If you want to add a new behavior to your devise controllers but you don't want to override devise's default workflow, just pass a block around resource. This would give you for example, the ability to trigger background jobs after user signs in.
This updates Devise's StrongParameter support to feature: - A Null base sanitizer to support existing Rails 3.x installations that don't want to use StrongParameters yet - A new, simpler API for ParameterSanitizer: #permit, #permit!, and #forbid - Overrideable callbacks on a controller-basis, e.g. #create_sessions_params for passing the current scope's parameters through StrongParameters and a helper method, whitelisted_params, for rolling your own implementations of #create_x_params in your own controllers. - Lots of tests!
This brings support for Rails 4 StrongParameters changes. - Parameter sanitizing is setup for Devise controllers via resource_params except Omniauth Callbacks which doesn't use resource_params. - Change #build_resource to not call resource_params for get requests. Parameter sanitizing is only needed when params are posted to the server so there's no need to try to construct resource params on get requests (new, edit).
In light of recent discussions around mass assignment security and the alternate solution of using the controller to filter params, not the model, a hook/helper is needed to be able to override how the params are filtered before they are used to build the resource.
…verridden in extensions to modify the redirect path
Make all controllers inherit from a single DeviseController
…ny value is stored in it
…reuse the request_format logic from FailureApp.
Signed-off-by: José Valim <firstname.lastname@example.org>
We need to be sure require_no_authentication runs before other user filters that may call some Devise helper (ie current_xxx). Conflicts: app/controllers/devise/passwords_controller.rb app/controllers/devise/registrations_controller.rb app/controllers/devise/sessions_controller.rb app/controllers/devise/unlocks_controller.rb lib/devise/controllers/internal_helpers.rb test/rails_app/app/controllers/application_controller.rb