Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Jun 23, 2012
  1. @mathieul

    Allow to destroy a session using JSON format (or any non navigational…

    mathieul authored
    … format) when Rails flash feature is not enabled (i.e.: when using rails-api).
Commits on Jun 16, 2012
  1. @josevalim
Commits on May 3, 2012
  1. @julianvargasalvarez

    Use 'head :no_content' in sessions_controller#destroy

    julianvargasalvarez authored
    Code cleanup for returning headers instead of an empty string
    when destroying sessions.
    Lines 464 and 471 on test/integration/autenticatable_test.rb
    were adjusted to assert on :no_content
Commits on Mar 21, 2012
  1. @davout

    Ability to use `attr_protected` attributes as sign-in keys without tr…

    davout authored
    …iggering `ActiveModel::MassAssignmentSecurity::Error` when `ActiveRecord::Base.mass_assignment_sanitizer` is set to `:strict`. Fixes #1729.
Commits on Feb 16, 2012
  1. Removing signed_out path workaround

    Rodrigo Flores authored
Commits on Feb 1, 2012
  1. @josevalim
Commits on Jan 2, 2012
  1. @josevalim
  2. @josevalim
  3. @josevalim
  4. @josevalim

    Merge pull request #1188 from sj26/controller-inheritence

    josevalim authored
    Make all controllers inherit from a single DeviseController
Commits on Nov 20, 2011
  1. @josevalim
Commits on Nov 13, 2011
  1. @hinrik

    Allow specifying a resource_return_to for sign out

    hinrik authored
    It was impossible to accomplish this by providing a
    custom #after_sign_out_path_for in ApplicationController because the
    session gets destroyed before it is called. Furthermore,
    resource_return_to is now used by default if it exists, so users won't
    have to provide a custom #after_sign_out_path_for in that case.
Commits on Sep 29, 2011
  1. @josevalim
Commits on Sep 27, 2011
  1. @josevalim
Commits on Sep 22, 2011
  1. @josevalim
Commits on Sep 14, 2011
  1. @josevalim

    Instead of depending on mapping.controller[:session], make it explici…

    josevalim authored
    …t when we allow auth from params.
Commits on Aug 6, 2011
  1. @ches

    Fix optional enforcement of particular authentication keys

    ches authored
    Documentation states that authentication_keys should accept a hash with
    values indicating whether or not each key is required. This was added in
    b2066cc but tests only covered request_keys, and 29afe2d later broke
    it with a << array operator.
Commits on Jun 24, 2011
  1. @sj26
Commits on Apr 19, 2011
  1. @josevalim
Commits on Apr 18, 2011
  1. @josevalim
Commits on Apr 17, 2011
  1. @josevalim
Commits on Apr 15, 2011
  1. @jwilger @josevalim

    Make it possible to unit-test extensions to Devise::SessionsController

    jwilger authored josevalim committed
    This time with tests
Commits on Mar 30, 2011
  1. @josevalim

    Refactor a bit navigational format responses, to not call to_sym and …

    josevalim authored
    …reuse the request_format logic from FailureApp.
  2. @sikachu @josevalim

    Add support for `destory_user_session_path` in another non-navigation…

    sikachu authored josevalim committed
    …al formats such as JSON and XML
    Signed-off-by: José Valim <>
Commits on Dec 25, 2010
  1. @josevalim
  2. @sikachu @josevalim

    Add support for non-navigational format response to SessionsController

    sikachu authored josevalim committed
    This will make Devise::SessionsController return the authenticated object in the requested format instead of redirect the client to another page upon success authentication.
Commits on Oct 10, 2010
  1. @josevalim
Commits on Sep 26, 2010
  1. @josevalim
Commits on Sep 25, 2010
  1. @josevalim
Commits on Jun 24, 2010
  1. @SSDany @josevalim

    simplification (sign_out_everybody => sign_out_all_scopes)

    SSDany authored josevalim committed
  2. @SSDany @josevalim
Commits on Apr 3, 2010
  1. @josevalim

    No need to append ?unauthenticated=true in URLs anymore since Flash w…

    josevalim authored
    …as moved to a middleware in Rails 3.
Commits on Apr 1, 2010
  1. @josevalim

    Move part of the logic in SessionsController#create to the FailureApp…

    josevalim authored
    …. Whenever Warden is invoked with a :recall, the failure app will recall the chosen controller and the action given to recall.
  2. @josevalim
  3. @josevalim
Something went wrong with that request. Please try again.