Skip to content

Releases: thoughtbot/clearance

v1.14.2

06 Oct 18:39
d72696f
Compare
Choose a tag to compare

Fixed

  • Fixed incompatibility with attr_encrypted gem by inlining the body of the
    encrypt helper method used in the BCrypt password strategy.

Full Changelog

v1.14.1

12 May 19:29
75e33bb
Compare
Choose a tag to compare

Fixed

  • Fixed insertion of include Clearance::User when running the install
    generator in an app that already has a User model.
  • Updated deny_access matcher to assert against configured redirect location
    rather than hard coded /.

Full Changelog

v1.14.0

12 May 19:05
fe11cda
Compare
Choose a tag to compare

Added

  • Clearance::BackDoor now accepts a block, allowing the user for a test to be
    looked up by a parameter other than id if you have overridden to_param for
    the User model.

Fixed

  • We now correctly track the dirty state of User#encrypted_password, which
    fixes custom validations on User#password (e.g. validating password length)
    that were conditional on the password actually changing.
  • The clearance:install generator will now generate a User model that
    inherits from ApplicationRecord if run on a Rails 5 app that doesn't already
    have a User model.

Deprecated

  • User#password_changing is deprecated in favor of automatic dirty tracking on
    encrypted_password and password. If you are calling this in your
    application you should be able to remove it.

Full Changelog

v1.13.0

05 Mar 21:17
c643e94
Compare
Choose a tag to compare

Added

  • Clearance now supports Rails 5.0.0.beta3 and newer.

Fixed

  • Clearance will now infer the parameter name to use when accessing user
    parameters in a request. This previously used :user, which was incorrect for
    customized user models.
  • Generated feature specs no longer rely on RSpec monkey patches.

Full Changelog

v1.12.1

08 Jan 03:57
ea9297d
Compare
Choose a tag to compare

Fixed

  • Fixed the create_users migration generated by rails generate clearance:install under Rails 3.x.

Full Changelog

v1.12.0

18 Nov 03:06
781e9a9
Compare
Choose a tag to compare

Added

  • Users will now see a flash message when redirected to sign in by
    require_login. This I18n key for this message is
    flashes.failure_when_not_signed_in and defaults to "Please sign in to
    continue".
  • Added significant API documentation. API documentation effort is ongoing.

Fixed

  • Fixed expectation in the generated visitor_resets_password_spec.rb file.
  • Corrected indentation of routes inserted by the routes generator.
  • Corrected indentation of include Clearance::User when the install generator
    adds it to an existing user class.

Full Changelog

v1.11.0

11 Sep 18:51
82f9aaa
Compare
Choose a tag to compare

Added

  • Add sign_in and sign_in_as helper methods to view specs. These helpers
    avoid errors from verified partial doubles that come from. See
    462c009.

Fixed

  • clearance:routes generator now properly disables internal routes in your
    Clearance initializer.
  • Clearance now accesses the cookie jar via ActionDispatch::Request rather than
    Rack::Request. This is more consistent with what Rails does internally.

Deprecated

  • Clearance::Testing::Helpers has been deprecated in favor of
    Clearance::Testing::ControllerHelpers. Most users are accessing these
    helpers by requiring clearance/rspec or clearance/test_unit and should be
    unaffected.

Full Changelog

v1.10.1

11 Sep 19:52
b9700d1
Compare
Choose a tag to compare

Deprecated

  • All clearance-provided password strategies other than BCrypt have been
    deprecated. You can continue to use those strategies without a deprecation
    warning by adding clearance-deprecated_password_strategies to your Gemfile.

Full Changelog

v1.9.0

11 Sep 19:52
c48060b
Compare
Choose a tag to compare

Added

  • The change password mailer now produces a multipart message which includes a
    text part along with the previously existing HTML part. To override the text
    part, add change_password.text.erb alongside your change_password.html.erb
    file.

Fixed

  • Custom user_model configured in a Rails initializer will now be reloaded in
    development mode.
  • Change password template now contains "Change my password" link text to
    address an issue linking the URL in some mail clients.

Full Changelog

v1.8.1

11 Sep 19:52
e14ad62
Compare
Choose a tag to compare

Security

  • Enable cross-site request forgery protection on sessions#create. See
    7f5d56e.

Fixed

  • All methods included by Clearance::Controller are now excluded from
    action_methods.

Full Changelog