Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Feb 13, 2011
  1. @croaky

    [#74] When Clearance is installed in an app that already has users,

    Dan Croak and Joe Ferris authored croaky committed
    allow old users to sign in by reseting their password. This initializes
    their salt, generates a remember token, and encrypts their password for
    the first time.
Commits on Dec 22, 2010
  1. Remove email confirmations

    Mike Burns and Harold Giménez authored Harold Giménez committed
Commits on Dec 21, 2010
  1. @RobertStevenson @mike-burns
Commits on Jun 10, 2010
  1. @joshuaclayton
Commits on Jun 1, 2010
  1. @hardbap @croaky
Commits on Apr 16, 2010
  1. @mike-burns
Commits on Feb 21, 2010
  1. @croaky

    rolling back change. doesn't fully cover edge case reported, opens up…

    croaky authored
    … a security hole for people who forget to use attr_accessible, can be handled by a rake task
  2. @croaky
Commits on Feb 17, 2010
  1. @croaky
  2. @jferris
Commits on Feb 16, 2010
  1. @rmm5t

    Added randomness to token and salt generation

    rmm5t authored
    * Improved and fixed test case that ensures different remember tokens for users created at the same time with the same password.
    * With remember_token generation occuring at creation now, the old test case was no longer valid.
  2. @rmm5t

    Reset the remember_token on sign out instead of sign in

    rmm5t authored
    * Allows for the same user to sign in from two locations at once
    * Added support for setting User#remember_token on creation
    * Addresses this thread:
  3. @rmm5t

    Removed User#initialize_confirmation_token from before_save; added #g…

    rmm5t authored
    …enerate_confirmation_token to before_create
  4. @rmm5t
Commits on Jan 19, 2010
  1. @croaky

    removing attr_accessible from Clearance::User.

    croaky authored
    this does not belong in an authentication library.
    the application developer should decide whether they want to use
Commits on Nov 13, 2009
Commits on Oct 21, 2009
  1. Fix for potential remember me token collisions

    Joe Ferris authored
Commits on Sep 29, 2009
  1. @croaky

    improving documentation

    croaky authored
Commits on Aug 31, 2009
  1. Removed unnecessary remember_token_expires_at column and the remember…

    Daniel Croak authored
    …? and forget_me! user instance methods
  2. splitting token/token_expires_at into confirmation_token, remember_to…

    Daniel Croak authored
    …ken, & remember_token_expires_at
Commits on Aug 21, 2009
  1. always remember me for a year when i sign in.

    Daniel Croak authored
Commits on Aug 10, 2009
  1. @croaky
  2. @croaky
Commits on May 18, 2009
  1. @croaky

    refactoring User so that apps can choose to not use Clearance's valid…

    croaky authored
    …ations & not have to copy over attr_accessor, attr_accessible, & callbacks.
Commits on May 12, 2009
  1. @croaky
Commits on Mar 26, 2009
  1. @jferris
Something went wrong with that request. Please try again.