v0.1.42 (2017-05-17)
Closed issues:
- devise_token_auth blocks upgrade to Rails 5.1.0 #875
Merged pull requests:
- Support for devise 4.3 that is now supporting rails 5.1 #891 (silviusimeria)
Implemented enhancements:
Fixed bugs:
Closed issues:
- Can´t retrieve access token in login response headers #877
- how do I login a user after account signup? #866
- Can only register one account. #858
- No access-token in the header #855
- Headers not present in all requests #851
- uninitialized constant SECRET_KEY_BASE #845
- devise_token_auth: can't work with Rails subdomain. #831
- Question: email confirmation token URI with Rails API #824
- readme code for controller override needs a slight change #819
- Support for multiple providers during same session #815
- not supporting for angular1.6 #810
- Add has one/belongs to assotiation #807
- redirect_url required but not permitted in strong parameters #805
- Data leak on create password reset #797
- Rails 5 API Mode Not Authorizing #796
- wrong constant name user #784
- current_user returns nill #779
- ActionController::RoutingError - undefined method `helper_method' #776
- Minimum Limits on a token? #764
- Octopus throwing error when deleting expired tokens #761
- Only one User model return the correct headers #757
- ArgumentError in Devise::RegistrationsController#new #750
- OAuth (GitHub) redirects to callback url twice #749
- Rails 5 API deployed as microservices #741
- Query params left in url after facebook login cause authentication to fail on refresh #734
- Can't permit parameters in rails engine #731
- Cannot integrate with omniauth-facebook #729
- Two models, one not working #726
- API response bodies are empty when using active_model_serializers #715
- /sign_out route is returning 404 not found #713
- Why is
tokens
field a json type and how to create a query based on inside values? #707 - Deprecation Error Message on 5.0 #698
- "Covert Redirect" Vulnerability #696
- No route matches [POST] "/api/v1/auth" #694
- Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
- using devise_token_auth for API alongside standard devise gem for HTML view #689
- No Headers after sign_in for new Users created by Admin #685
- NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
- Fast page refresh problem #683
- IndexError: string not matched on User sign_in #681
- skip_confirmation_notification! not working #679
- rails g devise_token_auth:install User auth hangs and does nothing #671
- Bump version to support devise 4.1.1 #659
- callback :set_user_by_token has not been defined #649
- Issues with active_model_serializers #644
- Error with devise #643
- undefined method `token_validation_response' #635
- when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
- Relax devise dependency to allow 4.1 #631
- Rails 5 generator doesn't insert concern #627
- NoMethodError (undefined method `find_by_uid') in production. #625
- Why is password confirmation required ? #624
- Curl not working for sign_in but works on ng-token-angular #620
- After Sign-in success, The following requests on Angular side are unauthorized. #619
- Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
- :authenticate_user! wired behaviour #614
- current_user is nil, request headers are all upcased and prefixed with HTML_ #611
- Problem in generated routes #607
- Rails 5 API Mode - no headers in response #606
- Filter chain halted as :authenticate_user! rendered or redirected #603
- 422 Unprocessable Entity when using local IP address #601
- not working with latest version of active_model_serializers #600
- overriding rendering methods in devise_token_auth #597
- redirect_url is missing in email instructions sent to the user for password reset #588
- Unpermitted parameter: {"email":"[email protected]","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
- can't authenticate user when opening a new download tab #582
- Mails are not being sent #581
- current_user seems to be nil after doing requests from different tabs #579
- Do we have any rspec helpers to sign_in an user? #577
- Cannot override json response of authenticate_user! #575
- return custom json data after sign_in #567
- /auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
- Where is the access key of omniauth provider? #549
- How this gem is different from a JWT system? #543
- Improper formatting for JSON API error/success responses #536
- Is it a hybrid authentication system? #527
- check_current_password_before_update still requires password when resetting password #526
- Manually authenticate for testing #521
- Support for STI #517
- DEPRECATION WARNING: alias_method_chain is deprecated #514
- JSON responses don't fit JSON_API requirements #512
- Not working with rails 5 and devise master #504
- Unpermitted parameters: confirm_success_url, config_name, registration #501
- set_user_by_token not defined in production for rails 5 #500
- Master branch no longer working with devise master branch (version error) #498
- uid is not getting set in git revision 996b9cf23a18 #497
- ve_model_serializer namespace #492
- User remains logged in when using devise and devise_token_auth in the same app #486
- DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
- validate_token - resource_name - undefined method `name' for nil:NilClass #480
- Helpers being loaded for Rails API's #468
- Unable to call
rails g devise\_token\_auth:install
within rails engine #465 - locales
errors.messages.already\_in\_use
seems broken #463 - It shows "An error occurred" after omniauth callback #445
- Put Access Token in body #442
- Unable to add a new param for sign up #440
- Undefined method provider from devise_toke_auth concerns/user.rb #438
- Scoped DeviseToken but it still affects the original Omniauth redirects. #429
- Can't create user via api #422
- Password Reset question, do I need my own form? #418
- Large Size on Disk #415
- The validate_token function in the readme is missing a parameter #413
- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
- change_headers_on_each_request and batch requests #403
- Multiple users, returning(and creating) wrong model's auth token #399
- Can't verify CSRF token authenticity #398
- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
- Sign in not success. #388
- password length #380
- Devise token auth not found routing error #379
- Defining a custom primary key #378
- seeing other users data after login/out with different users on ionic #375
- omniauth: when redirecting, user object should not be serialized into url #368
- getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
- omniauth callback redirect not working properly when using namespace/scope #362
- invalid token in method set_user_by_token on RegistrationsController#update #357
- Allow devise patch version updates #351
- Error validating token #348
- Restricting access to controllers methods #340
- Allow for HTTP Basic Auth ? #337
- Allow Omniauth user reset password #335
- NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
- Unpermitted parameters: format, session #328
- Concern causes app to connect to database when precompiling assets. #327
- devise token auth + Save Facebook auth_hash info in database #326
- Error sending password reset email when not using confirmable (reopened #124) #321
- Routing error / Preflight request / OPTIONS #320
- delete tokens after password change #318
- Can't authorize (user_signed_in? always show false) #315
- Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
- Having 401 Unauthorized only with mobile #305
- remove unused nickname, image from user object #304
- HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
- Getting 401's when making requests using iOS/Android clients #299
- undefined method `tokens' for #<Hash:0x000000063f0920> #297
- Confirmation URL giving bad arguments #293
- set_user_by_token not called in overriden controller #291
- Question: Should we send password reset instructions to unconfirmed emails? #287
- NoMethodError (undefined method `[]' for nil:NilClass): #286
- Facebook omniauth redirection is missing url when testing on localhost #285
- No route matches [GET] "/users/facebook/callback" #280
- No route matches [GET] "/omniauth/:provider" #278
- How to refresh token/expiry? #275
- wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
- Can not save a user with nil tokens attribute #271
- Shouldn't validate_token param be access-token, not auth_token? #270
- include associations on login #269
- Failure route not handled #262
- Getting Unauthorized error even after sending the correct token, uid and client #261
- Weird error message #259
- undefined method `provider' for #<User:0x007f49fd5da2e8> #257
- Custom Serializer like ActiveModel Serializer #249
- File download with query params #246
- Info: is devise_token_auth compatible with rails 3.2.19? #245
- Headers required for different methods #243
- Unpermitted parameters: format, session, lang #239
- On sign_in, devise_token_auth expects the uid to be the same as the email #237
- Name conflict with inherited_resources #236
- sign_in will not fetch the token #234
- Remove ('#') symbol when using html5mode in locationProvider #232
- Log in request 401 error #231
- User Registration - "email address already in use" when it is unique #230
- Devise email validation disabled...why? #229
- confirm_success_url error not working #226
- pending_reconfirmation called when confirmable isn't used #224
- omniauth_success.html.erb JSON bug #221
- Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
- Where can I got token? #217
- URI fragment prevent to send params in Confirmation URL #213
- Generating many client tokens #210
- Limit tokens hash? #208
- 500 error returned when no data is POSTed to registration controller #203
- undefined method `match' for nil:NilClass #201
- DELETE method becoming OPTIONS @ Heroku #197
- 40 Mb log file and 1 minute to have token with curl #195
- 401 unauthorized #193
- GET requests to sign_in shouldn't raise an exception #190
- Api not locked by default #189
- Rails 4.1 #187
- Unable to override OmniauthCallbacksController#redirect_callbacks #186
- Devise and devise_token_auth omniauth callbacks #184
- Token based authentication with no sessions #183
- undefined method `authenticate_user!' #182
- confirm_success_url shouldn't be a required param #176
- Provide an OAuth implementation for native apps #175
- getting an argument error when trying to use omniauth #174
- Sign in via username doesn't seem to work correctly. #173
- Cannot use + sign in email address. #171
- How can i authenticate using curl and get private entries ! #167
- Pessimistic Locking produces ArgumentError #165
- POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
- Sign out just on client side ? #161
- Unpermitted parameter: redirect_url #160
- Issues using devise and devise_token_auth #159
- Add role based authorization #158
- Not compatible with ActiveAdmin #156
- [Duplicate] is devise_invitable supported? #154
- User can register with a "false" email #149
- /validate_token #148
- Email confirmation link #147
- Tokens field on database #146
- Twitter OAuth always throughs CookieOverflow #145
- Is there a way to configure apiUrl for both dev and prod? #144
- Getting 401 unauthorized on login attempt #142
- Comparing with jwt #140
- Can't get omniauth to work (error in redirect_callbacks) #139
- Change controller inheritance #138
- Reset Password call returns 400 for Not Found user #137
- The gem is too big. Please take care of it. #136
- Error when loging with facebook the second time without logout #135
- OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
- Missing template /omniauth_response #132
- Unpermitted parameter: session #130
- OAuth error: We're sorry, but something went wrong #129
- Would it be useful to integrate login with username ? #127
- Sign in with login instead of email #126
- Error sending password reset email when not using confirmable #124
- Using expired token for parallel calls #123
- User tokens don't properly deserialize #121
- OmniauthCallbacksController#omniauth_success wrong number of arguments (1 for 0) #119
- Could not load 'omniauth' #118
- bad argument (expected URI object or URI string) #116
- devise_token_auth for public API, but devise for rest of app? #114
- Omniauthable deleted on UsersConcern : Why ? #111
- Unrequired route #110
- raises NoMethodError instead of displaying error when email is missing #108
- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
- Circular dependency detected while autoloading constant Api #106
- Can't Authenticate via cURL #105
- Unpermitted parameters: user, registration #104
- BCrypt::Errors::InvalidSalt errors #103
- Active job token expiring integration #102
- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
- Disable confirmable #99
- responders - rails 4.2 #98
- forward skip to devise #97
- API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
- Overwriting default "from" email address #94
- uninitialized constant DeviseTokenAuth #92
- change_headers_on_each_request not working expiry header empty #90
- Gem render consistency #87
- Sample Sessions Controller for logging in via Rails View. #86
- Change authorization key: Use phone_number instead of email #84
- Conflict with active_admin gem #83
- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
- All the APIs are getting 'Authorized users only' #81
- Is Devise option Rememberable required ? #80
- Problem with skip_confirmation! #78
- Cannot reset password if registered by omniauth #77
- NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
- Remove dependency on ActiveRecord #72
- Skipping Registrations Controller Altogether #70
- Problem in validate_token if the model is in a namespace #69
- Cannot send confirmation email if there is no 'User' model #68
- Better guidelines for contributors #65
- admin namespace #63
- Devise trackable module not working #62
- Devise_token_auth without OmniAuth authentication #60
- Reset Password error #59
- Confirmable - unconfirmed email #58
- Email Column Isn't Used for Database Authentication #56
- Unique Key for Provider and UID Combination #55
- User Info in separate table or removed #53
- rename @user to @resource #48
- Active_admin issue #47
- Possible Logout Issue #46
- Routes not appended to routes.rb #45
- Return resource.errors.full_messages in addition to resource.errors #44
- Devise and Devise_Token_Auth in api namespace #43
- Trackable attributes are not being updated. #42
- Avoid using respond_to in application controller #41
- devise_token_auth assumes you want the :confirmable functionality #40
- undefined method `match' for nil:NilClass #39
- Expired token aren't removed when session expires #38
- sign_up helper #37
- self.tokens[client_id]['token'] != token #30
- How is the uid generated for non-omniauth users? #29
- Access to current_user variable? #28
- Filter chain halted as :require_no_authentication #27
- Allow additional parameters for registration #25
- Cannot add more parameters at sign_up #22
- Error on Registration #21
- Error with authentication #20
- Cascade of Issues with Omniauth(?) #18
- Batch Requests Respond with Original Auth Token #17
- Sign out with email provider error #16
- sessions_controller.rb #12
- Github login in example is broken #10
- Facebook auth is broken #9
- Generator is not working #8
- Test ticket from Code Climate #6
- Test ticket from Code Climate #5
- extending the devise_token_auth user model #4
- A few ideas #3
- Google Oauth2 does not set cookies in production. #1
Merged pull requests:
- Translate message: Authorized users only through devise #883 (vincenzodev)
- Updated generator test code to work with rails 5 #872 (jrhee17)
- use URI::HTTPS to generate HTTPS redirects #864 (cgc)
- Rename find_by methods #860 (alex-lairan)
- Support for Devise 4.2.1 #852 (ckho)
- Add Albanian locale #842 (fatosmorina)
- Update german translation. #816 (gobijan)
- Prevent getting table info if not connected to db #814 (cbliard)
- Add support for italian locale #811 (Chosko)
- Fix privacy issue with password reset request #808 (biomancer)
- Add missing parameter :redirect_url, fixes #805 #806 (Rush)
- Fix language errors in German locale #800 (morgler)
- Don't send extra data on request password reset #798 (Mrjaco12)
- Travis: use the code_climate addon config #786 (olleolleolle)
- Update link #782 (dijonkitchen)
- Add index for confirmation_token #767 (dijonkitchen)
- Fixes constructing redirect_route #765 (piotrkaczmarek)
- Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
- Add Romanian locale. #743 (razvanmitre)
- Ruby syntax: replace and/not with &&/! #733 (olleolleolle)
- Update indexes on template #724 (dijonkitchen)
- Add an extra line to the "contributing" list #720 (jahammo2)
- Fix grammar #712 (dijonkitchen)
- Added reference to Angular2-Token to README #710 (neroniaky)
- feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)
- Fix Migration Deprecation Warning #700 (juddey)
- Apply
redirect\_whitelist
to OAuth redirect URI. #699 (lynndylanhurley) - add zh-CN.yml #697 (halfray)
- update README.md #693 (nhattan)
- Fix for issue #600 #674 (milep)
- Use lockable devise option and unlock controller overwrite #669 (genaromadrid)
- Fix setup config example in README #665 (guich-wo)
- added bypass_sign_in for next version of Devise #663 (KendallPark)
- fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
- Tokens count overmuch fixed #650 (JerryGreen)
- updates config wrapper to conform with newer idiom #648 (bvandgrift)
- Adding support for devise 4.1.1 #642 (iainmcg)
- Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
- Fix yields from controller actions #638 (tiagojsag)
- Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
- fix spelling in comment on token auth concern #632 (dandlezzz)
- fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
- Revert "Update readme for headers names" #592 (ash1day)
- Update readme for headers names #589 (ash1day)
- Add info to README #585 (ghost)
- Fix typo and remove trailing spaces #578 (ash1day)
- allowing authenticating using headers as well as a post request #576 (ingolfured)
- Whitespace: tabs removed #574 (olleolleolle)
- Added dutch translations #571 (nschmoller)
- now possible to change headers names in the config file #569 (ingolfured)
- User concern: Ensure fallback is in place #564 (olleolleolle)
- Return resource with top-level 'type' member. #562 (ruimiguelsantos)
- Fix devise mapping #540 (merqlove)
- Make all json responses to be json_api compliant #537 (djsegal)
- Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
- Add Japanese locale and fix typo #530 (metalunk)
- Added omniauth post route #528 (v3rtx)
- Extract model callbacks #525 (merqlove)
- create token when no client_id token #523 (charlesdg)
- Fix enable_standard_devise_support in initializer #518 (halilim)
- Make render_create_success render valid json_api #513 (djsegal)
- Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
- send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
- [REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
- remove deprecations from RegistrationsController #506 (fivetwentysix)
- Allow new devise version for rails 5 compatibility #499 (djsegal)
- Spelling mistake #493 (Tom-Tom)
- Improve Brazilian Portuguese locale #491 (ssouza)
- fix namespaced mapping name #484 (paulosoares86)
- Locale file for both zh-TW and zh-HK #483 (SunnyTam)
- Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
- Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
- removing old tokens when user changes passwords #474 (paulosoares86)
- Move travis to container based configuration #470 (ValentinTrinque)
- Prevent helpers being loaded for Rails API’s #469 (djsegal)
- Reduce dependencies to allow Rails 5.0 #467 (djsegal)
- Fix locales
errors.messages.already\_in\_use
+ clean up #466 (ValentinTrinque) - Added 401 response to failed group authentication #446 (rstrobl)
- RU translations #441 (yivo)
- to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
- limiting the number of concurrent devices #434 (paulosoares86)
- Raise error in controller method #430 (ArneZsng)
- feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
- Support for i18n in mailers views #427 (ponyesteves)
- Fix omniauthredirection when under scopes #425 (xjunior)
- Translation to German #423 (haslinger)
- fix(url): preserve query parameters when building urls #421 (nbrustein)
- Change default message for already in use error and added to english … #417 (ponyesteves)
- Issue #413 #414 (Carrigan)
- Add .ruby-version entry to .gitignore #412 (xymbol)
- 404 for invalid link with password reset token #411 (rmvenancio)
- Portuguese Translation #409 (rmvenancio)
- Added polish translation. #405 (h3xed)
- Drop .ruby-version file #404 (xymbol)
- Implement hook methods for customized json rendering #384 (neutronz)
- Feature/password reset with check fix #374 (jakubrohleder)
- fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
- Fallback to ActiveModel translations in EmailValidator #369 (yivo)
- Add a Gitter chat badge to README.md #360 (gitter-badger)
- Improvements to the docs. #358 (aarongray)
- Add description to readme about the devise.rb initializer. #356 (aarongray)
- Correct handling namespaced resources #355 (yivo)
- Fix concern not being inserted for rails-api apps. #350 (aarongray)
- Add documentation to explain gotcha with rails-api. #349 (aarongray)
- Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
- #340 Restrict access to controllers methods #341 (gkopylov)
- fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
- add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
- Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
- Fixed error when using standard devise authentication #329 (colavitam)
- feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
- Fix invalid omniauth redirect #322 (troggy)
- Old password check before password update #317 (jakubrohleder)
- Remove erroneous colon from before_action callback #310 (jmliu)
- Disabled serialization for JSON type columns #306 (colavitam)
- Set default provider to "email" in migration #302 (colavitam)
- Fix an issue for not :confirmable users #296 (sebfie)
- Update README.md #295 (adisos)
- Fix MOUNT_PATH 'Read More' link #294 (jmliu)
- Don't send password reset instructions to unconfirmed email #288 (coryschires)
- Feature/i18n support #283 (sebfie)
- Update documentation for validate_token #277 (adamgall)
- Added json support for tokens #276 (shicholas)
- perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
- perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
- fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
- fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
- feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
- fix(sessions controller): call reset_session on destroy #251 (nbrustein)
- fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
- Allow current_password to be supplied when updating profile. #240 (jasonswett)
- fixes password reset when not using confirmable #225 (aesnyder)
- Fix error when email missing from registration params #220 (iangreenleaf)
- URI fragment should appear at the end of URL #214 (edymerchk)
- Super block yield (all controllers) #209 (sgwilym)
- Super block yield #207 (sgwilym)
- Ability to localize error message #206 (lda)
- remove fragment sign ("#") from URLs without fragment #205 (tomdov)
- Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
- Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
- Authenticating an existing Warden/Devise User #200 (nickL)
- GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
- Some missing as_json ? #152 (nicolas-besnard)
- Check email format on registration #150 (nicolas-besnard)
- Actual header key uses dashes, not underscores. #143 (ragaskar)
- Username register login #128 (nicolas-besnard)
- Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
- Fix links to section about controller integration. #117 (Le6ow5k1)
- document GET for /validate_token #113 (lukaselmer)
- Fix small error in documentation. #91 (edgarhenriquez)
- Exclude devise modules #85 (jartek)
- fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
- Add better guidelines for contributors. #67 (edgarhenriquez)
- Use resource_class to override email confirmation. #64 (edgarhenriquez)
- fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
- fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
- Include resource.errors.full_messages in error response. #50 (jasonswett)
- fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
- Update README with Example Generator Command #35 (wwilkins)
- Remove OmniAuth dependency #26 (hannahhoward)
- Update README.md #24 (davidsavoya)
- guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
- Fix expiry data type #11 (lonre)
- README and travis config tweaks #7 (guilhermesimoes)
v0.1.40 (2017-01-20)
Closed issues:
- Support for multiple providers during same session #815
- not supporting for angular1.6 #810
- Add has one/belongs to assotiation #807
- redirect_url required but not permitted in strong parameters #805
- Rails 5 API Mode Not Authorizing #796
- wrong constant name user #784
- current_user returns nill #779
- ActionController::RoutingError - undefined method `helper_method' #776
- Minimum Limits on a token? #764
- Octopus throwing error when deleting expired tokens #761
- Only one User model return the correct headers #757
- ArgumentError in Devise::RegistrationsController#new #750
- Rails 5 API deployed as microservices #741
- Query params left in url after facebook login cause authentication to fail on refresh #734
- Can't permit parameters in rails engine #731
- Cannot integrate with omniauth-facebook #729
- Two models, one not working #726
- API response bodies are empty when using active_model_serializers #715
- /sign_out route is returning 404 not found #713
- Why is
tokens
field a json type and how to create a query based on inside values? #707 - Deprecation Error Message on 5.0 #698
Merged pull requests:
- Update german translation. #816 (gobijan)
- Add support for italian locale #811 (Chosko)
- Fix privacy issue with password reset request #808 (biomancer)
- Add missing parameter :redirect_url, fixes #805 #806 (Rush)
- Fix language errors in German locale #800 (morgler)
- Don't send extra data on request password reset #798 (Mrjaco12)
- Travis: use the code_climate addon config #786 (olleolleolle)
- Update link #782 (dijonkitchen)
- Add index for confirmation_token #767 (dijonkitchen)
- Fixes constructing redirect_route #765 (piotrkaczmarek)
- Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
- Add Romanian locale. #743 (razvanmitre)
- Update indexes on template #724 (dijonkitchen)
- Add an extra line to the "contributing" list #720 (jahammo2)
- Fix grammar #712 (dijonkitchen)
- Added reference to Angular2-Token to README #710 (neroniaky)
- feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)
v0.1.39 (2016-08-16)
Closed issues:
- "Covert Redirect" Vulnerability #696
- No route matches [POST] "/api/v1/auth" #694
- Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
- using devise_token_auth for API alongside standard devise gem for HTML view #689
- No Headers after sign_in for new Users created by Admin #685
- NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
- Fast page refresh problem #683
- IndexError: string not matched on User sign_in #681
- skip_confirmation_notification! not working #679
- Bump version to support devise 4.1.1 #659
- not working with latest version of active_model_serializers #600
Merged pull requests:
- Fix Migration Deprecation Warning #700 (juddey)
- Apply
redirect\_whitelist
to OAuth redirect URI. #699 (lynndylanhurley) - add zh-CN.yml #697 (halfray)
- update README.md #693 (nhattan)
Implemented enhancements:
Fixed bugs:
Closed issues:
- rails g devise_token_auth:install User auth hangs and does nothing #671
- callback :set_user_by_token has not been defined #649
- Issues with active_model_serializers #644
- Error with devise #643
- undefined method `token_validation_response' #635
- when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
- Relax devise dependency to allow 4.1 #631
- Rails 5 generator doesn't insert concern #627
- NoMethodError (undefined method `find_by_uid') in production. #625
- Curl not working for sign_in but works on ng-token-angular #620
- After Sign-in success, The following requests on Angular side are unauthorized. #619
- Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
- :authenticate_user! wired behaviour #614
- current_user is nil, request headers are all upcased and prefixed with HTML_ #611
- Problem in generated routes #607
- Rails 5 API Mode - no headers in response #606
- Filter chain halted as :authenticate_user! rendered or redirected #603
- 422 Unprocessable Entity when using local IP address #601
- overriding rendering methods in devise_token_auth #597
- redirect_url is missing in email instructions sent to the user for password reset #588
- Unpermitted parameter: {"email":"[email protected]","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
- can't authenticate user when opening a new download tab #582
- Mails are not being sent #581
- current_user seems to be nil after doing requests from different tabs #579
- Do we have any rspec helpers to sign_in an user? #577
- Cannot override json response of authenticate_user! #575
- return custom json data after sign_in #567
- /auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
- Where is the access key of omniauth provider? #549
- How this gem is different from a JWT system? #543
- Improper formatting for JSON API error/success responses #536
- Is it a hybrid authentication system? #527
- check_current_password_before_update still requires password when resetting password #526
- Manually authenticate for testing #521
- Support for STI #517
- JSON responses don't fit JSON_API requirements #512
- Not working with rails 5 and devise master #504
- Unpermitted parameters: confirm_success_url, config_name, registration #501
- set_user_by_token not defined in production for rails 5 #500
- Master branch no longer working with devise master branch (version error) #498
- uid is not getting set in git revision 996b9cf23a18 #497
- ve_model_serializer namespace #492
- User remains logged in when using devise and devise_token_auth in the same app #486
- DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
- validate_token - resource_name - undefined method `name' for nil:NilClass #480
- Helpers being loaded for Rails API's #468
- Unable to call
rails g devise\_token\_auth:install
within rails engine #465 - locales
errors.messages.already\_in\_use
seems broken #463 - It shows "An error occurred" after omniauth callback #445
- Put Access Token in body #442
- Unable to add a new param for sign up #440
- Undefined method provider from devise_toke_auth concerns/user.rb #438
- Scoped DeviseToken but it still affects the original Omniauth redirects. #429
- Can't create user via api #422
- Password Reset question, do I need my own form? #418
- Large Size on Disk #415
- The validate_token function in the readme is missing a parameter #413
- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
- change_headers_on_each_request and batch requests #403
- Multiple users, returning(and creating) wrong model's auth token #399
- Can't verify CSRF token authenticity #398
- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
- Sign in not success. #388
- password length #380
- Devise token auth not found routing error #379
- Defining a custom primary key #378
- seeing other users data after login/out with different users on ionic #375
- omniauth: when redirecting, user object should not be serialized into url #368
- getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
- omniauth callback redirect not working properly when using namespace/scope #362
- invalid token in method set_user_by_token on RegistrationsController#update #357
- Allow devise patch version updates #351
- Error validating token #348
- Allow for HTTP Basic Auth ? #337
- Allow Omniauth user reset password #335
- NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
- Unpermitted parameters: format, session #328
- devise token auth + Save Facebook auth_hash info in database #326
- Error sending password reset email when not using confirmable (reopened #124) #321
- Routing error / Preflight request / OPTIONS #320
- delete tokens after password change #318
- Can't authorize (user_signed_in? always show false) #315
- Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
- Having 401 Unauthorized only with mobile #305
- remove unused nickname, image from user object #304
- HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
- Getting 401's when making requests using iOS/Android clients #299
- undefined method `tokens' for #<Hash:0x000000063f0920> #297
- Confirmation URL giving bad arguments #293
- set_user_by_token not called in overriden controller #291
- Question: Should we send password reset instructions to unconfirmed emails? #287
- NoMethodError (undefined method `[]' for nil:NilClass): #286
- Facebook omniauth redirection is missing url when testing on localhost #285
- No route matches [GET] "/users/facebook/callback" #280
- No route matches [GET] "/omniauth/:provider" #278
- How to refresh token/expiry? #275
- wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
- Can not save a user with nil tokens attribute #271
- Shouldn't validate_token param be access-token, not auth_token? #270
- include associations on login #269
- Failure route not handled #262
- Getting Unauthorized error even after sending the correct token, uid and client #261
- Weird error message #259
- undefined method `provider' for #<User:0x007f49fd5da2e8> #257
- Custom Serializer like ActiveModel Serializer #249
- File download with query params #246
- Info: is devise_token_auth compatible with rails 3.2.19? #245
- Headers required for different methods #243
- Unpermitted parameters: format, session, lang #239
- On sign_in, devise_token_auth expects the uid to be the same as the email #237
- Name conflict with inherited_resources #236
- sign_in will not fetch the token #234
- Remove ('#') symbol when using html5mode in locationProvider #232
- Log in request 401 error #231
- User Registration - "email address already in use" when it is unique #230
- Devise email validation disabled...why? #229
- confirm_success_url error not working #226
- pending_reconfirmation called when confirmable isn't used #224
- omniauth_success.html.erb JSON bug #221
- Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
- Where can I got token? #217
- URI fragment prevent to send params in Confirmation URL #213
- Generating many client tokens #210
- Limit tokens hash? #208
- 500 error returned when no data is POSTed to registration controller #203
- undefined method `match' for nil:NilClass #201
- DELETE method becoming OPTIONS @ Heroku #197
- 40 Mb log file and 1 minute to have token with curl #195
- 401 unauthorized #193
- GET requests to sign_in shouldn't raise an exception #190
- Api not locked by default #189
- Rails 4.1 #187
- Unable to override OmniauthCallbacksController#redirect_callbacks #186
- Token based authentication with no sessions #183
- undefined method `authenticate_user!' #182
- confirm_success_url shouldn't be a required param #176
- Provide an OAuth implementation for native apps #175
- getting an argument error when trying to use omniauth #174
- Sign in via username doesn't seem to work correctly. #173
- Cannot use + sign in email address. #171
- How can i authenticate using curl and get private entries ! #167
- Pessimistic Locking produces ArgumentError #165
- POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
- Sign out just on client side ? #161
- Unpermitted parameter: redirect_url #160
- Issues using devise and devise_token_auth #159
- Add role based authorization #158
- Not compatible with ActiveAdmin #156
- [Duplicate] is devise_invitable supported? #154
- User can register with a "false" email #149
- /validate_token #148
- Email confirmation link #147
- Tokens field on database #146
- Twitter OAuth always throughs CookieOverflow #145
- Is there a way to configure apiUrl for both dev and prod? #144
- Getting 401 unauthorized on login attempt #142
- Comparing with jwt #140
- Can't get omniauth to work (error in redirect_callbacks) #139
- Change controller inheritance #138
- Reset Password call returns 400 for Not Found user #137
- The gem is too big. Please take care of it. #136
- Error when loging with facebook the second time without logout #135
- OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
- Missing template /omniauth_response #132
- Unpermitted parameter: session #130
- OAuth error: We're sorry, but something went wrong #129
- Would it be useful to integrate login with username ? #127
- Sign in with login instead of email #126
- Error sending password reset email when not using confirmable #124
- Using expired token for parallel calls #123
- User tokens don't properly deserialize #121
- Could not load 'omniauth' #118
- bad argument (expected URI object or URI string) #116
- devise_token_auth for public API, but devise for rest of app? #114
- Omniauthable deleted on UsersConcern : Why ? #111
- Unrequired route #110
- raises NoMethodError instead of displaying error when email is missing #108
- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
- Circular dependency detected while autoloading constant Api #106
- Can't Authenticate via cURL #105
- Unpermitted parameters: user, registration #104
- BCrypt::Errors::InvalidSalt errors #103
- Active job token expiring integration #102
- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
- Disable confirmable #99
- responders - rails 4.2 #98
- forward skip to devise #97
- API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
- Overwriting default "from" email address #94
- uninitialized constant DeviseTokenAuth #92
- change_headers_on_each_request not working expiry header empty #90
- Gem render consistency #87
- Sample Sessions Controller for logging in via Rails View. #86
- Change authorization key: Use phone_number instead of email #84
- Conflict with active_admin gem #83
- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
- All the APIs are getting 'Authorized users only' #81
- Is Devise option Rememberable required ? #80
- Problem with skip_confirmation! #78
- Cannot reset password if registered by omniauth #77
- NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
- Remove dependency on ActiveRecord #72
- Skipping Registrations Controller Altogether #70
- Problem in validate_token if the model is in a namespace #69
- Cannot send confirmation email if there is no 'User' model #68
- Better guidelines for contributors #65
- admin namespace #63
- Devise trackable module not working #62
- Devise_token_auth without OmniAuth authentication #60
- Reset Password error #59
- Confirmable - unconfirmed email #58
- Email Column Isn't Used for Database Authentication #56
- Unique Key for Provider and UID Combination #55
- User Info in separate table or removed #53
- rename @user to @resource #48
- Active_admin issue #47
- Possible Logout Issue #46
- Routes not appended to routes.rb #45
- Return resource.errors.full_messages in addition to resource.errors #44
- Devise and Devise_Token_Auth in api namespace #43
- Trackable attributes are not being updated. #42
- Avoid using respond_to in application controller #41
- devise_token_auth assumes you want the :confirmable functionality #40
- undefined method `match' for nil:NilClass #39
- Expired token aren't removed when session expires #38
- sign_up helper #37
- self.tokens[client_id]['token'] != token #30
- How is the uid generated for non-omniauth users? #29
- Access to current_user variable? #28
- Filter chain halted as :require_no_authentication #27
- Allow additional parameters for registration #25
- Cannot add more parameters at sign_up #22
- Error on Registration #21
- Error with authentication #20
- Cascade of Issues with Omniauth(?) #18
- Batch Requests Respond with Original Auth Token #17
- Sign out with email provider error #16
- sessions_controller.rb #12
- Github login in example is broken #10
- Facebook auth is broken #9
- Generator is not working #8
- Test ticket from Code Climate #6
- Test ticket from Code Climate #5
- extending the devise_token_auth user model #4
- A few ideas #3
- Google Oauth2 does not set cookies in production. #1
Merged pull requests:
- Fix for issue #600 #674 (milep)
- Fix setup config example in README #665 (guich-wo)
- added bypass_sign_in for next version of Devise #663 (KendallPark)
- fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
- Tokens count overmuch fixed #650 (JerryGreen)
- updates config wrapper to conform with newer idiom #648 (bvandgrift)
- Adding support for devise 4.1.1 #642 (iainmcg)
- Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
- Fix yields from controller actions #638 (tiagojsag)
- Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
- fix spelling in comment on token auth concern #632 (dandlezzz)
- fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
- Revert "Update readme for headers names" #592 (y4ashida)
- Update readme for headers names #589 (y4ashida)
- Add info to README #585 (ghost)
- Fix typo and remove trailing spaces #578 (y4ashida)
- allowing authenticating using headers as well as a post request #576 (ingolfured)
- Whitespace: tabs removed #574 (olleolleolle)
- Added dutch translations #571 (nschmoller)
- now possible to change headers names in the config file #569 (ingolfured)
- User concern: Ensure fallback is in place #564 (olleolleolle)
- Return resource with top-level 'type' member. #562 (ruimiguelsantos)
- Fix devise mapping #540 (merqlove)
- Make all json responses to be json_api compliant #537 (djsegal)
- Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
- Add Japanese locale and fix typo #530 (metalunk)
- Added omniauth post route #528 (v3rtx)
- Extract model callbacks #525 (merqlove)
- create token when no client_id token #523 (charlesdg)
- Fix enable_standard_devise_support in initializer #518 (halilim)
- Make render_create_success render valid json_api #513 (djsegal)
- Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
- send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
- [REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
- remove deprecations from RegistrationsController #506 (fivetwentysix)
- Allow new devise version for rails 5 compatibility #499 (djsegal)
- Spelling mistake #493 (Tom-Tom)
- Improve Brazilian Portuguese locale #491 (ssouza)
- fix namespaced mapping name #484 (paulosoares86)
- Locale file for both zh-TW and zh-HK #483 (TravisTam)
- Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
- Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
- removing old tokens when user changes passwords #474 (paulosoares86)
- Move travis to container based configuration #470 (ValentinTrinque)
- Prevent helpers being loaded for Rails API’s #469 (djsegal)
- Reduce dependencies to allow Rails 5.0 #467 (djsegal)
- Fix locales
errors.messages.already\_in\_use
+ clean up #466 (ValentinTrinque) - Added 401 response to failed group authentication #446 (rstrobl)
- RU translations #441 (yivo)
- to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
- limiting the number of concurrent devices #434 (paulosoares86)
- Raise error in controller method #430 (ArneZsng)
- feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
- Support for i18n in mailers views #427 (ponyesteves)
- Fix omniauthredirection when under scopes #425 (xjunior)
- Translation to German #423 (haslinger)
- fix(url): preserve query parameters when building urls #421 (nbrustein)
- Change default message for already in use error and added to english … #417 (ponyesteves)
- Issue #413 #414 (Carrigan)
- Add .ruby-version entry to .gitignore #412 (xymbol)
- 404 for invalid link with password reset token #411 (rmvenancio)
- Portuguese Translation #409 (rmvenancio)
- Added polish translation. #405 (h3xed)
- Drop .ruby-version file #404 (xymbol)
- Implement hook methods for customized json rendering #384 (neutronz)
- Feature/password reset with check fix #374 (jakubrohleder)
- fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
- Fallback to ActiveModel translations in EmailValidator #369 (yivo)
- Add a Gitter chat badge to README.md #360 (gitter-badger)
- Improvements to the docs. #358 (aarongray)
- Add description to readme about the devise.rb initializer. #356 (aarongray)
- Correct handling namespaced resources #355 (yivo)
- Fix concern not being inserted for rails-api apps. #350 (aarongray)
- Add documentation to explain gotcha with rails-api. #349 (aarongray)
- Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
- #340 Restrict access to controllers methods #341 (gkopylov)
- fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
- add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
- Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
- Fixed error when using standard devise authentication #329 (colavitam)
- feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
- Fix invalid omniauth redirect #322 (troggy)
- Old password check before password update #317 (jakubrohleder)
- Remove erroneous colon from before_action callback #310 (jmliu)
- Disabled serialization for JSON type columns #306 (colavitam)
- Set default provider to "email" in migration #302 (colavitam)
- Fix an issue for not :confirmable users #296 (sebfie)
- Update README.md #295 (adisos)
- Fix MOUNT_PATH 'Read More' link #294 (jmliu)
- Don't send password reset instructions to unconfirmed email #288 (coryschires)
- Feature/i18n support #283 (sebfie)
- Update documentation for validate_token #277 (adamgall)
- Added json support for tokens #276 (shicholas)
- perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
- perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
- fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
- fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
- feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
- fix(sessions controller): call reset_session on destroy #251 (nbrustein)
- fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
- Allow current_password to be supplied when updating profile. #240 (jasonswett)
- fixes password reset when not using confirmable #225 (aesnyder)
- Fix error when email missing from registration params #220 (iangreenleaf)
- URI fragment should appear at the end of URL #214 (edymerchk)
- Super block yield (all controllers) #209 (sgwilym)
- Super block yield #207 (sgwilym)
- Ability to localize error message #206 (lda)
- remove fragment sign ("#") from URLs without fragment #205 (tomdov)
- Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
- Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
- Authenticating an existing Warden/Devise User #200 (nickL)
- GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
- Some missing as_json ? #152 (nicolas-besnard)
- Check email format on registration #150 (nicolas-besnard)
- Actual header key uses dashes, not underscores. #143 (ragaskar)
- Username register login #128 (nicolas-besnard)
- Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
- Fix links to section about controller integration. #117 (Le6ow5k1)
- document GET for /validate_token #113 (lukaselmer)
- Fix small error in documentation. #91 (edgarhenriquez)
- Exclude devise modules #85 (jartek)
- fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
- Add better guidelines for contributors. #67 (edgarhenriquez)
- Use resource_class to override email confirmation. #64 (edgarhenriquez)
- fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
- fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
- Include resource.errors.full_messages in error response. #50 (jasonswett)
- fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
- Update README with Example Generator Command #35 (wwilkins)
- Remove OmniAuth dependency #26 (hannahhoward)
- Update README.md #24 (davidsavoya)
- guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
- Fix expiry data type #11 (lonre)
- README and travis config tweaks #7 (guilhermesimoes)
0.1.37 (2016-01-26)
Closed issues:
- Not working with rails 5 and devise master #504
- Unpermitted parameters: confirm_success_url, config_name, registration #501
- Master branch no longer working with devise master branch (version error) #498
- uid is not getting set in git revision 996b9cf23a18 #497
- ve_model_serializer namespace #492
- User remains logged in when using devise and devise_token_auth in the same app #486
- DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
- validate_token - resource_name - undefined method `name' for nil:NilClass #480
- Helpers being loaded for Rails API's #468
- locales
errors.messages.already\_in\_use
seems broken #463 - omniauth callback redirect not working properly when using namespace/scope #362
- delete tokens after password change #318
Merged pull requests:
- send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
- [REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
- remove deprecations from RegistrationsController #506 (fivetwentysix)
- Allow new devise version for rails 5 compatibility #499 (djsegal)
- Spelling mistake #493 (Tom-Tom)
- Improve Brazilian Portuguese locale #491 (ssouza)
- fix namespaced mapping name #484 (paulosoares86)
- Locale file for both zh-TW and zh-HK #483 (TravisTam)
- Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
- Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
- removing old tokens when user changes passwords #474 (paulosoares86)
- Move travis to container based configuration #470 (ValentinTrinque)
- Prevent helpers being loaded for Rails API’s #469 (djsegal)
- Reduce dependencies to allow Rails 5.0 #467 (djsegal)
- Fix locales
errors.messages.already\_in\_use
+ clean up #466 (ValentinTrinque) - Fix omniauthredirection when under scopes #425 (xjunior)
v0.1.37.beta4 (2015-12-10)
Closed issues:
- It shows "An error occurred" after omniauth callback #445
- Put Access Token in body #442
- Unable to add a new param for sign up #440
- Undefined method provider from devise_toke_auth concerns/user.rb #438
- Scoped DeviseToken but it still affects the original Omniauth redirects. #429
- Can't create user via api #422
- change_headers_on_each_request and batch requests #403
- password length #380
- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
- undefined method `tokens' for #<Hash:0x000000063f0920> #297
- Generating many client tokens #210
Merged pull requests:
- RU translations #441 (yivo)
- to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
- limiting the number of concurrent devices #434 (paulosoares86)
- Raise error in controller method #430 (ArneZsng)
- feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
- Support for i18n in mailers views #427 (ponyesteves)
- Translation to German #423 (haslinger)
- fix(url): preserve query parameters when building urls #421 (nbrustein)
- Fallback to ActiveModel translations in EmailValidator #369 (yivo)
v0.1.37.beta3 (2015-10-27)
Closed issues:
- Password Reset question, do I need my own form? #418
- seeing other users data after login/out with different users on ionic #375
v0.1.37.beta2 (2015-10-25)
Closed issues:
- The validate_token function in the readme is missing a parameter #413
Merged pull requests:
- Change default message for already in use error and added to english … #417 (ponyesteves)
- Issue #413 #414 (Carrigan)
- 404 for invalid link with password reset token #411 (rmvenancio)
v0.1.37.beta1 (2015-10-25)
Closed issues:
- Large Size on Disk #415
- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
- Devise token auth not found routing error #379
- undefined method `match' for nil:NilClass #201
Merged pull requests:
- Add .ruby-version entry to .gitignore #412 (xymbol)
- Portuguese Translation #409 (rmvenancio)
- Drop .ruby-version file #404 (xymbol)
- Feature/password reset with check fix #374 (jakubrohleder)
v0.1.36 (2015-10-13)
v0.1.35 (2015-10-13)
Fixed bugs:
- Generator doesn't work correctly with mongoid and/or rails-api #14
Closed issues:
- Multiple users, returning(and creating) wrong model's auth token #399
- Sign in not success. #388
- Defining a custom primary key #378
- omniauth: when redirecting, user object should not be serialized into url #368
- getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
- invalid token in method set_user_by_token on RegistrationsController#update #357
- Allow devise patch version updates #351
- Error validating token #348
- Allow for HTTP Basic Auth ? #337
- Allow Omniauth user reset password #335
- NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
- Unpermitted parameters: format, session #328
- devise token auth + Save Facebook auth_hash info in database #326
- Error sending password reset email when not using confirmable (reopened #124) #321
- Facebook omniauth redirection is missing url when testing on localhost #285
- Failure route not handled #262
- Unable to override OmniauthCallbacksController#redirect_callbacks #186
Merged pull requests:
- Added polish translation. #405 (h3xed)
- Implement hook methods for customized json rendering #384 (neutronz)
- fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
- Add a Gitter chat badge to README.md #360 (gitter-badger)
- Improvements to the docs. #358 (aarongray)
- Add description to readme about the devise.rb initializer. #356 (aarongray)
- Correct handling namespaced resources #355 (yivo)
- Fix concern not being inserted for rails-api apps. #350 (aarongray)
- Add documentation to explain gotcha with rails-api. #349 (aarongray)
- Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
- #340 Restrict access to controllers methods #341 (gkopylov)
- fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
- Fix invalid omniauth redirect #322 (troggy)
v0.1.34 (2015-08-10)
Implemented enhancements:
Fixed bugs:
- Generator issues #13
Closed issues:
- Routing error / Preflight request / OPTIONS #320
- Can't authorize (user_signed_in? always show false) #315
- Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
- Having 401 Unauthorized only with mobile #305
- remove unused nickname, image from user object #304
- HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
- Getting 401's when making requests using iOS/Android clients #299
- Confirmation URL giving bad arguments #293
- set_user_by_token not called in overriden controller #291
- Question: Should we send password reset instructions to unconfirmed emails? #287
- No route matches [GET] "/users/facebook/callback" #280
- No route matches [GET] "/omniauth/:provider" #278
- How to refresh token/expiry? #275
- wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
- Can not save a user with nil tokens attribute #271
- Shouldn't validate_token param be access-token, not auth_token? #270
- include associations on login #269
- Getting Unauthorized error even after sending the correct token, uid and client #261
- Weird error message #259
- undefined method `provider' for #<User:0x007f49fd5da2e8> #257
- File download with query params #246
- Info: is devise_token_auth compatible with rails 3.2.19? #245
- Headers required for different methods #243
- Unpermitted parameters: format, session, lang #239
- On sign_in, devise_token_auth expects the uid to be the same as the email #237
- Name conflict with inherited_resources #236
- sign_in will not fetch the token #234
- Log in request 401 error #231
- User Registration - "email address already in use" when it is unique #230
- Devise email validation disabled...why? #229
- confirm_success_url error not working #226
- pending_reconfirmation called when confirmable isn't used #224
- omniauth_success.html.erb JSON bug #221
- Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
- Where can I got token? #217
- URI fragment prevent to send params in Confirmation URL #213
- Limit tokens hash? #208
- 500 error returned when no data is POSTed to registration controller #203
- DELETE method becoming OPTIONS @ Heroku #197
- 40 Mb log file and 1 minute to have token with curl #195
- 401 unauthorized #193
- GET requests to sign_in shouldn't raise an exception #190
- Api not locked by default #189
- Rails 4.1 #187
- Token based authentication with no sessions #183
- undefined method `authenticate_user!' #182
- confirm_success_url shouldn't be a required param #176
- Provide an OAuth implementation for native apps #175
- getting an argument error when trying to use omniauth #174
- Sign in via username doesn't seem to work correctly. #173
- Cannot use + sign in email address. #171
- How can i authenticate using curl and get private entries ! #167
- Pessimistic Locking produces ArgumentError #165
- POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
- Sign out just on client side ? #161
- Unpermitted parameter: redirect_url #160
- Issues using devise and devise_token_auth #159
- Add role based authorization #158
- Not compatible with ActiveAdmin #156
- [Duplicate] is devise_invitable supported? #154
- User can register with a "false" email #149
- /validate_token #148
- Email confirmation link #147
- Tokens field on database #146
- Twitter OAuth always throughs CookieOverflow #145
- Is there a way to configure apiUrl for both dev and prod? #144
- Getting 401 unauthorized on login attempt #142
- Comparing with jwt #140
- Can't get omniauth to work (error in redirect_callbacks) #139
- Change controller inheritance #138
- Reset Password call returns 400 for Not Found user #137
- The gem is too big. Please take care of it. #136
- Error when loging with facebook the second time without logout #135
- OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
- Missing template /omniauth_response #132
- Unpermitted parameter: session #130
- OAuth error: We're sorry, but something went wrong #129
- Would it be useful to integrate login with username ? #127
- Sign in with login instead of email #126
- Error sending password reset email when not using confirmable #124
- Using expired token for parallel calls #123
- User tokens don't properly deserialize #121
- Could not load 'omniauth' #118
- bad argument (expected URI object or URI string) #116
- devise_token_auth for public API, but devise for rest of app? #114
- Omniauthable deleted on UsersConcern : Why ? #111
- Unrequired route #110
- raises NoMethodError instead of displaying error when email is missing #108
- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
- Circular dependency detected while autoloading constant Api #106
- Can't Authenticate via cURL #105
- Unpermitted parameters: user, registration #104
- BCrypt::Errors::InvalidSalt errors #103
- Active job token expiring integration #102
- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
- Disable confirmable #99
- responders - rails 4.2 #98
- forward skip to devise #97
- API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
- Overwriting default "from" email address #94
- uninitialized constant DeviseTokenAuth #92
- change_headers_on_each_request not working expiry header empty #90
- Gem render consistency #87
- Sample Sessions Controller for logging in via Rails View. #86
- Change authorization key: Use phone_number instead of email #84
- Conflict with active_admin gem #83
- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
- All the APIs are getting 'Authorized users only' #81
- Is Devise option Rememberable required ? #80
- Problem with skip_confirmation! #78
- Cannot reset password if registered by omniauth #77
- NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
- Skipping Registrations Controller Altogether #70
- Problem in validate_token if the model is in a namespace #69
- Cannot send confirmation email if there is no 'User' model #68
- Better guidelines for contributors #65
- admin namespace #63
- Devise trackable module not working #62
- Devise_token_auth without OmniAuth authentication #60
- Reset Password error #59
- Confirmable - unconfirmed email #58
- Email Column Isn't Used for Database Authentication #56
- Unique Key for Provider and UID Combination #55
- User Info in separate table or removed #53
- rename @user to @resource #48
- Active_admin issue #47
- Possible Logout Issue #46
- Routes not appended to routes.rb #45
- Return resource.errors.full_messages in addition to resource.errors #44
- Devise and Devise_Token_Auth in api namespace #43
- Trackable attributes are not being updated. #42
- Avoid using respond_to in application controller #41
- devise_token_auth assumes you want the :confirmable functionality #40
- undefined method `match' for nil:NilClass #39
- Expired token aren't removed when session expires #38
- sign_up helper #37
- self.tokens[client_id]['token'] != token #30
- How is the uid generated for non-omniauth users? #29
- Access to current_user variable? #28
- Filter chain halted as :require_no_authentication #27
- Allow additional parameters for registration #25
- Cannot add more parameters at sign_up #22
- Error on Registration #21
- Error with authentication #20
- Cascade of Issues with Omniauth(?) #18
- Batch Requests Respond with Original Auth Token #17
- Sign out with email provider error #16
- sessions_controller.rb #12
- Github login in example is broken #10
- Facebook auth is broken #9
- Generator is not working #8
- Test ticket from Code Climate #6
- Test ticket from Code Climate #5
- extending the devise_token_auth user model #4
- A few ideas #3
- Google Oauth2 does not set cookies in production. #1
Merged pull requests:
- add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
- Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
- Fixed error when using standard devise authentication #329 (colavitam)
- feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
- Old password check before password update #317 (jakubrohleder)
- Remove erroneous colon from before_action callback #310 (jmliu)
- Disabled serialization for JSON type columns #306 (colavitam)
- Set default provider to "email" in migration #302 (colavitam)
- Fix an issue for not :confirmable users #296 (sebfie)
- Update README.md #295 (adisos)
- Fix MOUNT_PATH 'Read More' link #294 (jmliu)
- Don't send password reset instructions to unconfirmed email #288 (coryschires)
- Feature/i18n support #283 (sebfie)
- Update documentation for validate_token #277 (adamgall)
- Added json support for tokens #276 (shicholas)
- perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
- perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
- fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
- fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
- feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
- fix(sessions controller): call reset_session on destroy #251 (nbrustein)
- fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
- Allow current_password to be supplied when updating profile. #240 (jasonswett)
- fixes password reset when not using confirmable #225 (aesnyder)
- Fix error when email missing from registration params #220 (iangreenleaf)
- URI fragment should appear at the end of URL #214 (edymerchk)
- Super block yield (all controllers) #209 (sgwilym)
- Super block yield #207 (sgwilym)
- Ability to localize error message #206 (lda)
- remove fragment sign ("#") from URLs without fragment #205 (tomdov)
- Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
- Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
- Authenticating an existing Warden/Devise User #200 (nickL)
- GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
- Some missing as_json ? #152 (nicolas-besnard)
- Check email format on registration #150 (nicolas-besnard)
- Actual header key uses dashes, not underscores. #143 (ragaskar)
- Username register login #128 (nicolas-besnard)
- Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
- Fix links to section about controller integration. #117 (Le6ow5k1)
- document GET for /validate_token #113 (lukaselmer)
- Fix small error in documentation. #91 (edgarhenriquez)
- Exclude devise modules #85 (jartek)
- fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
- Add better guidelines for contributors. #67 (edgarhenriquez)
- Use resource_class to override email confirmation. #64 (edgarhenriquez)
- fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
- fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
- Include resource.errors.full_messages in error response. #50 (jasonswett)
- fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
- Update README with Example Generator Command #35 (wwilkins)
- Remove OmniAuth dependency #26 (hannahhoward)
- Update README.md #24 (davidsavoya)
- guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
- Fix expiry data type #11 (lonre)
- README and travis config tweaks #7 (guilhermesimoes)
* This Change Log was automatically generated by github_changelog_generator
* This Change Log was automatically generated by github_changelog_generator
* This Change Log was automatically generated by github_changelog_generator
* This Change Log was automatically generated by github_changelog_generator
* This Change Log was automatically generated by github_changelog_generator