As of the 1.0.x series of Clearance, the following things are true:
session[:return_to]. You can
grepyour views for
return_toto determine if you are affected by this change.
To continue using SHA1 in your project, change the config option to this:
Clearance.configure do |config| config.password_strategy = Clearance::PasswordStrategies::SHA1 end
To transition your users from SHA1 to BCrypt, change the config option to this:
Clearance.configure do |config| config.password_strategy = Clearance::PasswordStrategies::BCryptMigrationFromSHA1 end
As of the 0.11.x series of Clearance, the following things are true:
before_filter :authorize, not
rails g clearance:install,
rails g clearance:features, and
rails g clearance:views.
So, if you upgrading to the latest version of Clearance from an older version of Clearance, you may want to take at least some, if not all, of the following steps:
password_confirmationattribute from your
password_confirmationfield from your
before_filter :authenticateeverywhere to
form.error_messagesin any of your generated
rails g clearance:features.
passwords/newviews. (necessary only to get features to pass)
Write a migration to downcase the existing emails in your users table:
class DowncaseEmails < ActiveRecord::Migration def up update 'UPDATE users SET email = LOWER(email)' end end