Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Oct 10, 2011
  1. @croaky

    improving the README's documentation. all overrides should now be doc…

    croaky authored
    …umented clearly, with links to the engine's codebase for further exploration.
Commits on Sep 11, 2011
  1. @vandrijevik
  2. @vandrijevik

    Extract SHA1-related code to a Password Strategy.

    vandrijevik authored
    * Separates responsibility of password encryption
      from the User module into a PasswordStrategy
    * Makes password encryption on-demand instead of
      happening in ActiveRecord callbacks
Commits on Jun 14, 2011
  1. @sikachu @croaky

    Fix compatibility issue with Ruby 1.9

    sikachu authored croaky committed
    It turned out that Digest::SHA1 and SecureRandom.hex returns a US-ASCII string. We should cast it to UTF-8 to avoid problem with Sqlite3
Commits on Jun 9, 2011
  1. @croaky

    getting rid of a rails 3.1 warning regarding ActiveSupport::SecureRan…

    croaky authored
    …dom (now just SecureRandom)
Commits on Apr 30, 2011
  1. @croaky

    Removing :case_sensitive option from validates_uniqueness_of. It was …

    croaky authored
    …unnecessary and causes a small performance problem on some apps. Resolves #148
Commits on Apr 19, 2011
  1. @croaky
  2. @croaky
  3. @croaky

    remove password confirmation

    croaky authored
Commits on Apr 16, 2011
  1. @croaky

    when user tries to sign in with uppercase email, clearance allows it …

    croaky authored
    …because it will force downcasing
  2. @acconrad @croaky

    forced email to be downcase.

    acconrad authored croaky committed
Commits on Apr 14, 2011
  1. @janxious
Commits on Feb 13, 2011
  1. @croaky

    [#74] When Clearance is installed in an app that already has users,

    Dan Croak and Joe Ferris authored croaky committed
    allow old users to sign in by reseting their password. This initializes
    their salt, generates a remember token, and encrypts their password for
    the first time.
Commits on Dec 22, 2010
  1. Remove email confirmations

    Mike Burns and Harold Giménez authored Harold Giménez committed
Commits on Dec 21, 2010
  1. @RobertStevenson @mike-burns
Commits on Jun 10, 2010
  1. @joshuaclayton
Commits on Jun 1, 2010
  1. @hardbap @croaky
Commits on Apr 16, 2010
  1. @mike-burns
Commits on Feb 21, 2010
  1. @croaky

    rolling back change. doesn't fully cover edge case reported, opens up…

    croaky authored
    … a security hole for people who forget to use attr_accessible, can be handled by a rake task
  2. @croaky
Commits on Feb 17, 2010
  1. @croaky
  2. @jferris
Commits on Feb 16, 2010
  1. @rmm5t

    Added randomness to token and salt generation

    rmm5t authored
    * Improved and fixed test case that ensures different remember tokens for users created at the same time with the same password.
    * With remember_token generation occuring at creation now, the old test case was no longer valid.
  2. @rmm5t

    Reset the remember_token on sign out instead of sign in

    rmm5t authored
    * Allows for the same user to sign in from two locations at once
    * Added support for setting User#remember_token on creation
    * Addresses this thread:
  3. @rmm5t

    Removed User#initialize_confirmation_token from before_save; added #g…

    rmm5t authored
    …enerate_confirmation_token to before_create
  4. @rmm5t
Commits on Jan 19, 2010
  1. @croaky

    removing attr_accessible from Clearance::User.

    croaky authored
    this does not belong in an authentication library.
    the application developer should decide whether they want to use
Commits on Nov 13, 2009
Commits on Oct 21, 2009
  1. Fix for potential remember me token collisions

    Joe Ferris authored
Commits on Sep 29, 2009
  1. @croaky

    improving documentation

    croaky authored
Commits on Aug 31, 2009
  1. Removed unnecessary remember_token_expires_at column and the remember…

    Daniel Croak authored
    …? and forget_me! user instance methods
  2. splitting token/token_expires_at into confirmation_token, remember_to…

    Daniel Croak authored
    …ken, & remember_token_expires_at
Commits on Aug 21, 2009
  1. always remember me for a year when i sign in.

    Daniel Croak authored
Commits on Aug 10, 2009
  1. @croaky
  2. @croaky
Something went wrong with that request. Please try again.