, it can be overridden in a model (by @lest)
5909d6a @josevalim Fix up previous commit and update CHANGELOG.
josevalim authored
214
215 * bug fix
216 * OmniAuth error message now shows the proper option (:strategy_class instead of :klass)
217
582f00e @josevalim Devise should not attempt to load OmniAuth strategies. Strategies should...
josevalim authored
218 == 1.5.1
219
220 * bug fix
221 * Devise should not attempt to load OmniAuth strategies. Strategies should be loaded before hand by the developer or explicitly given to Devise.
222
a71319a Bumping to 1.5.0
Rodrigo Flores authored
223 == 1.5.0
f3aa5e4 @josevalim Update CHANGELOG and bump up to 1.5.0.dev
josevalim authored
224
d448e7d @josevalim Timeoutable also skips tracking if skip_trackable is given
josevalim authored
225 * enhancements
226 * Timeoutable also skips tracking if skip_trackable is given
58d61c2 @josevalim Update CHANGELOG.
josevalim authored
227 * devise_for now accepts :failure_app as an option
a1464db @josevalim Replace github.com/ by @
josevalim authored
228 * Models can select the proper mailer via devise_mailer method (by @locomotivecms)
229 * Migration generator now uses the change method (by @nashby)
230 * Support to markerb templates on the mailer generator (by @sbounmy)
231 * Support for Omniauth 1.0 (older versions are no longer supported) (by @TamiasSibiricus)
d448e7d @josevalim Timeoutable also skips tracking if skip_trackable is given
josevalim authored
232
f3aa5e4 @josevalim Update CHANGELOG and bump up to 1.5.0.dev
josevalim authored
233 * bug fix
234 * Allow idempotent API requests
235 * Fix bug where logs did not show 401 as status code
2a5ad46 @josevalim Change all paranoid settings to behave as success instead of as failure,...
josevalim authored
236 * Change paranoid settings to behave as success instead of as failure
a816e53 @josevalim Fix bug where activation messages were shown first than the credentials ...
josevalim authored
237 * Fix bug where activation messages were shown first than the credentials error message
16208f7 @josevalim Rework previous commit to clean up the instance variable dynamically.
josevalim authored
238 * Instance variables are expired after sign out
f3aa5e4 @josevalim Update CHANGELOG and bump up to 1.5.0.dev
josevalim authored
239
bba6562 @josevalim after_sign_in_path_for now redirects to session[scope_return_to] if any ...
josevalim authored
240 * deprecation
241 * redirect_location is deprecated, please use after_sign_in_path_for
242 * after_sign_in_path_for now redirects to session[scope_return_to] if any value is stored in it
243
81f0c20 @josevalim Update CHANGELOG.
josevalim authored
244 == 1.4.9
245
246 * bug fix
247 * url helpers were not being set under some circumstances
248
96f55a7 @josevalim Update docs and CHANGELOG.
josevalim authored
249 == 1.4.8
250
251 * enhancements
252 * Add docs for assets pipeline and Heroku
253
254 * bug fix
255 * confirmation_url was not being set under some circumstances
256
ab9d856 @josevalim Add a deprecation warning for previous controller authorization style.
josevalim authored
257 == 1.4.7
258
259 * bug fix
260 * Fix backward incompatible change from 1.4.6 for those using custom controllers
261
d15d0ba @josevalim Update CHANGELOG.
josevalim authored
262 == 1.4.6 (yanked)
08a8d7b @josevalim Prepare for 1.4.6
josevalim authored
263
264 * enhancements
265 * Allow devise_for :skip => :all
266 * Allow options to be passed to authenticate_user!
267 * Allow --skip-routes to devise generator
268 * Add allow_params_authentication! to make it explicit when params authentication is allowed in a controller
269
263e903 @josevalim Release v1.4.5
josevalim authored
270 == 1.4.5
601e1d3 @josevalim Update CHANGELOG.
josevalim authored
271
272 * bug fix
273 * Failure app tries the root path if a session one does not exist
a1464db @josevalim Replace github.com/ by @
josevalim authored
274 * No need to finalize Devise helpers all the time (by @bradleypriest)
601e1d3 @josevalim Update CHANGELOG.
josevalim authored
275 * Reset password shows proper message if user is not active
276 * `clean_up_passwords` sets the accessors to nil to skip validations
277
071f54a @josevalim Release v1.4.4 with a fix for those using :skip in routes.
josevalim authored
278 == 1.4.4
279
8796c1c @josevalim Do not always skip helpers, instead provide :skip_helpers as option to t...
josevalim authored
280 * bug fix
281 * Do not always skip helpers, instead provide :skip_helpers as option to trigger it manually
282
ef4eb47 @josevalim Release v1.4.3 with improve Rails 3.1 compatibility.
josevalim authored
283 == 1.4.3
284
7396c69 @josevalim Quack, quack, quack. Use duck typing instead of hardcoding everything, c...
josevalim authored
285 * enhancements
ef4eb47 @josevalim Release v1.4.3 with improve Rails 3.1 compatibility.
josevalim authored
286 * Improve Rails 3.1 compatibility
7396c69 @josevalim Quack, quack, quack. Use duck typing instead of hardcoding everything, c...
josevalim authored
287 * Use serialize_into_session and serialize_from_session in Warden serialize to improve extensibility
288
04cb789 @josevalim Edited CHANGELOG.rdoc via GitHub
josevalim authored
289 * bug fix
4222afe @josevalim Tidy up latest commits, update CHANGELOG.
josevalim authored
290 * Generator properly generates a change_table migration if a model already exists
04cb789 @josevalim Edited CHANGELOG.rdoc via GitHub
josevalim authored
291 * Properly deprecate setup_mail
a8d9695 @josevalim Simplify regexp and ensure it runs against UTF8 chars, closes #1235
josevalim authored
292 * Fix encoding issues with email regexp
673c707 @josevalim Update CHANGELOG.
josevalim authored
293 * Only generate helpers for the used mappings
294 * Wrap :action constraints in the proper hash
a8d9695 @josevalim Simplify regexp and ensure it runs against UTF8 chars, closes #1235
josevalim authored
295
296 * deprecations
a8de38d @josevalim Fix http://@ from CHANGELOG
josevalim authored
297 * Loosened the used email regexp to simply assert the existent of "@". If someone relies on a more strict regexp, they may use https://github.com/SixArm/sixarm_ruby_email_address_validation
04cb789 @josevalim Edited CHANGELOG.rdoc via GitHub
josevalim authored
298
7a2e018 @josevalim Release 1.4.2.
josevalim authored
299 == 1.4.2
300
5a98e4f @josevalim Temporary fix for 3-1-stable that does not implement key? on cookie jar,...
josevalim authored
301 * bug fix
33d7644 @josevalim Provide a more robust behavior to serializers and add :force_except opti...
josevalim authored
302 * Provide a more robust behavior to serializers and add :force_except option
5a98e4f @josevalim Temporary fix for 3-1-stable that does not implement key? on cookie jar,...
josevalim authored
303
46c2d5a @josevalim Update CHANGELOG.
josevalim authored
304 == 1.4.1
305
306 * enhancements
307 * Add :defaults and :format support on router
308 * Add simple form generators
a1464db @josevalim Replace github.com/ by @
josevalim authored
309 * Better localization for devise_error_messages! (by @zedtux)
46c2d5a @josevalim Update CHANGELOG.
josevalim authored
310
767a7a7 @josevalim Ensure handle_unverified_request clean up any cached signed-in user
josevalim authored
311 * bug fix
07db04e @josevalim Work around AR that does not call serializable_hash on to_xml.
josevalim authored
312 * Ensure to_xml is properly white listened
767a7a7 @josevalim Ensure handle_unverified_request clean up any cached signed-in user
josevalim authored
313 * Ensure handle_unverified_request clean up any cached signed-in user
314
dba8f91 \o/ Bumping to 1.4.0 \o/
Rodrigo Flores authored
315 == 1.4.0
316
f132c78 @josevalim Update CHANGELOG, bump to 1.4.0.dev.
josevalim authored
317 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
318 * Added authenticated and unauthenticated to the router to route the used based on his status (by @sj26)
319 * Improve e-mail regexp (by @rodrigoflores)
320 * Add strip_whitespace_keys and default to e-mail (by @swrobel)
321 * Do not run format and uniqueness validations on e-mail if it hasn't changed (by @Thibaut)
322 * Added update_without_password to update models but not allowing the password to change (by @fschwahn)
323 * Added config.paranoid, check the generator for more information (by @rodrigoflores)
f132c78 @josevalim Update CHANGELOG, bump to 1.4.0.dev.
josevalim authored
324
a59410a @josevalim password_required? should not affect length validation, closes #1037.
josevalim authored
325 * bug fix
326 * password_required? should not affect length validation
4fd866d @josevalim User cannot access sign up and similar pages if he is already signed in ...
josevalim authored
327 * User cannot access sign up and similar pages if he is already signed in through a cookie or token
a1464db @josevalim Replace github.com/ by @
josevalim authored
328 * Do not convert booleans to strings on finders (by @xavier)
329 * Run validations even if current_password fails (by @crx)
330 * Devise now honors routes constraints (by @macmartine)
331 * Do not return the user resource when requesting instructions (by @rodrigoflores)
a59410a @josevalim password_required? should not affect length validation, closes #1037.
josevalim authored
332
7e79ed6 @josevalim Update CHANGELOG.
josevalim authored
333 == 1.3.4
334
335 * bug fix
336 * Do not add formats if html or "*/*"
337
64cf8a4 @josevalim Update CHANGELOG.
josevalim authored
338 == 1.3.3
339
340 * bug fix
341 * Explicitly mark the token as expired if so
342
f152860 @josevalim Update CHANGELOG.
josevalim authored
343 == 1.3.2
344
345 * bug fix
a1464db @josevalim Replace github.com/ by @
josevalim authored
346 * Fix another regression related to reset_password_sent_at (by @alexdreher)
f152860 @josevalim Update CHANGELOG.
josevalim authored
347
b6cf1df @josevalim Release 1.3.1.
josevalim authored
348 == 1.3.1
349
7a2d76d @josevalim Update changelog, improve coverage.
josevalim authored
350 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
351 * Improve failure_app responses (by @indirect)
b6cf1df @josevalim Release 1.3.1.
josevalim authored
352 * sessions/new and registrations/new also respond to xml and json now
7a2d76d @josevalim Update changelog, improve coverage.
josevalim authored
353
354 * bug fix
a1464db @josevalim Replace github.com/ by @
josevalim authored
355 * Fix a regression that occurred if reset_password_sent_at is not present (by @stevehodgkiss)
7a2d76d @josevalim Update changelog, improve coverage.
josevalim authored
356
460beae @josevalim Release 1.3.0.
josevalim authored
357 == 1.3.0
358
d3a3747 @josevalim Update CHANGELOG
josevalim authored
359 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
360 * All controllers can now handle different mime types than html using Responders (by @sikachu)
361 * Added reset_password_within as configuration option to send the token for recovery (by @jdguyot)
362 * Bump password length to 128 characters (by @k33l0r)
363 * Add :only as option to devise_for (by @timoschilling)
364 * Allow to override path after sending password instructions (by @irohiroki)
365 * require_no_authentication has its own flash message (by @jackdempsey)
d3a3747 @josevalim Update CHANGELOG
josevalim authored
366
e490214 @josevalim Ensure configuration options are allowed exactly after each module is in...
josevalim authored
367 * bug fix
368 * Fix a bug where configuration options were being included too late
a1464db @josevalim Replace github.com/ by @
josevalim authored
369 * Ensure Devise::TestHelpers can be used to tests Devise internal controllers (by @jwilger)
370 * valid_password? should not choke on empty passwords (by @mikel)
d02f86b @josevalim Update changelog.
josevalim authored
371 * Calling devise more than once does not include previously added modules anymore
372 * downcase_keys before validation
e490214 @josevalim Ensure configuration options are allowed exactly after each module is in...
josevalim authored
373
374 * backward incompatible changes
375 * authentication_keys are no longer considered when creating the e-mail validations, the previous behavior was buggy. You must double check if you were relying on such behavior.
376
d3a3747 @josevalim Update CHANGELOG
josevalim authored
377 == 1.2.1
378
379 * enhancements
380 * Improve update path messages
381
da51050 @josevalim Release 1.2.0
josevalim authored
382 == 1.2.0
383
1bf7da1 @josevalim Properly ignore path prefix on omniauthable
josevalim authored
384 * bug fix
385 * Properly ignore path prefix on omniauthable
74166e2 @josevalim Faster uniqueness queries, closes #917
josevalim authored
386 * Faster uniqueness queries
02ae0c2 @josevalim Update CHANGELOG.
josevalim authored
387 * Rename active? to active_for_authentication? to avoid conflicts
1bf7da1 @josevalim Properly ignore path prefix on omniauthable
josevalim authored
388
4f09357 @josevalim Release 1.2.rc2.
josevalim authored
389 == 1.2.rc2
390
7759c8b @josevalim Update CHANGELOG
josevalim authored
391 * enhancements
bbafb70 @josevalim Update CHANGELOG.
josevalim authored
392 * Make friendly_token 20 chars long
0c5acc6 @josevalim Update CHANGELOG.
josevalim authored
393 * Use secure_compare
7759c8b @josevalim Update CHANGELOG
josevalim authored
394
c27bc21 @josevalim Update CHANGELOG.
josevalim authored
395 * bug fix
396 * Fix an issue causing infinite redirects in production
a1464db @josevalim Replace github.com/ by @
josevalim authored
397 * rails g destroy works properly with devise generators (by @andmej)
398 * before_failure callbacks should work on test helpers (by @twinge)
399 * rememberable cookie now is httponly by default (by @JamesFerguson)
400 * Add missing confirmation_keys (by @JohnPlummer)
bbafb70 @josevalim Update CHANGELOG.
josevalim authored
401 * Ensure after_* hooks are called on RegistrationsController
6a6ed67 @josevalim Improve tests and update CHANGELOG.
josevalim authored
402 * When using database_authenticatable Devise will now only create an email field when appropriate (if using default authentication_keys or custom authentication_keys with email included)
a1464db @josevalim Replace github.com/ by @
josevalim authored
403 * Ensure stateless token does not trigger timeout (by @pixelauthority)
ae75186 @josevalim Update CHANGELOG.
josevalim authored
404 * Implement handle_unverified_request for Rails 3.0.4 compatibility and improve FailureApp reliance on symbols
3375985 @josevalim Update CHANGELOG.
josevalim authored
405 * Consider namespaces while generating routes
a1464db @josevalim Replace github.com/ by @
josevalim authored
406 * Custom failure apps no longer ignored in test mode (by @jaghion)
3375985 @josevalim Update CHANGELOG.
josevalim authored
407 * Do not depend on ActiveModel::Dirty
408 * Manual sign_in now triggers remember token
392e664 @josevalim Be sure to halt on failures, closes #856
josevalim authored
409 * Be sure to halt strategies on failures
305059f @vinibaggio Consider SCRIPT_NAME on omniauth url helper. Closes #876
vinibaggio authored
410 * Consider SCRIPT_NAME on Omniauth paths
0cc900e @vinibaggio Reset lock attempts count when lock is expired. Closes #825
vinibaggio authored
411 * Reset failed attempts when lock is expired
4f09357 @josevalim Release 1.2.rc2.
josevalim authored
412 * Ensure there is no Mongoid injection
c27bc21 @josevalim Update CHANGELOG.
josevalim authored
413
912969b @josevalim Update CHANGELOG.
josevalim authored
414 * deprecations
a1464db @josevalim Replace github.com/ by @
josevalim authored
415 * Deprecated anybody_signed_in? in favor of signed_in? (by @gavinhughes)
3109b09 @josevalim Remove --haml and --slim views from Devise.
josevalim authored
416 * Removed --haml and --slim view templates
3375985 @josevalim Update CHANGELOG.
josevalim authored
417 * Devise::OmniAuth helpers were deprecated and removed in favor of Omniauth.config.test_mode
912969b @josevalim Update CHANGELOG.
josevalim authored
418
1d6944d @josevalim Update gemspec with 1.2.rc release.
josevalim authored
419 == 1.2.rc
420
617b95f @josevalim sign_out_all_scopes is true by default.
josevalim authored
421 * deprecations
38f3f63 @josevalim cookie_domain is deprecated in favor of cookie_options which uses sessio...
josevalim authored
422 * cookie_domain is deprecated in favor of cookie_options
db1ce8e @josevalim Sign up now check if the user is active or not and redirect him accordin...
josevalim authored
423 * after_update_path_for can no longer be defined in ApplicationController
617b95f @josevalim sign_out_all_scopes is true by default.
josevalim authored
424
817a780 @josevalim Remove deprecated stuff, tag 1.2.0 as version.
josevalim authored
425 * enhancements
3d1152f @josevalim Update README and CHANGELOG.
josevalim authored
426 * Added OmniAuth support
427 * Added ORM adapter to abstract ORM iteraction
a1464db @josevalim Replace github.com/ by @
josevalim authored
428 * sign_out_via is available in the router to configure the method used for sign out (by @martinrehfeld)
429 * Improved Ajax requests handling in failure app (by @spastorino)
6613653 @josevalim Update CHANGELOG.
josevalim authored
430 * Added request_keys to easily use request specific values (like subdomain) in authentication
2aa1d2f @josevalim Increase the size of the friendly token.
josevalim authored
431 * Increased the size of friendly_token to 60 characters (reduces the chances of a successful brute attack)
a1464db @josevalim Replace github.com/ by @
josevalim authored
432 * Ensure the friendly token does not include "_" or "-" since some e-mails may not autolink it properly (by @rymai)
6613653 @josevalim Update CHANGELOG.
josevalim authored
433 * Extracted encryptors into :encryptable for better bcrypt support
434 * :rememberable is now able to use salt as token if no remember_token is provided
617e142 @josevalim Store the salt in session and expire the session if the user changes his...
josevalim authored
435 * Store the salt in session and expire the session if the user changes his password
531f221 @josevalim Allow :stateless_token to be set to true avoiding users to be stored in ...
josevalim authored
436 * Allow :stateless_token to be set to true avoiding users to be stored in session through token authentication
38f3f63 @josevalim cookie_domain is deprecated in favor of cookie_options which uses sessio...
josevalim authored
437 * cookie_options uses session_options values by default
db1ce8e @josevalim Sign up now check if the user is active or not and redirect him accordin...
josevalim authored
438 * Sign up now check if the user is active or not and redirect him accordingly setting the inactive_signed_up message
b409184 @josevalim Update CHANGELOG.
josevalim authored
439 * Use ActiveModel#to_key instead of #id
440 * sign_out_all_scopes now destroys the whole session
a1464db @josevalim Replace github.com/ by @
josevalim authored
441 * Added case_insensitive_keys that automatically downcases the given keys, by default downcases only e-mail (by @adahl)
db1ce8e @josevalim Sign up now check if the user is active or not and redirect him accordin...
josevalim authored
442
443 * default behavior changes
444 * sign_out_all_scopes defaults to true as security measure
445 * http authenticatable is disabled by default
c7efb68 @josevalim Devise does not intercept 401 returned from applications anymore
josevalim authored
446 * Devise does not intercept 401 returned from applications
3d3bb35 @josevalim Update CHANGELOG.
josevalim authored
447
448 * bugfix
449 * after_sign_in_path_for always receives a resource
a1464db @josevalim Replace github.com/ by @
josevalim authored
450 * Do not execute Warden::Callbacks on Devise::TestHelpers (by @sgronblo)
451 * Allow password recovery and account unlocking to change used keys (by @RStankov)
2366530 @josevalim Update CHANGELOG.
josevalim authored
452 * FailureApp now properly handles nil request.format
453 * Fix a bug causing FailureApp to return with HTTP Auth Headers for IE7
d8016ea @josevalim Ensure namespaces has proper scoped views, closes #654
josevalim authored
454 * Ensure namespaces has proper scoped views
a1464db @josevalim Replace github.com/ by @
josevalim authored
455 * Ensure Devise does not set empty flash messages (by @sxross)
f96061b @josevalim Update docs and CHANGELOG based on the 1.1.3 release from v1.1 branch.
josevalim authored
456
0c5acc6 @josevalim Update CHANGELOG.
josevalim authored
457 == 1.1.6
458
459 * Use a more secure e-mail regexp
460 * Implement Rails 3.0.4 handle unverified request
461 * Use secure_compare to compare passwords
462
463 == 1.1.5
464
465 * bugfix
466 * Ensure to convert keys on indifferent hash
467
468 * defaults
469 * Set config.http_authenticatable to false to avoid confusion
470
7145099 @josevalim Avoid session fixation attacks.
josevalim authored
471 == 1.1.4
472
473 * bugfix
474 * Avoid session fixation attacks
475
f96061b @josevalim Update docs and CHANGELOG based on the 1.1.3 release from v1.1 branch.
josevalim authored
476 == 1.1.3
477
478 * bugfix
479 * Add reply-to to e-mail headers by default
a1464db @josevalim Replace github.com/ by @
josevalim authored
480 * Updated the views generator to respect the rails :template_engine option (by @fredwu)
f96061b @josevalim Update docs and CHANGELOG based on the 1.1.3 release from v1.1 branch.
josevalim authored
481 * Check the type of HTTP Authentication before using Basic headers
a1464db @josevalim Replace github.com/ by @
josevalim authored
482 * Avoid invalid_salt errors by checking salt presence (by @thibaudgg)
483 * Forget user deletes the right cookie before logout, not remembering the user anymore (by @emtrane)
484 * Fix for failed first-ever logins on PostgreSQL where column default is nil (by @bensie)
f96061b @josevalim Update docs and CHANGELOG based on the 1.1.3 release from v1.1 branch.
josevalim authored
485 * :default options is now honored in migrations
817a780 @josevalim Remove deprecated stuff, tag 1.2.0 as version.
josevalim authored
486
5701542 @josevalim Update CHANGELOG.
josevalim authored
487 == 1.1.2
488
489 * bugfix
490 * Compatibility with latest Rails routes schema
491
e6218b3 @josevalim Update CHANGELOG from branch.
josevalim authored
492 == 1.1.1
493
494 * bugfix
495 * Fix a small bug where generated locale file was empty on devise:install
496
9ab64c5 @josevalim Release 1.1.0.
josevalim authored
497 == 1.1.0
1cf7702 @josevalim Bump version to 1.1.0 but do not release yet. We are only using this as ...
josevalim authored
498
0eb9208 @trevorturk changelog note for remember_across_browsers
trevorturk authored
499 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
500 * Rememberable module allows user to be remembered across browsers and is enabled by default (by @trevorturk)
501 * Rememberable module allows you to activate the period the remember me token is extended (by @trevorturk)
8e3ef2a @josevalim Add entry to CHANGELOG.
josevalim authored
502 * devise_for can now be used together with scope method in routes but with a few limitations (check the documentation)
680f261 @josevalim Update CHANGELOG.
josevalim authored
503 * Support `as` or `devise_scope` in the router to specify controller access scope
a1464db @josevalim Replace github.com/ by @
josevalim authored
504 * HTTP Basic Auth can now be disabled/enabled for xhr(ajax) requests using http_authenticatable_on_xhr option (by @pellja)
8e3ef2a @josevalim Add entry to CHANGELOG.
josevalim authored
505
4b27276 @josevalim Fix a bug in Devise::TestHelpers where current_user was returning a Resp...
josevalim authored
506 * bug fix
55bc0ac @josevalim Update CHANGELOG.
josevalim authored
507 * Fix a bug in Devise::TestHelpers where current_user was returning a Response object for non active accounts
508 * Devise should respect script_name and path_info contracts
a1464db @josevalim Replace github.com/ by @
josevalim authored
509 * Fix a bug when accessing a path with (.:format) (by @klacointe)
2602ef4 @josevalim Do not add unlock routes unless unlock strategy is email or both, closes...
josevalim authored
510 * Do not add unlock routes unless unlock strategy is email or both
ebe3e79 @josevalim Email should be case insensitive, closes #372
josevalim authored
511 * Email should be case insensitive
e567c00 @josevalim Store classes as string in session, to avoid serialization and stale dat...
josevalim authored
512 * Store classes as string in session, to avoid serialization and stale data issues
4b27276 @josevalim Fix a bug in Devise::TestHelpers where current_user was returning a Resp...
josevalim authored
513
ae6322e @josevalim No longer retrieve the user from paths, but use the env hash. This chang...
josevalim authored
514 * deprecations
515 * use_default_scope is deprecated and has no effect. Use :as or :devise_scope in the router instead
516
748eced @josevalim Release RC2 (for Rails 3.0.0.beta4)
josevalim authored
517 == 1.1.rc2
0333cae @josevalim Make bcrypt the default encryptor and automatically add a pepper on gene...
josevalim authored
518
519 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
520 * Allow to set cookie domain for the remember token. (by @mantas)
0333cae @josevalim Make bcrypt the default encryptor and automatically add a pepper on gene...
josevalim authored
521 * Added navigational formats to specify when it should return a 302 and when a 401.
a1464db @josevalim Replace github.com/ by @
josevalim authored
522 * Added authenticate(scope) support in routes (by @wildchild)
523 * Added after_update_path_for to registrations controller (by @thedelchop)
a2f8485 @josevalim Allow the mailer class to be configured.
josevalim authored
524 * Allow the mailer object to be replaced through config.mailer = "MyOwnMailer"
0333cae @josevalim Make bcrypt the default encryptor and automatically add a pepper on gene...
josevalim authored
525
526 * bug fix
1f4a31f @josevalim Update generators to use Rails 3 syntax, i.e devise:install instead of d...
josevalim authored
527 * Fix a bug where session was timing out on sign out
0333cae @josevalim Make bcrypt the default encryptor and automatically add a pepper on gene...
josevalim authored
528
529 * deprecations
530 * bcrypt is now the default encryptor
80895c3 @josevalim Make I18n key for mailer compatible with lookup shortcuts, closes #245
josevalim authored
531 * devise.mailer.confirmations_instructions now should be devise.mailer.confirmations_instructions.subject
532 * devise.mailer.user.confirmations_instructions now should be devise.mailer.confirmations_instructions.user_subject
1f4a31f @josevalim Update generators to use Rails 3 syntax, i.e devise:install instead of d...
josevalim authored
533 * Generators now use Rails 3 syntax (devise:install) instead of devise_install
0333cae @josevalim Make bcrypt the default encryptor and automatically add a pepper on gene...
josevalim authored
534
4b27276 @josevalim Fix a bug in Devise::TestHelpers where current_user was returning a Resp...
josevalim authored
535 == 1.1.rc1
766316b @josevalim Got tests running on Rails 3: 369 tests, 486 assertions, 45 failures, 12...
josevalim authored
536
02e8c04 @josevalim Update views generator and now have scoped views.
josevalim authored
537 * enhancements
748eced @josevalim Release RC2 (for Rails 3.0.0.beta4)
josevalim authored
538 * Rails 3 compatibility
539 * All controllers and views are namespaced, for example: Devise::SessionsController and "devise/sessions"
540 * Devise.orm is deprecated. This reduces the required API to hook your ORM with devise
541 * Use metal for failure app
542 * HTML e-mails now have proper formatting
543 * Allow to give :skip and :controllers in routes
544 * Move trackable logic to the model
545 * E-mails now use any template available in the filesystem. Easy to create multipart e-mails
546 * E-mails asks headers_for in the model to set the proper headers
547 * Allow to specify haml in devise_views
7774acc @josevalim Remove data_mapper support.
josevalim authored
548 * Compatibility with Mongoid
748eced @josevalim Release RC2 (for Rails 3.0.0.beta4)
josevalim authored
549 * Make config.devise available on config/application.rb
550 * TokenAuthenticatable now works with HTTP Basic Auth
551 * Allow :unlock_strategy to be :none and add :lock_strategy which can be :failed_attempts or none. Setting those values to :none means that you want to handle lock and unlocking by yourself
552 * No need to append ?unauthenticated=true in URLs anymore since Flash was moved to a middleware in Rails 3
553 * :activatable is included by default in your models
02e8c04 @josevalim Update views generator and now have scoped views.
josevalim authored
554
b2a50db @josevalim Fix a bug with STI. Closes #195.
josevalim authored
555 * bug fix
748eced @josevalim Release RC2 (for Rails 3.0.0.beta4)
josevalim authored
556 * Fix a bug with STI
b2a50db @josevalim Fix a bug with STI. Closes #195.
josevalim authored
557
02e8c04 @josevalim Update views generator and now have scoped views.
josevalim authored
558 * deprecations
748eced @josevalim Release RC2 (for Rails 3.0.0.beta4)
josevalim authored
559 * Rails 3 compatible only
560 * Removed support for MongoMapper
561 * Scoped views are no longer "sessions/users/new". Now use "users/sessions/new"
562 * Devise.orm is deprecated, just require "devise/orm/YOUR_ORM" instead
563 * Devise.default_url_options is deprecated, just modify ApplicationController.default_url_options
564 * All messages under devise.sessions, except :signed_in and :signed_out, should be moved to devise.failure
565 * :as and :scope in routes is deprecated. Use :path and :singular instead
566
567 == 1.0.8
568
569 * enhancements
570 * Support for latest MongoMapper
a1464db @josevalim Replace github.com/ by @
josevalim authored
571 * Added anybody_signed_in? helper (by @SSDany)
748eced @josevalim Release RC2 (for Rails 3.0.0.beta4)
josevalim authored
572
573 * bug fix
a1464db @josevalim Replace github.com/ by @
josevalim authored
574 * confirmation_required? is properly honored on active? calls. (by @paulrosania)
766316b @josevalim Got tests running on Rails 3: 369 tests, 486 assertions, 45 failures, 12...
josevalim authored
575
a4351b0 @josevalim Update master CHANGELOG.
josevalim authored
576 == 1.0.7
577
578 * bug fix
579 * Ensure password confirmation is always required
580
581 * deprecations
582 * authenticatable was deprecated and renamed to database_authenticatable
583 * confirmable is not included by default on generation
584
f9cbd3c @josevalim Add 1.0.6 entries to master changelog
josevalim authored
585 == 1.0.6
586
587 * bug fix
588 * Do not allow unlockable strategies based on time to access a controller.
589 * Do not send unlockable email several times.
590 * Allow controller to upstram custom! failures to Warden.
591
63deb0e @josevalim Update CHANGELOG.
josevalim authored
592 == 1.0.5
593
594 * bug fix
595 * Use prepend_before_filter in require_no_authentication.
596 * require_no_authentication on unlockable.
597 * Fix a bug when giving an association proxy to devise.
598 * Do not use lock! on lockable since it's part of ActiveRecord API.
599
288b92d @josevalim Update CHANGELOG.
josevalim authored
600 == 1.0.4
601
602 * bug fix
603 * Fixed a bug when deleting an account with rememberable
604 * Fixed a bug with custom controllers
605
e6f3034 @josevalim Do not remove options from MongoMapper and DataMapper in find.
josevalim authored
606 == 1.0.3
607
608 * enhancements
609 * HTML e-mails now have proper formatting
610 * Do not remove MongoMapper options in find
611
968ebe1 @josevalim Uses the same content type as request on http authenticatable 401 respon...
josevalim authored
612 == 1.0.2
613
614 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
615 * Allows you set mailer content type (by @glennr)
968ebe1 @josevalim Uses the same content type as request on http authenticatable 401 respon...
josevalim authored
616
617 * bug fix
618 * Uses the same content type as request on http authenticatable 401 responses
619
48a94cd @josevalim Avoid mass assignment error messages with current password.
josevalim authored
620 == 1.0.1
621
622 * enhancements
623 * HttpAuthenticatable is not added by default automatically.
624 * Avoid mass assignment error messages with current password.
625
626 * bug fix
627 * Fixed encryptors autoload
628
4bfbeea @josevalim Release 1.0.0
josevalim authored
629 == 1.0.0
630
d7db5b1 @josevalim More work on edit.
josevalim authored
631 * deprecation
632 * :old_password in update_with_password is deprecated, use :current_password instead
633
60fd9d2 @josevalim Rely on duck type instead of mappings settings.
josevalim authored
634 * enhancements
9798ad7 @josevalim Allow scoped views to be customized per controller/mailer class.
josevalim authored
635 * Added Registerable
60fd9d2 @josevalim Rely on duck type instead of mappings settings.
josevalim authored
636 * Added Http Basic Authentication support
9798ad7 @josevalim Allow scoped views to be customized per controller/mailer class.
josevalim authored
637 * Allow scoped_views to be customized per controller/mailer class
2a9e8dc @josevalim Allow authenticatable to used in change_table statements
josevalim authored
638 * [#99] Allow authenticatable to used in change_table statements
60fd9d2 @josevalim Rely on duck type instead of mappings settings.
josevalim authored
639
e02810d @josevalim Move to 0.9.2.
josevalim authored
640 == 0.9.2
641
642 * bug fix
643 * Ensure inactive user cannot sign in
644 * Ensure redirect to proper url after sign up
645
3781a0f @josevalim Tidy up token authentication implementation.
josevalim authored
646 * enhancements
647 * Added gemspec to repo
a1464db @josevalim Replace github.com/ by @
josevalim authored
648 * Added token authenticatable (by @grimen)
3781a0f @josevalim Tidy up token authentication implementation.
josevalim authored
649
ca79477 @josevalim Bump to 0.9.1.
josevalim authored
650 == 0.9.1
651
652 * bug fix
a1464db @josevalim Replace github.com/ by @
josevalim authored
653 * Allow bigger salt size (by @jgeiger)
ca79477 @josevalim Bump to 0.9.1.
josevalim authored
654 * Fix relative url root
655
e4e9e16 @josevalim Bump to 0.9.0.
josevalim authored
656 == 0.9.0
657
66f4cfd @josevalim Clean up tests.
josevalim authored
658 * deprecation
659 * devise :all is deprecated
345bf15 @josevalim Add latest commities entries to CHANGELOG.
josevalim authored
660 * :success and :failure flash messages are now :notice and :alert
66f4cfd @josevalim Clean up tests.
josevalim authored
661
19f9ecf @josevalim Updating CHANGELOG.
josevalim authored
662 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
663 * Added devise lockable (by @mhfs)
a32e90a @josevalim Update CHANGELOG and dependencies.
josevalim authored
664 * Warden 0.9.0 compatibility
394b1ff @josevalim Bring mongomapper up to date. Remember that you need mongo_ext in order ...
josevalim authored
665 * Mongomapper 0.6.10 compatibility
a1464db @josevalim Replace github.com/ by @
josevalim authored
666 * Added Devise.add_module as hooks for extensions (by @grimen)
667 * Ruby 1.9.1 compatibility (by @grimen)
19f9ecf @josevalim Updating CHANGELOG.
josevalim authored
668
04ce9d1 @josevalim Should accept path prefixes not starting with slash.
josevalim authored
669 * bug fix
670 * Accept path prefix not starting with slash
b4183cb @josevalim Url helpers should rely find_scope!
josevalim authored
671 * url helpers should rely on find_scope!
04ce9d1 @josevalim Should accept path prefixes not starting with slash.
josevalim authored
672
d1dc18c @josevalim Bump to 0.8.2.
josevalim authored
673 == 0.8.2
674
675 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
676 * Allow Devise.mailer_sender to be a proc (by @grimen)
d1dc18c @josevalim Bump to 0.8.2.
josevalim authored
677
6bb1901 @josevalim Add tests for mail with proc.
josevalim authored
678 * bug fix
a1464db @josevalim Replace github.com/ by @
josevalim authored
679 * Fix bug with passenger, update is required to anyone deploying on passenger (by @dvdpalm)
6bb1901 @josevalim Add tests for mail with proc.
josevalim authored
680
5ca178a Devise::Mapping#raw_path considers the relative_url_root to fix issue wi...
David Palm authored
681 == 0.8.1
682
a789f08 @josevalim Cleaning up README to be more compatible with the latest stuff.
josevalim authored
683 * enhancements
35838b0 @josevalim Ensure bcrypt works and move salt generation to encryptors (needed for b...
josevalim authored
684 * Move salt to encryptors
9c4ddc6 @mhfs - Maximum attempts changed from 5 to 20
mhfs authored
685 * Devise::Lockable
f4b438b @mhfs adding links refactory to changelog
mhfs authored
686 * Moved view links into partial and I18n'ed them
35838b0 @josevalim Ensure bcrypt works and move salt generation to encryptors (needed for b...
josevalim authored
687
688 * bug fix
689 * Bcrypt generator was not being loaded neither setting the proper salt
690
691 == 0.8.0
692
693 * enhancements
a789f08 @josevalim Cleaning up README to be more compatible with the latest stuff.
josevalim authored
694 * Warden 0.8.0 compatibility
99694fd @josevalim Updated CHANGELOG.
josevalim authored
695 * Add an easy for map.connect "sign_in", :controller => "sessions", :action => "new" to work
a1464db @josevalim Replace github.com/ by @
josevalim authored
696 * Added :bcrypt encryptor (by @capotej)
a789f08 @josevalim Cleaning up README to be more compatible with the latest stuff.
josevalim authored
697
d00c313 @josevalim Bump to 0.8.0
josevalim authored
698 * bug fix
699 * sign_in_count is also increased when user signs in via password change, confirmation, etc..
a1464db @josevalim Replace github.com/ by @
josevalim authored
700 * More DataMapper compatibility (by @lancecarlson)
d00c313 @josevalim Bump to 0.8.0
josevalim authored
701
a789f08 @josevalim Cleaning up README to be more compatible with the latest stuff.
josevalim authored
702 * deprecation
703 * Removed DeviseMailer.sender
704
7c67388 @josevalim Release new version.
josevalim authored
705 == 0.7.5
706
707 * enhancements
708 * Set a default value for mailer to avoid find_template issues
709 * Add models configuration to MongoMapper::EmbeddedDocument as well
710
711 == 0.7.4
712
e1c2e45 @josevalim Extract Activatable from Confirmable, so if you need to active your acco...
josevalim authored
713 * enhancements
714 * Extract Activatable from Confirmable
715 * Decouple Serializers from Devise modules
716
490b20a @josevalim Release Devise 0.7.3.
josevalim authored
717 == 0.7.3
718
4363009 @josevalim Send :scope to the proper validation.
josevalim authored
719 * bug fix
720 * Give scope to the proper model validation
721
b842a72 @josevalim Do not care blank passwords on update
josevalim authored
722 * enhancements
0a5ba20 @josevalim Mail views a scoped as well.
josevalim authored
723 * Mail views are scoped as well
801722d @carlosantoniodasilva Updating changelog
carlosantoniodasilva authored
724 * Added update_with_password for authenticatable
01ca3e5 @josevalim Update CHANGELOG
josevalim authored
725 * Allow render_with_scope to accept :controller option
b842a72 @josevalim Do not care blank passwords on update
josevalim authored
726
f56323e @josevalim Release 0.7.2
josevalim authored
727 == 0.7.2
728
cdd3551 @josevalim Make locale part of the installation process.
josevalim authored
729 * deprecation
730 * Renamed reset_confirmation! to resend_confirmation!
731 * Copying locale is part of the installation process
732
b04241d @josevalim Allow to sign in with two different users in the same functional test wi...
josevalim authored
733 * bug fix
734 * Fixed render_with_scope to work with all controllers
735 * Allow sign in with two different users in Devise::TestHelpers
736
3de34c3 @josevalim More tweaks for plugin compatibility.
josevalim authored
737 == 0.7.1
738
739 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
740 * Small enhancements for other plugins compatibility (by @grimen)
3de34c3 @josevalim More tweaks for plugin compatibility.
josevalim authored
741
e51e19c @josevalim Remove deprecation warning, extract SessionSerializer and release new ve...
josevalim authored
742 == 0.7.0
743
744 * deprecations
745 * :authenticatable is not included by default anymore
746
747 * enhancements
748 * Improve loading process
749 * Extract SessionSerializer from Authenticatable
750
96f3c53 @josevalim Add trackable to migrations and release new version.
josevalim authored
751 == 0.6.3
752
753 * bug fix
754 * Added trackable to migrations
2d77273 @josevalim Allow Inflections to work.
josevalim authored
755 * Allow inflections to work
96f3c53 @josevalim Add trackable to migrations and release new version.
josevalim authored
756
41ee687 @josevalim Release Devise 0.6.2.
josevalim authored
757 == 0.6.2
758
0434d72 @josevalim Update TODO, CHANGELOG and README.
josevalim authored
759 * enhancements
41ee687 @josevalim Release Devise 0.6.2.
josevalim authored
760 * More DataMapper compatibility
0434d72 @josevalim Update TODO, CHANGELOG and README.
josevalim authored
761 * Devise::Trackable - track sign in count, timestamps and ips
762
15ba859 @carlosantoniodasilva Releasing Devise 0.6.1
carlosantoniodasilva authored
763 == 0.6.1
764
f1ed635 @carlosantoniodasilva Updating README, TODO and CHANGELOG
carlosantoniodasilva authored
765 * enhancements
766 * Devise::Timeoutable - timeout sessions without activity
15ba859 @carlosantoniodasilva Releasing Devise 0.6.1
carlosantoniodasilva authored
767 * DataMapper now accepts conditions
f1ed635 @carlosantoniodasilva Updating README, TODO and CHANGELOG
carlosantoniodasilva authored
768
39cf987 @josevalim Do not include :authenticatable by default (deprecation warning added) a...
josevalim authored
769 == 0.6.0
770
771 * deprecations
e51e19c @josevalim Remove deprecation warning, extract SessionSerializer and release new ve...
josevalim authored
772 * :authenticatable is still included by default, but yields a deprecation warning
39cf987 @josevalim Do not include :authenticatable by default (deprecation warning added) a...
josevalim authored
773
3efc0ec @josevalim Do not rely on attribute? methods since they are not available in Datama...
josevalim authored
774 * enhancements
fddf95f @josevalim More improvements in DataMapper support front.
josevalim authored
775 * Added DataMapper support
f3d5c1a @josevalim Allow a strategy to be added after authenticatable one and move store_lo...
josevalim authored
776 * Remove store_location from authenticatable strategy and add it to failure app
777 * Allow a strategy to be placed after authenticatable
3efc0ec @josevalim Do not rely on attribute? methods since they are not available in Datama...
josevalim authored
778 * [#45] Do not rely attribute? methods, since they are not added on Datamapper
779
2f759f8 @josevalim Release Devise 0.5.6.
josevalim authored
780 == 0.5.6
781
d504924 @josevalim Do not send nil to build (Datamapper compability)
josevalim authored
782 * enhancements
783 * [#42] Do not send nil to build (DataMapper compatibility)
415bcdc @josevalim Added scoped views support. Just turn it on in your Devise.setup.
josevalim authored
784 * [#44] Allow to have scoped views
d504924 @josevalim Do not send nil to build (Datamapper compability)
josevalim authored
785
eb33523 @josevalim Release Devise 0.5.5 bringing back Ruby 1.8.6 compatibility.
josevalim authored
786 == 0.5.5
787
788 * enhancements
789 * Allow overwriting find for authentication method
790 * [#38] Remove Ruby 1.8.7 dependency
791
ab81bc3 @josevalim Release Devise 0.5.4.
josevalim authored
792 == 0.5.4
793
1a8dc7f @josevalim Allow default scope to beconfigured.
josevalim authored
794 * deprecations
795 * Deprecate :singular in devise_for and use :scope instead
796
d445b4b @josevalim Create after_sign_in_path_for and after_sign_out_path_for hooks and sign...
josevalim authored
797 * enhancements
798 * [#37] Create after_sign_in_path_for and after_sign_out_path_for hooks to be
799 overwriten in ApplicationController
800 * Create sign_in_and_redirect and sign_out_and_redirect helpers
1a8dc7f @josevalim Allow default scope to beconfigured.
josevalim authored
801 * Warden::Manager.default_scope is automatically configured to the first given scope
d445b4b @josevalim Create after_sign_in_path_for and after_sign_out_path_for hooks and sign...
josevalim authored
802
e20d89f @josevalim Update CHANGELOG and re-release 0.5.3.
josevalim authored
803 == 0.5.3
804
4c81eca @josevalim Mongomapper ORM now converts DateTime to Time.
josevalim authored
805 * bug fix
806 * MongoMapper now converts DateTime to Time
e20d89f @josevalim Update CHANGELOG and re-release 0.5.3.
josevalim authored
807 * Ensure all controllers are unloadable
4c81eca @josevalim Mongomapper ORM now converts DateTime to Time.
josevalim authored
808
680cb0f @josevalim Added Devise.all to freeze your app strategies and moved friendly_token ...
josevalim authored
809 * enhancements
810 * [#35] Moved friendly_token to Devise
811 * Added Devise.all, so you can freeze your app strategies
4c81eca @josevalim Mongomapper ORM now converts DateTime to Time.
josevalim authored
812 * Added Devise.apply_schema, so you can turn it to false in Datamapper or MongoMapper
813 in cases you don't want it be handlded automatically
680cb0f @josevalim Added Devise.all to freeze your app strategies and moved friendly_token ...
josevalim authored
814
209d598 @josevalim Release Devise 0.5.2.
josevalim authored
815 == 0.5.2
816
05fc571 @josevalim Added a couple of helpers to help sign up and delete account tasks.
josevalim authored
817 * enhancements
818 * [#28] Improved sign_in and sign_out helpers to accepts resources
819 * [#28] Added stored_location_for as a helper
97a7f0e @josevalim Added test helpers.
josevalim authored
820 * [#20] Added test helpers
05fc571 @josevalim Added a couple of helpers to help sign up and delete account tasks.
josevalim authored
821
3805bf2 @josevalim Update Warden version to 0.6.0 and release 0.5.1
josevalim authored
822 == 0.5.1
823
b70b293 @josevalim Add authentication_keys.
josevalim authored
824 * enhancements
97a7f0e @josevalim Added test helpers.
josevalim authored
825 * Added serializers based on Warden ones
826 * Allow authentication keys to be set
b70b293 @josevalim Add authentication_keys.
josevalim authored
827
1c8c0a4 @josevalim Release Devise 0.5.0 with Encryptors, MongoMapper support and Remember m...
josevalim authored
828 == 0.5.0
829
8775f5d @josevalim Tidy up MongoMapper and Schema.
josevalim authored
830 * bug fix
831 * Fixed a bug where remember me module was not working properly
832
51f6333 @mhfs merged with changes introduced in 0.4.3
mhfs authored
833 * enhancements
a1464db @josevalim Replace github.com/ by @
josevalim authored
834 * Moved encryption strategy into the Encryptors module to allow several algorithms (by @mhfs)
835 * Implemented encryptors for Clearance, Authlogic and Restful-Authentication (by @mhfs)
836 * Added support for MongoMapper (by @shingara)
51f6333 @mhfs merged with changes introduced in 0.4.3
mhfs authored
837
e690168 Authentication fail with user cannot be serialized from session [#29]
José Valim authored
838 == 0.4.3
839
840 * bug fix
3805bf2 @josevalim Update Warden version to 0.6.0 and release 0.5.1
josevalim authored
841 * [#29] Authentication just fails if user cannot be serialized from session, without raising errors;
e690168 Authentication fail with user cannot be serialized from session [#29]
José Valim authored
842 * Default configuration values should not overwrite user values;
843
2c33d0e @josevalim Release Devise 0.4.2 with latest fixes.
josevalim authored
844 == 0.4.2
845
0c088a7 Renamed mail_sender to mailer_sender.
José Valim authored
846 * deprecations
847 * Renamed mail_sender to mailer_sender
848
1db50de Skip authentication filters by default on Devise controllers and add dev...
José Valim authored
849 * enhancements
850 * skip_before_filter added in Devise controllers
851 * Use home_or_root_path on require_no_authentication as well
852 * Added devise_controller?, useful to select or reject filters in ApplicationController
e7621af @carlosantoniodasilva Updating changelog and adding example doc.
carlosantoniodasilva authored
853 * Allow :path_prefix to be given to devise_for
05678e7 @josevalim Added support to config.default_url_options.
josevalim authored
854 * Allow default_url_options to be configured through devise (:path_prefix => "/:locale" is now supported)
1db50de Skip authentication filters by default on Devise controllers and add dev...
José Valim authored
855
e5be532 @josevalim Ensure options can be configured even if models were not loaded yet
josevalim authored
856 == 0.4.1
857
858 * bug fix
859 * [#21] Ensure options can be set even if models were not loaded
860
861 == 0.4.0
862
e7f809d @josevalim Do not require ActiveRecord to be loaded to use Devise.
josevalim authored
863 * deprecations
dc86a57 @josevalim [DEPRECATION] Notifier is deprecated, use DeviseMailer instead. Remember...
josevalim authored
864 * Notifier is deprecated, use DeviseMailer instead. Remember to rename
865 app/views/notifier to app/views/devise_mailer and I18n key from
866 devise.notifier to devise.mailer
c1d2796 @josevalim Release Devise 0.4.0. ATTENTION: this release contains some backwards in...
josevalim authored
867 * :authenticable calls are deprecated, use :authenticatable instead
e7f809d @josevalim Do not require ActiveRecord to be loaded to use Devise.
josevalim authored
868
c1d2796 @josevalim Release Devise 0.4.0. ATTENTION: this release contains some backwards in...
josevalim authored
869 * enhancements
e5be532 @josevalim Ensure options can be configured even if models were not loaded yet
josevalim authored
870 * [#16] Allow devise to be more agnostic and do not require ActiveRecord to be loaded
8882727 @josevalim Created a generator that copies an initializer with configuration values...
josevalim authored
871 * Allow Warden::Manager to be configured through Devise
872 * Created a generator which creates an initializer
dc86a57 @josevalim [DEPRECATION] Notifier is deprecated, use DeviseMailer instead. Remember...
josevalim authored
873
e7f809d @josevalim Do not require ActiveRecord to be loaded to use Devise.
josevalim authored
874 == 0.3.0
875
9d56aa9 @josevalim Allow yml messages to be configured by not using engine locales, which, ...
josevalim authored
876 * bug fix
877 * [#15] Allow yml messages to be configured by not using engine locales
878
3209e7d @josevalim Renamed confirm_in to confirm_within.
josevalim authored
879 * deprecations
880 * Renamed confirm_in to confirm_within
8c1bab4 @josevalim Do not send confirmation e-mail when e-mail changes.
josevalim authored
881 * [#14] Do not send confirmation messages when user changes his e-mail
b28d7e8 @josevalim Renamed authenticable to authenticatable and added deprecation warnings.
josevalim authored
882 * [#13] Renamed authenticable to authenticatable and added deprecation warnings
3209e7d @josevalim Renamed confirm_in to confirm_within.
josevalim authored
883
04b0622 @josevalim Release Devise 0.2.3
josevalim authored
884 == 0.2.3
885
5172d50 @josevalim Ensure fail! works inside strategies, create unauthenticated and invalid...
josevalim authored
886 * enhancements
887 * Ensure fail! works inside strategies
04b0622 @josevalim Release Devise 0.2.3
josevalim authored
888 * [#12] Make unauthenticated message (when you haven't signed in) different from invalid message
5172d50 @josevalim Ensure fail! works inside strategies, create unauthenticated and invalid...
josevalim authored
889
890 * bug fix
891 * Do not redirect on invalid authenticate
eb4437a @josevalim Allow model configuration to be set to nil.
josevalim authored
892 * Allow model configuration to be set to nil
5172d50 @josevalim Ensure fail! works inside strategies, create unauthenticated and invalid...
josevalim authored
893
2cc07d0 @josevalim Release 0.2.2
josevalim authored
894 == 0.2.2
895
896 * bug fix
897 * [#9] Fix a bug when using customized resources
898
d613c25 @josevalim Updated CHANGELOG and released Devise 0.2.1.
josevalim authored
899 == 0.2.1
900
901 * refactor
902 * Clean devise_views generator to use devise existing views
903
904 * enhancements
905 * [#7] Create instance variables (like @user) for each devise controller
906 * Use Devise::Controller::Helpers only internally
907
908 * bug fix
909 * [#6] Fix a bug with Mongrel and Ruby 1.8.6
910
8c49906 @carlosantoniodasilva Updating CHANGELOG with new 0.2.0 version
carlosantoniodasilva authored
911 == 0.2.0
d1305d4 @carlosantoniodasilva Fix requiring devise strategies and adding CHANGELOG
carlosantoniodasilva authored
912
385dba5 @carlosantoniodasilva Adding simple devise generator to create a model, migration and route.
carlosantoniodasilva authored
913 * enhancements
914 * [#4] Allow option :null => true in authenticable migration
915 * [#3] Remove attr_accessible calls from devise modules
916 * Customizable time frame for rememberable with :remember_for config
917 * Customizable time frame for confirmable with :confirm_in config
a239b31 @carlosantoniodasilva Fix typo in README, updating TODO and CHANGELOG
carlosantoniodasilva authored
918 * Generators for creating a resource and copy views
d1305d4 @carlosantoniodasilva Fix requiring devise strategies and adding CHANGELOG
carlosantoniodasilva authored
919
56f6282 @josevalim Update README, CHANGELOG and TODO.
josevalim authored
920 * optimize
921 * Do not load hooks or strategies if they are not used
922
385dba5 @carlosantoniodasilva Adding simple devise generator to create a model, migration and route.
carlosantoniodasilva authored
923 * bug fixes
924 * [#2] Fixed requiring devise strategies
8007210 @carlosantoniodasilva Updating TODO, README and CHANGELOG
carlosantoniodasilva authored
925
d1305d4 @carlosantoniodasilva Fix requiring devise strategies and adding CHANGELOG
carlosantoniodasilva authored
926 == 0.1.1
927
928 * bug fixes
385dba5 @carlosantoniodasilva Adding simple devise generator to create a model, migration and route.
carlosantoniodasilva authored
929 * [#1] Fixed requiring devise mapping
d1305d4 @carlosantoniodasilva Fix requiring devise strategies and adding CHANGELOG
carlosantoniodasilva authored
930
931 == 0.1.0
932
56f6282 @josevalim Update README, CHANGELOG and TODO.
josevalim authored
933 * Devise::Authenticable
934 * Devise::Confirmable
935 * Devise::Recoverable
936 * Devise::Validatable
937 * Devise::Migratable
938 * Devise::Rememberable
939
940 * SessionsController
941 * PasswordsController
942 * ConfirmationsController
943
944 * Create an example app
945 * devise :all, :except => :rememberable
946 * Use sign_in and sign_out in SessionsController
947
948 * Mailer subjects namespaced by model
949 * Allow stretches and pepper per model
950
951 * Store session[:return_to] in session
952 * Sign user in automatically after confirming or changing it's password
Something went wrong with that request. Please try again.