Download as
Browse Code »

Commit 1c6e944a8171f848a810a0a77a7fbe2f481712a9

Authored by Cyril Mougel
2 parents 4991842f c59f7539
Exists in master and in 1 other branch production

Merge branch 'features/update_devise'

Showing 7 changed files with 208 additions and 73 deletions   Show diff stats
@@ -5,7 +5,7 @@ gem 'mongoid', '~> 2.7.1' @@ -5,7 +5,7 @@ gem 'mongoid', '~> 2.7.1'
5 5
6 # Mongoid rails migration > 0.0.14 is not compatible to Mongoid 2.x 6 # Mongoid rails migration > 0.0.14 is not compatible to Mongoid 2.x
7 gem 'mongoid_rails_migrations', '~> 0.0.14' 7 gem 'mongoid_rails_migrations', '~> 0.0.14'
8 -gem 'devise', '~> 1.5.4' 8 +gem 'devise'
9 gem 'haml' 9 gem 'haml'
10 gem 'htmlentities' 10 gem 'htmlentities'
11 gem 'rack-ssl', :require => 'rack/ssl' # force SSL 11 gem 'rack-ssl', :require => 'rack/ssl' # force SSL
@@ -50,7 +50,7 @@ GEM @@ -50,7 +50,7 @@ GEM
50 better_errors (0.9.0) 50 better_errors (0.9.0)
51 coderay (>= 1.0.0) 51 coderay (>= 1.0.0)
52 erubis (>= 2.6.6) 52 erubis (>= 2.6.6)
53 - binding_of_caller (0.7.1) 53 + binding_of_caller (0.7.2)
54 debug_inspector (>= 0.0.1) 54 debug_inspector (>= 0.0.1)
55 bitbucket_rest_api (0.1.2) 55 bitbucket_rest_api (0.1.2)
56 faraday (~> 0.8.1) 56 faraday (~> 0.8.1)
@@ -103,12 +103,13 @@ GEM @@ -103,12 +103,13 @@ GEM
103 debugger-linecache (1.2.0) 103 debugger-linecache (1.2.0)
104 debugger-ruby_core_source (1.2.2) 104 debugger-ruby_core_source (1.2.2)
105 decent_exposure (2.2.0) 105 decent_exposure (2.2.0)
106 - devise (1.5.4) 106 + devise (2.2.4)
107 bcrypt-ruby (~> 3.0) 107 bcrypt-ruby (~> 3.0)
108 - orm_adapter (~> 0.0.3)  
109 - warden (~> 1.1) 108 + orm_adapter (~> 0.1)
  109 + railties (~> 3.1)
  110 + warden (~> 1.2.1)
110 diff-lcs (1.2.4) 111 diff-lcs (1.2.4)
111 - dotenv (0.7.0) 112 + dotenv (0.8.0)
112 email_spec (1.4.0) 113 email_spec (1.4.0)
113 launchy (~> 2.1) 114 launchy (~> 2.1)
114 mail (~> 2.2) 115 mail (~> 2.2)
@@ -121,7 +122,7 @@ GEM @@ -121,7 +122,7 @@ GEM
121 multipart-post (~> 1.1) 122 multipart-post (~> 1.1)
122 faraday_middleware (0.8.8) 123 faraday_middleware (0.8.8)
123 faraday (>= 0.7.4, < 0.9) 124 faraday (>= 0.7.4, < 0.9)
124 - ffi (1.8.1) 125 + ffi (1.9.0)
125 foreman (0.63.0) 126 foreman (0.63.0)
126 dotenv (>= 0.7) 127 dotenv (>= 0.7)
127 thor (>= 0.13.6) 128 thor (>= 0.13.6)
@@ -191,8 +192,8 @@ GEM @@ -191,8 +192,8 @@ GEM
191 bundler (>= 1.0.0) 192 bundler (>= 1.0.0)
192 rails (>= 3.0.0) 193 rails (>= 3.0.0)
193 railties (>= 3.0.0) 194 railties (>= 3.0.0)
194 - multi_json (1.7.6)  
195 - multi_xml (0.5.3) 195 + multi_json (1.7.7)
  196 + multi_xml (0.5.4)
196 multipart-post (1.2.0) 197 multipart-post (1.2.0)
197 net-scp (1.1.1) 198 net-scp (1.1.1)
198 net-ssh (>= 2.6.5) 199 net-ssh (>= 2.6.5)
@@ -201,7 +202,7 @@ GEM @@ -201,7 +202,7 @@ GEM
201 net-ssh (2.6.7) 202 net-ssh (2.6.7)
202 net-ssh-gateway (1.2.0) 203 net-ssh-gateway (1.2.0)
203 net-ssh (>= 2.6.5) 204 net-ssh (>= 2.6.5)
204 - nokogiri (1.5.9) 205 + nokogiri (1.5.10)
205 nokogiri-happymapper (0.5.7) 206 nokogiri-happymapper (0.5.7)
206 nokogiri (~> 1.5) 207 nokogiri (~> 1.5)
207 oauth2 (0.8.1) 208 oauth2 (0.8.1)
@@ -225,7 +226,7 @@ GEM @@ -225,7 +226,7 @@ GEM
225 omniauth-oauth2 (1.1.1) 226 omniauth-oauth2 (1.1.1)
226 oauth2 (~> 0.8.0) 227 oauth2 (~> 0.8.0)
227 omniauth (~> 1.0) 228 omniauth (~> 1.0)
228 - orm_adapter (0.0.7) 229 + orm_adapter (0.4.0)
229 oruen_redmine_client (0.0.1) 230 oruen_redmine_client (0.0.1)
230 activeresource (>= 2.3.0) 231 activeresource (>= 2.3.0)
231 pivotal-tracker (0.5.10) 232 pivotal-tracker (0.5.10)
@@ -347,7 +348,7 @@ GEM @@ -347,7 +348,7 @@ GEM
347 thor (0.18.1) 348 thor (0.18.1)
348 tilt (1.4.1) 349 tilt (1.4.1)
349 timecop (0.6.1) 350 timecop (0.6.1)
350 - treetop (1.4.12) 351 + treetop (1.4.14)
351 polyglot 352 polyglot
352 polyglot (>= 0.3.1) 353 polyglot (>= 0.3.1)
353 turbo-sprockets-rails3 (0.3.6) 354 turbo-sprockets-rails3 (0.3.6)
@@ -393,7 +394,7 @@ DEPENDENCIES @@ -393,7 +394,7 @@ DEPENDENCIES
393 database_cleaner (~> 0.9.0) 394 database_cleaner (~> 0.9.0)
394 debugger 395 debugger
395 decent_exposure 396 decent_exposure
396 - devise (~> 1.5.4) 397 + devise
397 email_spec 398 email_spec
398 execjs 399 execjs
399 fabrication (~> 1.3.0) 400 fabrication (~> 1.3.0)
app/models/user.rb
  Diff comments   View file @1c6e944
@@ -13,6 +13,28 @@ class User @@ -13,6 +13,28 @@ class User
13 field :per_page, :type => Fixnum, :default => PER_PAGE 13 field :per_page, :type => Fixnum, :default => PER_PAGE
14 field :time_zone, :default => "UTC" 14 field :time_zone, :default => "UTC"
15 15
  16 + ## Devise field
  17 + ### Database Authenticatable
  18 + field :encrypted_password, :type => String
  19 +
  20 + ### Recoverable
  21 + field :reset_password_token, :type => String
  22 + field :reset_password_sent_at, :type => Time
  23 +
  24 + ### Rememberable
  25 + field :remember_created_at, :type => Time
  26 +
  27 + ### Trackable
  28 + field :sign_in_count, :type => Integer
  29 + field :current_sign_in_at, :type => Time
  30 + field :last_sign_in_at, :type => Time
  31 + field :current_sign_in_ip, :type => String
  32 + field :last_sign_in_ip, :type => String
  33 +
  34 + ### Token_authenticatable
  35 + field :authentication_token, :type => String
  36 +
  37 +
16 before_save :ensure_authentication_token 38 before_save :ensure_authentication_token
17 39
18 validates_presence_of :name 40 validates_presence_of :name
app/views/shared/_session.html.haml
  Diff comments   View file @1c6e944
1 - if current_user 1 - if current_user
2 %ul#session-links 2 %ul#session-links
3 - %li= link_to 'Sign out', destroy_session_path(:user), :id => 'sign-out'  
4 - %li= link_to 'Edit profile', edit_user_path(current_user), :id => 'edit-profile'  
5 \ No newline at end of file 3 \ No newline at end of file
  4 + %li= link_to 'Sign out', destroy_session_path(:user), :id => 'sign-out', :method => :delete
  5 + %li= link_to 'Edit profile', edit_user_path(current_user), :id => 'edit-profile'
config/initializers/devise.rb
  Diff comments   View file @1c6e944
1 -# Use this hook to configure devise mailer, warden hooks and so forth. The first  
2 -# four configuration values can also be set straight in your models. 1 +# Use this hook to configure devise mailer, warden hooks and so forth.
  2 +# Many of these configuration options can be set straight in your model.
3 Devise.setup do |config| 3 Devise.setup do |config|
4 # ==> Mailer Configuration 4 # ==> Mailer Configuration
5 - # Configure the e-mail address which will be shown in DeviseMailer. 5 + # Configure the e-mail address which will be shown in Devise::Mailer,
  6 + # note that it will be overwritten if you use your own mailer class with default "from" parameter.
6 config.mailer_sender = Errbit::Config.email_from 7 config.mailer_sender = Errbit::Config.email_from
7 8
8 # Configure the class responsible to send e-mails. 9 # Configure the class responsible to send e-mails.
@@ -15,69 +16,131 @@ Devise.setup do |config| @@ -15,69 +16,131 @@ Devise.setup do |config|
15 require 'devise/orm/mongoid' 16 require 'devise/orm/mongoid'
16 17
17 # ==> Configuration for any authentication mechanism 18 # ==> Configuration for any authentication mechanism
18 - # Configure which keys are used when authenticating an user. By default is 19 + # Configure which keys are used when authenticating a user. The default is
19 # just :email. You can configure it to use [:username, :subdomain], so for 20 # just :email. You can configure it to use [:username, :subdomain], so for
20 - # authenticating an user, both parameters are required. Remember that those 21 + # authenticating a user, both parameters are required. Remember that those
21 # parameters are used only when authenticating and not when retrieving from 22 # parameters are used only when authenticating and not when retrieving from
22 # session. If you need permissions, you should implement that in a before filter. 23 # session. If you need permissions, you should implement that in a before filter.
  24 + # You can also supply a hash where the value is a boolean determining whether
  25 + # or not authentication should be aborted when the value is not present.
23 config.authentication_keys = [ Errbit::Config.user_has_username ? :username : :email ] 26 config.authentication_keys = [ Errbit::Config.user_has_username ? :username : :email ]
24 27
  28 + # Configure parameters from the request object used for authentication. Each entry
  29 + # given should be a request method and it will automatically be passed to the
  30 + # find_for_authentication method and considered in your model lookup. For instance,
  31 + # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
  32 + # The same considerations mentioned for authentication_keys also apply to request_keys.
  33 + # config.request_keys = []
  34 +
  35 + # Configure which authentication keys should be case-insensitive.
  36 + # These keys will be downcased upon creating or modifying a user and when used
  37 + # to authenticate or find a user. Default is :email.
  38 + config.case_insensitive_keys = [ Errbit::Config.user_has_username ? :username : :email ]
  39 +
  40 + # Configure which authentication keys should have whitespace stripped.
  41 + # These keys will have whitespace before and after removed upon creating or
  42 + # modifying a user and when used to authenticate or find a user. Default is :email.
  43 + config.strip_whitespace_keys = [ Errbit::Config.user_has_username ? :username : :email ]
  44 +
25 # Tell if authentication through request.params is enabled. True by default. 45 # Tell if authentication through request.params is enabled. True by default.
  46 + # It can be set to an array that will enable params authentication only for the
  47 + # given strategies, for example, `config.params_authenticatable = [:database]` will
  48 + # enable it only for database (email + password) authentication.
26 # config.params_authenticatable = true 49 # config.params_authenticatable = true
27 50
28 - # Tell if authentication through HTTP Basic Auth is enabled. True by default.  
29 - # config.http_authenticatable = true  
30 -  
31 - # Set this to true to use Basic Auth for AJAX requests. True by default. 51 + # Tell if authentication through HTTP Auth is enabled. False by default.
  52 + # It can be set to an array that will enable http authentication only for the
  53 + # given strategies, for example, `config.http_authenticatable = [:token]` will
  54 + # enable it only for token authentication. The supported strategies are:
  55 + # :database = Support basic authentication with authentication key + password
  56 + # :token = Support basic authentication with token authentication key
  57 + # :token_options = Support token authentication with options as defined in
  58 + # http://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html
  59 + # config.http_authenticatable = false
  60 +
  61 + # If http headers should be returned for AJAX requests. True by default.
32 # config.http_authenticatable_on_xhr = true 62 # config.http_authenticatable_on_xhr = true
33 63
34 - # The realm used in Http Basic Authentication 64 + # The realm used in Http Basic Authentication. "Application" by default.
35 # config.http_authentication_realm = "Application" 65 # config.http_authentication_realm = "Application"
36 66
  67 + # It will change confirmation, password recovery and other workflows
  68 + # to behave the same regardless if the e-mail provided was right or wrong.
  69 + # Does not affect registerable.
  70 + # config.paranoid = true
  71 +
  72 + # By default Devise will store the user in session. You can skip storage for
  73 + # :http_auth and :token_auth by adding those symbols to the array below.
  74 + # Notice that if you are skipping storage for all authentication paths, you
  75 + # may want to disable generating routes to Devise's sessions controller by
  76 + # passing :skip => :sessions to `devise_for` in your config/routes.rb
  77 + config.skip_session_storage = [:http_auth]
  78 +
37 # ==> Configuration for :database_authenticatable 79 # ==> Configuration for :database_authenticatable
38 # For bcrypt, this is the cost for hashing the password and defaults to 10. If 80 # For bcrypt, this is the cost for hashing the password and defaults to 10. If
39 # using other encryptors, it sets how many times you want the password re-encrypted. 81 # using other encryptors, it sets how many times you want the password re-encrypted.
40 - config.stretches = 10  
41 -  
42 - # Define which will be the encryption algorithm. Devise also supports encryptors  
43 - # from others authentication tools as :clearance_sha1, :authlogic_sha512 (then  
44 - # you should set stretches above to 20 for default behavior) and :restful_authentication_sha1  
45 - # (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)  
46 - config.encryptor = :bcrypt 82 + #
  83 + # Limiting the stretches to just one in testing will increase the performance of
  84 + # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
  85 + # a value less than 10 in other environments.
  86 + config.stretches = Rails.env.test? ? 1 : 10
47 87
48 # Setup a pepper to generate the encrypted password. 88 # Setup a pepper to generate the encrypted password.
49 config.pepper = "425f10f555c1a4718aff3370ef9dd2d97a21622beb0400fde6b52177375ddcbe37a2dac6af9bca835c988e00c32887ee940ba111a78eab48234d8799936d36b9" 89 config.pepper = "425f10f555c1a4718aff3370ef9dd2d97a21622beb0400fde6b52177375ddcbe37a2dac6af9bca835c988e00c32887ee940ba111a78eab48234d8799936d36b9"
50 90
51 # ==> Configuration for :confirmable 91 # ==> Configuration for :confirmable
52 - # The time you want to give your user to confirm his account. During this time  
53 - # he will be able to access your application without confirming. Default is nil.  
54 - # When confirm_within is zero, the user won't be able to sign in without confirming.  
55 - # You can use this to let your user access some features of your application  
56 - # without confirming the account, but blocking it after a certain period  
57 - # (ie 2 days).  
58 - # config.confirm_within = 2.days 92 + # A period that the user is allowed to access the website even without
  93 + # confirming his account. For instance, if set to 2.days, the user will be
  94 + # able to access the website for two days without confirming his account,
  95 + # access will be blocked just in the third day. Default is 0.days, meaning
  96 + # the user cannot access the website without confirming his account.
  97 + # config.allow_unconfirmed_access_for = 2.days
  98 +
  99 + # A period that the user is allowed to confirm their account before their
  100 + # token becomes invalid. For example, if set to 3.days, the user can confirm
  101 + # their account within 3 days after the mail was sent, but on the fourth day
  102 + # their account can't be confirmed with the token any more.
  103 + # Default is nil, meaning there is no restriction on how long a user can take
  104 + # before confirming their account.
  105 + # config.confirm_within = 3.days
  106 +
  107 + # If true, requires any email changes to be confirmed (exactly the same way as
  108 + # initial account confirmation) to be applied. Requires additional unconfirmed_email
  109 + # db field (see migrations). Until confirmed new email is stored in
  110 + # unconfirmed email column, and copied to email column on successful confirmation.
  111 + config.reconfirmable = true
  112 +
  113 + # Defines which key will be used when confirming an account
  114 + # config.confirmation_keys = [ :email ]
59 115
60 # ==> Configuration for :rememberable 116 # ==> Configuration for :rememberable
61 # The time the user will be remembered without asking for credentials again. 117 # The time the user will be remembered without asking for credentials again.
62 config.remember_for = 2.weeks 118 config.remember_for = 2.weeks
63 119
64 - # If true, a valid remember token can be re-used between multiple browsers.  
65 - # config.remember_across_browsers = true  
66 -  
67 # If true, extends the user's remember period when remembered via cookie. 120 # If true, extends the user's remember period when remembered via cookie.
68 # config.extend_remember_period = false 121 # config.extend_remember_period = false
69 122
  123 + # Options to be passed to the created cookie. For instance, you can set
  124 + # :secure => true in order to force SSL only cookies.
  125 + # config.rememberable_options = {}
  126 +
70 # ==> Configuration for :validatable 127 # ==> Configuration for :validatable
71 - # Range for password length 128 + # Range for password length. Default is 8..128.
72 config.password_length = 6..1024 129 config.password_length = 6..1024
73 130
74 - # Regex to use to validate the email address 131 + # Email regex used to validate email formats. It simply asserts that
  132 + # one (and only one) @ exists in the given string. This is mainly
  133 + # to give user feedback and not to assert the e-mail validity.
  134 + # config.email_regexp = /\A[^@]+@[^@]+\z/
75 config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i 135 config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
76 136
77 # ==> Configuration for :timeoutable 137 # ==> Configuration for :timeoutable
78 # The time you want to timeout the user session without activity. After this 138 # The time you want to timeout the user session without activity. After this
79 - # time the user will be asked for credentials again.  
80 - # config.timeout_in = 10.minutes 139 + # time the user will be asked for credentials again. Default is 30 minutes.
  140 + # config.timeout_in = 30.minutes
  141 +
  142 + # If true, expires auth token on session timeout.
  143 + # config.expire_auth_token_on_timeout = false
81 144
82 # ==> Configuration for :lockable 145 # ==> Configuration for :lockable
83 # Defines which strategy will be used to lock an account. 146 # Defines which strategy will be used to lock an account.
@@ -85,6 +148,9 @@ Devise.setup do |config| @@ -85,6 +148,9 @@ Devise.setup do |config|
85 # :none = No lock strategy. You should handle locking by yourself. 148 # :none = No lock strategy. You should handle locking by yourself.
86 # config.lock_strategy = :failed_attempts 149 # config.lock_strategy = :failed_attempts
87 150
  151 + # Defines which key will be used when locking and unlocking an account
  152 + # config.unlock_keys = [ :email ]
  153 +
88 # Defines which strategy will be used to unlock an account. 154 # Defines which strategy will be used to unlock an account.
89 # :email = Sends an unlock link to the user email 155 # :email = Sends an unlock link to the user email
90 # :time = Re-enables login after a certain amount of time (see :unlock_in below) 156 # :time = Re-enables login after a certain amount of time (see :unlock_in below)
@@ -99,6 +165,26 @@ Devise.setup do |config| @@ -99,6 +165,26 @@ Devise.setup do |config|
99 # Time interval to unlock the account if :time is enabled as unlock_strategy. 165 # Time interval to unlock the account if :time is enabled as unlock_strategy.
100 # config.unlock_in = 1.hour 166 # config.unlock_in = 1.hour
101 167
  168 + # ==> Configuration for :recoverable
  169 + #
  170 + # Defines which key will be used when recovering the password for an account
  171 + # config.reset_password_keys = [ :email ]
  172 +
  173 + # Time interval you can reset your password with a reset password key.
  174 + # Don't put a too small interval or your users won't have the time to
  175 + # change their passwords.
  176 + config.reset_password_within = 6.hours
  177 +
  178 + # ==> Configuration for :encryptable
  179 + # Allow you to use another encryption algorithm besides bcrypt (default). You can use
  180 + # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
  181 + # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
  182 + # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
  183 + # REST_AUTH_SITE_KEY to pepper).
  184 + #
  185 + # Require the `devise-encryptable` gem when using anything other than bcrypt
  186 + # config.encryptor = :sha512
  187 +
102 # ==> Configuration for :token_authenticatable 188 # ==> Configuration for :token_authenticatable
103 # Defines name of the authentication token params key 189 # Defines name of the authentication token params key
104 config.token_authentication_key = :auth_token 190 config.token_authentication_key = :auth_token
@@ -107,45 +193,63 @@ Devise.setup do |config| @@ -107,45 +193,63 @@ Devise.setup do |config|
107 # Turn scoped views on. Before rendering "sessions/new", it will first check for 193 # Turn scoped views on. Before rendering "sessions/new", it will first check for
108 # "users/sessions/new". It's turned off by default because it's slower if you 194 # "users/sessions/new". It's turned off by default because it's slower if you
109 # are using only default views. 195 # are using only default views.
110 - # config.scoped_views = true 196 + # config.scoped_views = false
111 197
112 # Configure the default scope given to Warden. By default it's the first 198 # Configure the default scope given to Warden. By default it's the first
113 - # devise role declared in your routes. 199 + # devise role declared in your routes (usually :user).
114 # config.default_scope = :user 200 # config.default_scope = :user
115 201
116 - # Configure sign_out behavior.  
117 - # By default sign_out is scoped (i.e. /users/sign_out affects only :user scope).  
118 - # In case of sign_out_all_scopes set to true any logout action will sign out all active scopes.  
119 - # config.sign_out_all_scopes = false  
120 -  
121 - if Errbit::Config.github_authentication || Rails.env.test?  
122 - config.omniauth :github,  
123 - Errbit::Config.github_client_id,  
124 - Errbit::Config.github_secret,  
125 - :scope => Errbit::Config.github_access_scope.join(","),  
126 - :skip_info => true  
127 - end 202 + # Set this configuration to false if you want /users/sign_out to sign out
  203 + # only the current scope. By default, Devise signs out all scopes.
  204 + # config.sign_out_all_scopes = true
128 205
129 # ==> Navigation configuration 206 # ==> Navigation configuration
130 # Lists the formats that should be treated as navigational. Formats like 207 # Lists the formats that should be treated as navigational. Formats like
131 # :html, should redirect to the sign in page when the user does not have 208 # :html, should redirect to the sign in page when the user does not have
132 # access, but formats like :xml or :json, should return 401. 209 # access, but formats like :xml or :json, should return 401.
  210 + #
133 # If you have any extra navigational formats, like :iphone or :mobile, you 211 # If you have any extra navigational formats, like :iphone or :mobile, you
134 - # should add them to the navigational formats lists. Default is [:html]  
135 - # config.navigational_formats = [:html, :iphone] 212 + # should add them to the navigational formats lists.
  213 + #
  214 + # The "*/*" below is required to match Internet Explorer requests.
  215 + # config.navigational_formats = ["*/*", :html]
  216 +
  217 + # The default HTTP method used to sign out a resource. Default is :delete.
  218 + config.sign_out_via = :delete
  219 +
  220 + # ==> OmniAuth
  221 + # Add a new OmniAuth provider. Check the wiki for more information on setting
  222 + # up on your models and hooks.
  223 + # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
  224 +
  225 + if Errbit::Config.github_authentication || Rails.env.test?
  226 + config.omniauth :github,
  227 + Errbit::Config.github_client_id,
  228 + Errbit::Config.github_secret,
  229 + :scope => Errbit::Config.github_access_scope.join(','),
  230 + :skip_info => true
  231 + end
136 232
137 # ==> Warden configuration 233 # ==> Warden configuration
138 - # If you want to use other strategies, that are not (yet) supported by Devise,  
139 - # you can configure them inside the config.warden block. The example below  
140 - # allows you to setup OAuth, using http://github.com/roman/warden_oauth 234 + # If you want to use other strategies, that are not supported by Devise, or
  235 + # change the failure app, you can configure them inside the config.warden block.
141 # 236 #
142 # config.warden do |manager| 237 # config.warden do |manager|
143 - # manager.oauth(:twitter) do |twitter|  
144 - # twitter.consumer_secret = <YOUR CONSUMER SECRET>  
145 - # twitter.consumer_key = <YOUR CONSUMER KEY>  
146 - # twitter.options :site => 'http://twitter.com'  
147 - # end  
148 - # manager.default_strategies(:scope => :user).unshift :twitter_oauth 238 + # manager.intercept_401 = false
  239 + # manager.default_strategies(:scope => :user).unshift :some_external_strategy
149 # end 240 # end
150 -end  
151 241
  242 + # ==> Mountable engine configurations
  243 + # When using Devise inside an engine, let's call it `MyEngine`, and this engine
  244 + # is mountable, there are some extra configurations to be taken into account.
  245 + # The following options are available, assuming the engine is mounted as:
  246 + #
  247 + # mount MyEngine, at: "/my_engine"
  248 + #
  249 + # The router that invoked `devise_for`, in the example above, would be:
  250 + # config.router_name = :my_engine
  251 + #
  252 + # When using omniauth, Devise cannot automatically set Omniauth path,
  253 + # so you need to do it manually. For the users scope, it would be:
  254 + # config.omniauth_path_prefix = "/my_engine/users/auth"
  255 +end
config/locales/en.yml
  Diff comments   View file @1c6e944
@@ -24,3 +24,11 @@ en: @@ -24,3 +24,11 @@ en:
24 error: "You can't delete yourself" 24 error: "You can't delete yourself"
25 update: 25 update:
26 success: "%{name}'s information was successfully updated." 26 success: "%{name}'s information was successfully updated."
  27 + devise:
  28 + registrations:
  29 + signed_up_but_unconfirmed: 'A message with a confirmation link has been sent to your email address. Please open the link to activate your account.'
  30 + signed_up_but_inactive: 'You have signed up successfully. However, we could not sign you in because your account is not yet activated.'
  31 + signed_up_but_locked: 'You have signed up successfully. However, we could not sign you in because your account is locked.'
  32 + omniauth_callbacks:
  33 + failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
  34 + success: "Successfully authenticated from %{kind} account."
spec/acceptance/sign_in_with_github_spec.rb
  Diff comments   View file @1c6e944
@@ -11,7 +11,7 @@ feature &#39;Sign in with GitHub&#39; do @@ -11,7 +11,7 @@ feature &#39;Sign in with GitHub&#39; do
11 11
12 visit '/' 12 visit '/'
13 click_link 'Sign in with GitHub' 13 click_link 'Sign in with GitHub'
14 - page.should have_content 'Successfully authorized from GitHub account' 14 + page.should have_content I18n.t("devise.omniauth_callbacks.success", :kind => 'GitHub')
15 end 15 end
16 16
17 scenario 'reject unrecognized user if authenticating via GitHub' do 17 scenario 'reject unrecognized user if authenticating via GitHub' do