Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Mar 26, 2013
  1. @croaky

    Bump to 1.0.0.rc7

    croaky authored
  2. @localhots @croaky

    Add `redirect_url` config option

    localhots authored croaky committed
    * Clarify in README that the config example shows the default values.
    * Wrap long line at 80 characters.
    * Move `redirect_to_root` from `lib/clearance/authorization.rb` to where
      it is used, in `app/controllers/clearance/sessions_controller.rb`, and
      better reveal its intent by re-naming it to `avoid_sign_in`.
    * Re-set `config.secure_cookie` to its original value in an `after`
      block in a test to teardown and avoid leakage across tests.
    * Use `_url` suffix in config name to match [RFC 2616 spec, section 14.
      14.30](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30),
      which states the Location response-header field should use an absolute
      URI for 3xx responses.
    * The default value for `redirect_url` is the string path `'/'` as a
      previous compromise to make it less likely users will run into an
      issue if they don't want to define a root route. The string value avoids
      potentially confusing `NoMethodError: undefined method 'root_url'`
      errors.
    
    #281
  3. @mackuba @croaky

    Add option to make `remember_token` cookie secure

    mackuba authored croaky committed
    This is important if you have an app running on HTTPS, otherwise the
    auth cookie is leaked when you visit a HTTP URL and can be intercepted.
    
    Read more:
    
    * http://blog.teamtreehouse.com/how-to-create-totally-secure-cookies
    * http://guides.rubyonrails.org/action_controller_overview.html
    
    Also:
    
    * Fix documentation of `Clearance::Backdoor` (was missing namespace).
Commits on Mar 17, 2013
  1. @croaky

    Bump to 1.0.0.rc6

    croaky authored
Commits on Mar 11, 2013
  1. @croaky

    Split Clearance::{Authentication,Authorization}

    croaky authored
    There has been confusion about the `authorize` method residing in the
    `Authentication` module:
    
    * The `authorize` method performs authorization - it denies access to
      unauthenticated users.
    * It is assumed that controllers would override `authorize` for
      controllers that require specific authentication.
    * It's sort of strange that `Clearance::Authentication` contains a bunch
      of authorization logic.
    
    So, we:
    
    * Split `Clearance::Controller` into `Clearance::Authentication` and
      `Clearance::Authorization`, both of which get mixed into
      `Clearance::Controller`.
    * Mix `Clearance::Controller` into `ApplicationController` in the install
      generator.
    
    Read more:
    
    #268
    #257
  2. @croaky

    Add Gemnasium dependency status to README

    Arsen Gasparyan authored croaky committed
Commits on Mar 3, 2013
  1. @croaky

    Update documentation

    Nick Slocum authored croaky committed
    Use more recent gem version that includes the integration tests
    generator.
Commits on Feb 25, 2013
  1. @croaky

    Fix broken links in README

    croaky authored
    * GitHub changed how links work in Markdown files:
      https://github.com/blog/1395-relative-links-in-markup-files
    * Link to i18n translations in README so it is clear what the key
      hierarchy is that can be overriden.
    * Break long lines after 80 characters.
    * Order lists alphabetically.
Commits on Jan 18, 2013
  1. @amrit @croaky

    Strip whitespace from User#email

    amrit authored croaky committed
    * Rename downcase_email to normalize_email.
Commits on Jan 4, 2013
  1. @mjankowski
Commits on Oct 16, 2012
  1. @gabebw

    Grammar

    gabebw authored
  2. @harlow

    Generators for RSpec integration suite

    harlow authored
    + Feature to check migrations after clearance:install
    + Create generator for intalling rspec specs
    + Updated readme for RSpec integration generator
Commits on Oct 15, 2012
  1. @gabebw

    Link to Airbrake.io.

    gabebw authored
    Airbrakeapp.com gives an SSL warning.
Commits on Oct 12, 2012
  1. @gabebw
Commits on Sep 20, 2012
  1. @croaky
  2. @croaky
  3. @croaky

    Clean up Github links in README

    croaky authored
Commits on Sep 14, 2012
  1. @croaky

    Improve README

    croaky authored
    * Generalize versions of Rails/Ruby we test against.
    * Add `bundle` line.
    * Order main API walkthrough by importance and group authorization.
    * Use Ruby 1.9 hash syntax.
    * Get closer to 80 character limit on lines with links.
    * Use Ruby . or # syntax to evoke class or instance method.
    * Add Code Climate badge.
Commits on Jul 23, 2012
  1. @croaky

    Correct NEWS and README

    croaky authored
    * You can use Clearance after you've created a Rails app or users
      table. If you have users already, you'll need to edit the default
      migration that Clearance generates.
    * We are testing against latest Rails 3.0.x, 3.1.x, and 3.2.x.
  2. @gabebw
  3. @mike-burns
Commits on Jul 22, 2012
  1. @croaky

    Upgrade dependencies

    croaky authored
    * Support Rails 3.0.15, 3.1.6, 3.2.6.
    * Apply style guidelines to test suite.
    * Be more strict about development dependencies.
  2. @croaky

    Overhaul README.md

    croaky authored
    Intention is to better communicate the API.
Commits on Jul 19, 2012
  1. @mike-burns

    Remove the salt from the DB migration

    mike-burns authored
    The salt column is only needed for SHA1 and MD5 strategies, which  are
    not the default. The README contains instructions for adding the salt
    back before switching to those strategies.
Commits on Jun 29, 2012
  1. @mike-burns

    BCrypt for passwords

    Dan Croak and Gabe Berke-Williams authored mike-burns committed
    This commit makes BCrypt the default for new setups, and introduces a
    strategy for converting existing infrastructure to BCrypt.
    
    To switch to BCrypt now:
    
        Clearance.configure do |config|
          config.password_strategy = Clearance::PasswordStrategies::BCrypt
        end
    
    To set the password strategy to the conversion layer:
    
        Clearance.configure do |config|
          config.password_strategy = Clearance::PasswordStrategies::BCryptMigrationFromSHA1
        end
    
    To continue to use SHA1:
    
        Clearance.configure do |config|
          config.password_strategy = Clearance::PasswordStrategies::SHA1
        end
  2. @mike-burns

    Provide router constraints

    Arun Agrawal and Gabe Berke-Williams authored mike-burns committed
    Adds SignedInConstraint and SignedOutConstraint, useful from the Rails
    router. For example, to redirect admins to their admin dashboard as the
    home page:
    
        constraints(SignedInConstraint.new {|user| user.admin?}) do
          root :to => 'admins/dashboard#index'
        end
Commits on Jun 18, 2012
  1. @gabebw
Commits on Apr 4, 2012
  1. @mjankowski
Commits on Mar 16, 2012
  1. @mike-burns

    Bump to 0.16.0.

    mike-burns authored
Commits on Feb 27, 2012
  1. Added blowfish password encryption strategy.

    squarism authored
Commits on Feb 17, 2012
  1. @croaky

    [#180] Use Travis CI

    croaky authored
    * Start by supporting Ruby 1.8.7, REE, 1.9.2, 1.93.
    * Use Appraisal to support Rails 3.0 and 3.1.
Commits on Dec 1, 2011
  1. @jferris
Commits on Nov 21, 2011
  1. @gabebw
Commits on Oct 14, 2011
  1. @neilparikh

    Updated link on README.

    neilparikh authored
Commits on Oct 10, 2011
  1. @croaky

    improving the README's documentation. all overrides should now be doc…

    croaky authored
    …umented clearly, with links to the engine's codebase for further exploration.
Something went wrong with that request. Please try again.