Permalink
Commits on Dec 15, 2015
  1. Update lockfile.

    lucasmazza committed Dec 15, 2015
  2. Update CHANGELOG.md [ci skip]

    lucasmazza committed Dec 15, 2015
  3. Merge pull request #3714 from twalpole/rails5

    Rails 5 Support
    lucasmazza committed Dec 15, 2015
  4. Merge pull request #3835 from kv109/master

    test for save in after_create hook breaks devise confirmation [3787]
    lucasmazza committed Dec 15, 2015
  5. Merge pull request #3793 from chrismacias/save_in_after_create_hook_b…

    …reaks_devise_confirmation
    
    save in after_create hook breaks devise confirmation
    lucasmazza committed Dec 15, 2015
  6. Merge pull request #3854 from joshsoftware/reset_password_token_issue

    Comparing times in UTC
    josevalim committed Dec 15, 2015
  7. Merge pull request #3853 from betesh/betesh-patch-1

    Removed unnecessary module fixes #3852
    josevalim committed Dec 15, 2015
  8. Removed unnecessary module

    betesh committed Dec 15, 2015
Commits on Dec 11, 2015
Commits on Dec 10, 2015
  1. Release 3.5.3.

    lucasmazza committed Dec 10, 2015
Commits on Dec 9, 2015
  1. Merge pull request #3847 from stanhu/reset-token-only-on-update

    Only clear the reset token on an update
    josevalim committed Dec 9, 2015
  2. Only clear the reset token on an update

    This solves the issue where a package might do:
    
    ```
    user = User.new
    user.email = 'test@test.com'
    token = user.generate_reset_token
    user.save
    
    send_reset_email(token)
    ```
    
    Since the save clears the reset token, the user will receive a stale token that no longer works.
    
    Closes #3774
    stanhu committed Dec 9, 2015
  3. Update CHANGELOG [ci skip].

    lucasmazza committed Dec 9, 2015
  4. Merge pull request #3846 from seddy/make_email_optional_on_recoverable

    Allow resources with no email field to be recoverable
    josevalim committed Dec 9, 2015
  5. Revert "Merge pull request #3774 from stanhu/reset-token-only-if-not-…

    …persisted"
    
    This reverts commit 15c38d9, reversing
    changes made to 508c341.
    josevalim committed Dec 9, 2015
  6. Merge pull request #3774 from stanhu/reset-token-only-if-not-persisted

    Only clear the reset password token if the model has already been persisted
    lucasmazza committed Dec 9, 2015
  7. Merge pull request #3826 from andygeers/master

    Don't error if resource doesn't need confirming
    lucasmazza committed Dec 9, 2015
Commits on Dec 8, 2015
Commits on Dec 7, 2015
  1. Allow resources with no email field to be recoverable

    The current implementation is opinionated about the resource should have
    an "email" column on it if it is to be recoverable, which isn't
    necessarily the case.  For example, developers may decide to pull emails
    out into their own model or have some other way of communicating
    password resets to their users (e.g. text message)
    
    I'm not sure there's an easy test to put together for this case, as
    minitest doesn't make it very easy to stub the "email_changed?" to raise
    an error. Happy to look into building another model in the
    "test/rails_app" if you want to have this properly tested though? Or for
    a nice way to get calls to "email_changed?" to raise; minitest isn't
    a test framework I'm overly familiar with :).
    
    As a side note, it would be nice if the Validatable module also took
    this into account, I may raise another PR for that.
    
    This comes off the back of comments on this commit:
    plataformatec@e641b4b
    seddy committed Dec 7, 2015
Commits on Nov 25, 2015
  1. Merge pull request #3739 from stanhu/support-relative-urls-in-failure…

    …-app
    
    Account for relative_url_root in FailureApp's recall method
    josevalim committed Nov 25, 2015
Commits on Nov 24, 2015
Commits on Nov 18, 2015
  1. Write unit test for bug fix

    andygeers committed Nov 18, 2015
Commits on Nov 10, 2015
  1. Merge pull request #3813 from jlerpscher/set-minimum-password-length-…

    …on-failure
    
    set minimum password length on reset failure
    josevalim committed Nov 10, 2015
Commits on Nov 4, 2015
  1. Merge pull request #3808 from blase/skip-timeoutable

    Allow skipping the timeoutable hook
    josevalim committed Nov 4, 2015
  2. Merge pull request #3805 from robuye/master

    Remove outdated example from documentation
    josevalim committed Nov 4, 2015
Commits on Nov 2, 2015
  1. Remove outdated example from documentation

    `#reset_password` always saves the record if validation passes.
    robuye committed Nov 2, 2015
Commits on Nov 1, 2015