Permalink
Browse files

Merge and fix conflicts.

  • Loading branch information...
2 parents d2fa737 + c4764c9 commit 32991e13c43bc7f07a18cedbe75e85808368426c @mhfs mhfs committed Jan 9, 2010
Showing with 255 additions and 225 deletions.
  1. +28 −0 CHANGELOG.rdoc
  2. +23 −33 README.rdoc
  3. +1 −1 Rakefile
  4. +1 −12 app/models/devise_mailer.rb
  5. +0 −7 generators/devise/devise_generator.rb
  6. +0 −22 generators/devise/templates/README
  7. +2 −0 generators/devise_install/devise_install_generator.rb
  8. +18 −0 generators/devise_install/templates/README
  9. +17 −7 generators/devise_install/templates/devise.rb
  10. +25 −16 lib/devise.rb
  11. +5 −1 lib/devise/controllers/helpers.rb
  12. +1 −8 lib/devise/encryptors/authlogic_sha512.rb
  13. +20 −0 lib/devise/encryptors/base.rb
  14. +21 −0 lib/devise/encryptors/bcrypt.rb
  15. +1 −8 lib/devise/encryptors/clearance_sha1.rb
  16. +1 −8 lib/devise/encryptors/restful_authentication_sha1.rb
  17. +1 −8 lib/devise/encryptors/sha1.rb
  18. +1 −8 lib/devise/encryptors/sha512.rb
  19. +1 −1 lib/devise/hooks/trackable.rb
  20. +1 −1 lib/devise/mapping.rb
  21. +1 −1 lib/devise/models/authenticatable.rb
  22. +0 −1 lib/devise/models/timeoutable.rb
  23. +28 −12 lib/devise/orm/data_mapper.rb
  24. +2 −2 lib/devise/rails.rb
  25. +1 −1 lib/devise/rails/routes.rb
  26. +4 −4 lib/devise/test_helpers.rb
  27. +1 −1 lib/devise/version.rb
  28. +10 −50 test/devise_test.rb
  29. +3 −2 test/encryptors_test.rb
  30. +20 −6 test/integration/authenticatable_test.rb
  31. +8 −0 test/integration/confirmable_test.rb
  32. +1 −1 test/integration/trackable_test.rb
  33. +1 −1 test/mailers/confirmation_instructions_test.rb
  34. +1 −1 test/mailers/reset_password_instructions_test.rb
  35. +1 −0 test/rails_app/config/environment.rb
  36. +4 −1 test/rails_app/config/initializers/new_rails_defaults.rb
  37. +1 −0 test/rails_app/config/routes.rb
View
@@ -1,3 +1,31 @@
+* enhancements
+ * Move salt to encryptors
+
+* bug fix
+ * Bcrypt generator was not being loaded neither setting the proper salt
+
+== 0.8.0
+
+* enhancements
+ * Warden 0.8.0 compatibility
+ * Add an easy for map.connect "sign_in", :controller => "sessions", :action => "new" to work
+ * Added :bcrypt encryptor (by github.com/capotej)
+
+* bug fix
+ * sign_in_count is also increased when user signs in via password change, confirmation, etc..
+ * More DataMapper compatibility (by github.com/lancecarlson)
+
+* deprecation
+ * Removed DeviseMailer.sender
+
+== 0.7.5
+
+* enhancements
+ * Set a default value for mailer to avoid find_template issues
+ * Add models configuration to MongoMapper::EmbeddedDocument as well
+
+== 0.7.4
+
* enhancements
* Extract Activatable from Confirmable
* Decouple Serializers from Devise modules
View
@@ -7,23 +7,26 @@ Devise is a flexible authentication solution for Rails based on Warden. It:
* Allows you to have multiple roles (or models/scopes) signed in at the same time;
* Is based on a modularity concept: use just what you really need.
-Right now it's composed of seven mainly modules:
+Right now it's composed of six modules included by default when you invoke "devise :all" in your models:
* Authenticatable: responsible for encrypting password and validating authenticity of a user while signing in.
* Confirmable: responsible for verifying whether an account is already confirmed to sign in, and to send emails with confirmation instructions.
* Recoverable: takes care of reseting the user password and send reset instructions.
* Rememberable: manages generating and clearing token for remember the user from a saved cookie.
-* Activatable: if you need to activate accounts by other means, which are not through confirmation, use this module.
-* Timeoutable: expires sessions without activity in a certain period of time.
* Trackable: tracks sign in count, timestamps and ip.
* Validatable: creates all needed validations for email and password. It's totally optional, so you're able to to customize validations by yourself.
+
+And it also includes the optional modules:
+
+* Activatable: if you need to activate accounts by other means, which are not through confirmation, use this module.
+* Timeoutable: expires sessions without activity in a certain period of time.
* Lockable: takes care of locking an account based on the number of failed sign in attempts. Handles unlock via expire and email.
There's an example application using Devise at http://github.com/plataformatec/devise_example .
== Dependencies
-Devise is based on Warden (http://github.com/hassox/warden), a Rack Authentication Framework so you need to install it as a gem. Please ensure you have it installed in order to use devise (see instalation below).
+Devise is based on Warden (http://github.com/hassox/warden), a Rack Authentication Framework so you need to install it as a gem. Please ensure you have it installed in order to use devise (see installation below).
== Installation
@@ -48,13 +51,13 @@ Run the generator:
ruby script/generate devise_install
-And you're ready to go.
+And you're ready to go. The generator will install an initializer which describes Devise's configuration options. Be sure to take a look.
== Basic Usage
This is a walkthrough with all steps you need to setup a devise resource, including model, migration, route files, and optional configuration. You can also check out the *Generators* section below to help you start.
-Devise must be set up within the model (or models) you want to use, and devise routes must be created inside your routes.rb file.
+Devise must be set up within the model (or models) you want to use, and devise routes must be created inside your config/routes.rb file.
We're assuming here you want a User model. First of all you have to setup a migration with the following fields:
@@ -63,6 +66,7 @@ We're assuming here you want a User model. First of all you have to setup a migr
t.confirmable
t.recoverable
t.rememberable
+ t.trackable
t.lockable
t.timestamps
end
@@ -74,35 +78,21 @@ You may also want to add some indexes to improve performance:
add_index :your_table, :reset_password_token # for recoverable
add_index :your_table, :unlock_token # for lockable
-Now let's setup a User model adding the devise line to have your authentication working:
+Now let's setup a User model adding the devise line:
class User < ActiveRecord::Base
- devise :authenticatable
+ devise :all
end
-This line adds devise authenticatable inside your User class. Devise don't rely on _attr_accessible_ or _attr_protected_ inside its modules, so be sure to setup what attributes are accessible or protected in your model.
-
-You could also include the other devise modules as below:
-
- # Include only authenticatable stuff
- devise :authenticatable
-
- # Include authenticatable + confirmable
- devise :authenticatable, :confirmable
-
- # Include authenticatable + recoverable + rememberable
- devise :authenticatable, :recoverable, :rememberable
-
- # Include authenticatable + timeoutable
- devise :authenticatable, :timeoutable
+This will include the six default modules outlined at the beginning. You can exclude and remove any module at will:
- # Include all of them
- devise :all
+ # Include timeout configuration
+ devise :all, :timeoutable
- # Include all except recoverable
- devise :all, :except => :recoverable
+ # Remove validations
+ devise :all, :except => :validatable
-Note that validations aren't added by default, so you're able to customize it. In order to have automatic validations working just include :validatable.
+Remember that Devise don't rely on _attr_accessible_ or _attr_protected_ inside its modules, so be sure to setup what attributes are accessible or protected in your model.
== Model configuration
@@ -148,26 +138,26 @@ After signing in a user, confirming it's account or updating it's password, devi
You can also overwrite after_sign_in_path_for and after_sign_out_path_for to customize better your redirect hooks.
-Finally, if you are using confirmable or recoverable, you also need to setup default url options for the mailer. Here's is the configuration for development:
+Finally, if you are using confirmable or recoverable, you also need to setup default url options for the mailer in each environment. Here's is the configuration for config/environments/development.rb:
- DeviseMailer.sender = "no-reply@yourapp.com"
config.action_mailer.default_url_options = { :host => 'localhost:3000' }
== Views
-By default devise will use the same views for all scopes/roles you have. But what if you need so different views to each of them? Devise also has an easy way to accomplish it: just setup :scoped_views to true inside your devise config file, and you will be able to have views based on scope like 'sessions/users/new' and 'sessions/admin/new'. If no view is found within the scope, Devise will fallback to the default view.
+By default devise will use the same views for all scopes/roles you have. But what if you need so different views to each of them? Devise also has an easy way to accomplish it: just setup config,scoped_views to true inside your devise config file, and you will be able to have views based on scope like 'sessions/users/new' and 'sessions/admin/new'. If no view is found within the scope, Devise will fallback to the default view.
== Tidying up
-Devise let's you setup as many roles as you want, so let's say you already have this User model and also want an Admin model with the same authentication stuff, but not confirmation or password recovery. Just follow the same steps:
+Devise let's you setup as many roles as you want, so let's say you already have this User model and also want an Admin model with just authentication, trackable and timeoutable stuff and none of confirmation or password recovery. Just follow the same steps:
# Create a migration with the required fields
create_table :admins do |t|
t.authenticatable
+ t.trackable
end
# Inside your Admin model
- devise :authenticatable, :validatable
+ devise :authenticatable, :trackable, :timeoutable
# Inside your routes
map.devise_for :admin
View
@@ -44,7 +44,7 @@ begin
s.description = "Flexible authentication solution for Rails with Warden"
s.authors = ['José Valim', 'Carlos Antônio']
s.files = FileList["[A-Z]*", "{app,config,generators,lib}/**/*", "init.rb"]
- s.add_dependency("warden", "~> 0.6.4")
+ s.add_dependency("warden", "~> 0.8.1")
end
Jeweler::GemcutterTasks.new
@@ -1,16 +1,5 @@
class DeviseMailer < ::ActionMailer::Base
- # Sets who is sending the e-mail
- def self.sender=(value)
- @@sender = value
- end
-
- # Reads who is sending the e-mail
- def self.sender
- @@sender
- end
- self.sender = nil
-
# Deliver confirmation instructions when the user is created or its email is
# updated, and also when confirmation is manually requested
def confirmation_instructions(record)
@@ -34,7 +23,7 @@ def setup_mail(record, key)
raise "Invalid devise resource #{record}" unless mapping
subject translate(mapping, key)
- from self.class.sender
+ from Devise.mailer_sender
recipients record.email
sent_on Time.now
content_type 'text/html'
@@ -4,18 +4,11 @@ class DeviseGenerator < Rails::Generator::NamedBase
def manifest
record do |m|
- # Model
m.directory(File.join('app', 'models', class_path))
m.template 'model.rb', File.join('app', 'models', "#{file_path}.rb")
- # Migration
m.migration_template 'migration.rb', 'db/migrate', :migration_file_name => "devise_create_#{table_name}"
-
- # Routing
m.route_devise table_name
-
- # Readme
- m.readme "README"
end
end
@@ -1,22 +0,0 @@
-
-================================================================================
-
-Some setup you must do manually if you haven't yet:
-
-1. Setup defaut url options for your specific environment. Here is an example of development environment:
-
- config.action_mailer.default_url_options = { :host => 'localhost:3000' }
-
-It's a Rails required configuration. In production it must be the actual host your application is deployed to.
-
-2. Setup default sender for mails. In config/environment.rb:
-
- DeviseMailer.sender = "test@example.com"
-
-You can also configure this value by running script/generate devise_install and setting config.mailer_sender,
-
-3. Ensure you have defined root_url to *something* in your config/routes.rb:
-
- map.root :controller => 'home'
-
-================================================================================
@@ -7,6 +7,8 @@ def manifest
m.directory "config/locales"
m.file "../../../lib/devise/locales/en.yml", "config/locales/devise.en.yml"
+
+ m.readme "README"
end
end
@@ -0,0 +1,18 @@
+
+===============================================================================
+
+Some setup you must do manually if you haven't yet:
+
+ 1. Setup default url options for your specific environment. Here is an
+ example of development environment:
+
+ config.action_mailer.default_url_options = { :host => 'localhost:3000' }
+
+ This is a required Rails configuration. In production is must be the
+ actual host of your application
+
+ 2. Ensure you have defined root_url to *something* in your config/routes.rb:
+
+ map.root :controller => 'home'
+
+===============================================================================
@@ -10,6 +10,9 @@
# to check the docs for a complete set.
config.all = [:authenticatable, :confirmable, :recoverable, :rememberable, :trackable, :validatable, :lockable]
+ # Configure the e-mail address which will be shown in DeviseMailer.
+ config.mailer_sender = "please-change-me@config-initializers-devise.com"
+
# Invoke `rake secret` and use the printed value to setup a pepper to generate
# the encrypted password. By default no pepper is used.
# config.pepper = "rake secret output"
@@ -18,10 +21,10 @@
# config.stretches = 10
# Define which will be the encryption algorithm. Supported algorithms are :sha1
- # (default) and :sha512. Devise also supports encryptors from others authentication
- # frameworks as :clearance_sha1, :authlogic_sha512 (then you should set stretches
- # above to 20 for default behavior) and :restful_authentication_sha1 (then you
- # should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
+ # (default), :sha512 and :bcrypt. Devise also supports encryptors from others
+ # authentication tools as :clearance_sha1, :authlogic_sha512 (then you should set
+ # stretches above to 20 for default behavior) and :restful_authentication_sha1
+ # (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
# config.encryptor = :sha1
# Configure which keys are used when authenticating an user. By default is
@@ -42,9 +45,6 @@
# time the user will be asked for credentials again.
# config.timeout_in = 10.minutes
- # Configure the e-mail address which will be shown in DeviseMailer.
- # config.mailer_sender = "foo.bar@yourapp.com"
-
# Load and configure the ORM. Supports :active_record, :data_mapper and :mongo_mapper.
# require 'devise/orm/mongo_mapper'
# config.orm = :mongo_mapper
@@ -66,6 +66,16 @@
# Time interval to unlock the account if :time is enabled as unlock_strategy.
# config.unlock_in = 1.hour
+ # By default, devise detects the role accessed based on the url. So whenever
+ # accessing "/users/sign_in", it knows you are accessing an User. This makes
+ # routes as "/sign_in" not possible, unless you tell Devise to use the default
+ # scope, setting true below.
+ # config.use_default_scope = true
+
+ # Configure the default scope used by Devise. By default it's the first devise
+ # role declared in your routes.
+ # config.default_scope = :user
+
# If you want to use other strategies, that are not (yet) supported by Devise,
# you can configure them inside the config.warden block. The example below
# allows you to setup OAuth, using http://github.com/roman/warden_oauth
Oops, something went wrong.

0 comments on commit 32991e1

Please sign in to comment.