v1.1.3 (2019-09-26)
Fixed bugs:
- XSS and Open Redirect #1332
- fix(omniauth): fix CVE-2019-16751 #1342 (booleanbetrayal)
Closed issues:
- Rails 6.0 #1334
- CookieOverflow with #1322
- Confirmations controller route error not found #1316
- render_create_error not called when no json is provided #929
Merged pull requests:
- CI: Use ruby 2.4.7 #1337 (olleolleolle)
- CI: Use 2.5.6, 2.6.4 #1336 (olleolleolle)
- Allow password reset with token alone #1295 (jkeen)
v1.1.2 (2019-08-24)
Closed issues:
- Make compatible with devise 4.7 #1331
- Error after upgrade to Rails 6.0.0 #1329
- Documentation link on sidebar is incorrect #1325
- Unable to create user with mongodb as ORM #1293
- Missing user credential in confirmation redirect url querystring #1292
Merged pull requests:
- Fix devise version #1333 (laerciosb)
- Skip callback when active record #1330 (enomotodev)
- Use param-way version of saved_change_to_encrypted_password #1328 (MaicolBen)
v1.1.1 (2019-08-18)
Closed issues:
- I'm noticing that validate token requests are taking a long time - is there any way to turn down the cost in bcrypt for devise token auth so that the validate token requests are faster? #1326
- How do I update a user without a token while using Devise token Auth? #1318
- How to register with phone number instead of email as default #1313
- uninitialized constant DeviseTokenAuth::Concerns in development. #1312
- Change how to update existing user migration #1311
- Huge performance downgrade from v0.1.43 to v1.1.0 #1301
- Cant log in - #<NoMethodError: undefined method `current_sign_in_at' for #<User:0x000055e053c79c58>> #1300
- Generate authorization headers without the need for an email and password. #1298
- Any way to "become" user? #1291
- Can't find documentation, can't omniauth login #1290
- undefined method `tokens' for #<Hash:0x00007fe4698ea648> #1288
- Possible Phishing Attack Vulnerability #1287
- Unable to sign_in even if user confirmation is success #1285
- Changelog? #1275
- devise_token_auth depends on vulnerable devise version #1273
- Database index question #1272
- Reset Password Must Be Done in 5 Seconds #1265
- How do I use the gem with Mongoid? [ANSWERED] #1263
- devise_token_auth is not working in rails 6 ruby 2.6 #1259
- undefined method '[]' for nil:NilClass when confirming email #1224
- Unable to sign_out a user that is being deleted which causes 404 as devise_token_auth attempts to find to create headers. #1205
- API Does Not Use Api_Controller #887
- Use issue for "real" issue with the gem, and stackoverflow for integration problem #756
- User tokens don't properly deserialize #121
Merged pull requests:
- Fix token doc links #1327 (MaicolBen)
- Confirmations controller rendering methods added #1324 (ilhanadiyaman)
- Add mysql & psql service to travis because it isn't by default anymore #1323 (MaicolBen)
- Fix "manage the tokens" broken link in FAQ #1320 (brateq)
- CI: Use 2.6.3, drop unused directive sudo: false #1317 (olleolleolle)
- updates: use update instead of update_attributes #1314 (moray95)
- fix(current_user): revert false return in set_user_by_token when token is not present #1306 (booleanbetrayal)
- Update changelog #1297 (MaicolBen)
- Relax bcrypt version #1296 (MaicolBen)
- CI: Update matrix #1277 (olleolleolle)
- Skip token_validations route #1271 (yasuman)
- Resend confirmation instructions #1267 (lpsBetty)
- Tokens serialization #1250 (dks17)
- Delete namespece and fix file name change to prevent override behavior of the default email validator #1242 (ihatov08)
- Minor updates to docs #1236 (MaicolBen)
- new TokenFactory module #1085 (dks17)
v1.1.0 (2019-03-18)
Implemented enhancements:
- Mongoid Support #15
Closed issues:
- Support Devise 4.6 #1270
- Headers remove token when config token_lifespan #1268
- Reset Password Flow #1264
- How to check Client value is expired or not? #1254
- access to current_user not available #1246
- subsequents Sign In does not add new tokens and return 401 #1244
- Could not find generator 'devise_token_auth:install_mongoid' #1239
- undefined method `authenticate_user!' when User class nested in module #1234
- I cant acsess to current_user #1231
- Update token_lifespan in production remove response headers #1227
- Rename uid field to uuid #1225
- mysql2 0.4.6 error: use of undeclared identifier 'MYSQL_SECURE_AUTH' #1222
- POST with JSON Content-Type: application/json not passing parameters #1221
- Password controller : edit does not use default password reset url ? #1219
- Mongoid support #1198
- ensure_pristine_resource error #1135
- codeclimate-test-reporter soon be deprecated #1080
- Session Overflow Error #1077
Merged pull requests:
- allow devise < 4.7 #1269 (doits)
- Update Angular-Token README links #1257 (neroniaky)
- create he.yml translation file for Hebrew #1256 (aryehbeitz)
- Split up methods in omniauth_callbacks_ctrl for easier extensibility #1251 (nbrustein)
- Update appraisals, Travis config, ruby and rails versions #1249 (dks17)
- sign in multiple resources #1248 (Hamdan85)
- Add tests for passwords#edit when redirect_whitelist is set #1247 (MaicolBen)
- Use email_provider? at sync_uid #1243 (ihatov08)
- Fixed a reset password message in Japanese locales. #1241 (seigo23)
- Allow the use of allow_unconfirmed_access_for for registration #1238 (bananatron)
- Scope the EmailValidator to the DeviseTokenAuth module; add Solidus/Spree usage note to faq #1233 (skycocker)
- Fix doc link #1230 (Hiromi-Kai)
- Use redirect url to edit from initializer as well #1228 (MaicolBen)
- Removed ensure pristine error due to not being used #1217 (MaicolBen)
- Add Mongoid support #1209 (dks17)
- Reset passwords stay valid until the password is reset #1206 (typhoon2099)
- Simplifying ConfirmationsController show behavior #1075 (dks17)
v1.0.0 (2018-10-23)
Closed issues:
Merged pull requests:
v1.0.0rc2 (2018-09-21)
Closed issues:
- Is uid mandatory for devise token auth to find current user? #1214
- Remove uniqueness for email #1213
- NameError ActiveRecord::AttributeSet after redeploying #1210
- Token is no longer accepted after some time, only with a new "validate token" request #1204
- How to share tokens across subdomains using devise-token-auth? #1199
- 401s after response with new headers fail #1174
- A few refreshes after login gives me a blank access token and expiry, logging me out #1147
- Extract Registrations Controller logic out to overrideable methods ??? #1143
- ConfirmationsController redirection error #1084
- Where should I store token? #1005
- devise_token_auth initializer breaks omniauth paths #966
- default_confirm_success_url fails in initializer #223
Merged pull requests:
- Add rails lowest version to gemspec #1212 (masatooba)
- Add required_ruby_version #1208 (masatooba)
- chore(deps): expand devise to allow < 4.6 #1203 (taneliang)
- [da-DK] Improve grammar #1201 (olleolleolle)
- Optimize resource valid check after set the headers #1188 (MaicolBen)
- Moved to fallback instance variables in
set\_user\_by\_token
#1166 (twolfson) - confirmation should redirect to default_confirm_success_url by default #1091 (maysam)
v0.2.0 (2018-08-10)
Merged pull requests:
v1.0.0rc1 (2018-08-10)
Implemented enhancements:
Fixed bugs:
Closed issues:
- overriding registrations controller with active model serializer. #1194
- NameError (undefined local variable or method `provider' for #<User:0x00000005bacd18>): #1187
- The email_required? method is not working #1186
- Forgotten log files on the dummy test folder - More than a hundred megabytes #1185
- undefined method `create_token' for #<User:0x00007f8fa9a25900> Did you mean? created_at #1179
- Unpermitted parameter: :registration #1178
- Remove Password Validation #1177
- Devise Token Auth Postman configuration #1173
- Set default provider as "username" instead of "email" #1172
- How to implement 2FA? #1171
- Skip email confirmation #1170
- Multiples Profiles Relationship #1168
- request.headers.merge is not work. #1167
- How to add another parameter to validate a user? #1162
- Getting undefined method
make\_response!
for overridden Devise controller class #1158 - cant sigh_in on my custom controller #1150
- Mocha/minitest issue in test_helper.rb #1149
- How could send the access-token and other credentials ? #1146
- How to override concern #1145
- Support for find_for_database_authentication #1138
- Breaking tests / travis builds - Mocha gem was updated. #1137
- How solve undefined method `allow_password_change' while changing user password ? #1136
- Email case_insensitive with soulda matchers #1133
- Clear ActiveRecord::AttributeMethods::Dirty Deprecated Methods #1131
- Password/Edit route not working #1127
- Automatic Login after successful email confirmation #1122
- Clarification on OAuth Flow #1118
- New Bounty: $100 for README Edits/Improvements, issue queue cleanup #1114
- Tests on token expiry fail when they're run on the WET time zone #1112
- uid is blank upon basic rails 5 api setup, user registration #1111
- v0.1.43 causes Missing confirm_success_url parameter error #1108
- max_number_of_devices config seems doesn't work! #1107
- LoadError: cannot load such file -- omniauth #1105
- Token is not generated when login through facebook #1099
- Why does update_auth_header need to query the resource for tokens again? #1097
- "an error ocurred" when receiving the callback from google #1090
- devise omniauth redirect issue after installing devise_token_auth #1088
- Simplify the Readme. #1069
- Different max_number_of_devices based on devise model #1003
- Action Cable and devise token auth #986
- Cut a release #972
- minor error in README with regard to usage alongside Devise #745
- E-mail confirmations sent twice (duplicate emails) #677
- Reset Password doesn't getting expired.. #672
- What's the reset password flow? #604
- Dynamic token lifespan based on user input #580
- How to test user authenticated methods via rspec #455
- Testing with rspec #75
Merged pull requests:
- Modify for missing markdown symbol #1200 (sainuio)
- Add Factorybot #1197 (dks17)
- feature: handling primary key type in generators #1195 (whois-marvin-42)
- README: Drop defunct gemnasium badge #1190 (olleolleolle)
- Update contributing.md #1182 (vbrazo)
- Add missing SimpleCov configurations #1180 (vbrazo)
- Update gitbook docs link #1176 (MaicolBen)
- Update FAQ method for using DeviseTokenAuth alongside Devise #1175 (mrkrlli)
- Require mocha >= 1.5 #1169 (krzysiek1507)
- Test against newest Ruby from line #1163 (krzysiek1507)
- Add frozen_string_literal pragma to ruby files #1157 (krzysiek1507)
- 1143 extract @resource initialization out to a named overrideable method #1144 (Marinlemaignan)
- Setup appraisal for rails 4 #1142 (krzysiek1507)
- Setup appraisal #1134 (krzysiek1507)
- 1131 fix deprecation warning for dirty attributes for rails > 5 #1132 (Marinlemaignan)
- Rubocop Fixes 2 #1130 (dks17)
- Clean readme & move doc #1129 (MaicolBen)
- Rubocop Fixes #1126 (dks17)
- sv.yml localization #1120 (olleolleolle)
- da-DK: fix translation typo (burger!) #1119 (olleolleolle)
- Support namespace #1117 (kaevee)
- Test against ruby 2.5 #1116 (krzysiek1507)
- Max number of devices in new session #1115 (Evan-M)
- Refactor uses of time now #1113 (nesteves)
- max_number_of_devices should be used in a new session as well #1109 (MaicolBen)
- Activating Open Collective #1104 (monkeywithacupcake)
v0.1.43 (2018-03-07)
Closed issues:
- Problems with devise version #1102
- user_signed_in? is false after successful sign in #1101
- Basic Example with Postman? #1094
- No create in confirmations controller? #1093
- Does it works with Sequel? #1092
- Can't add field for unique validation #1089
- No access_token through api when signing in by finding user. #1087
- Password Reset Link params without POST /password #1070
- Confirmable should not be dependant on trackable #1065
- NoMethodError: undefined method `provider' for #<User #1063
- Log my user via token and session to share login over 2 app #1062
- Error ActionController::RoutingError: No route matches [GET] "/omniauth/pincode" #1058
- Support Devise 4.4.0 & Ruby 2.5.0 #1057
- Missing acces-token in Response Header #1053
- #<IndexError: string not matched> after second sign_in request with postgres #1052
- Manual Authentication and Registration #1051
- I can not insert name when registering user #1048
- NoMethodError: undefined method 'allow_password_change=' #1046
- Confirmation flow #1045
- undefined local variable or method `flash' for #<Devise::UnlocksController #1043
- Easily saving access_token in User model for later 3rd party API access #1041
- Error with mailer_sender #1037
- NoMethodError (undefined method `valid_token?' for nil:NilClass) #1035
- Ukrainian localization #1022
- [WORKING] Instructions for Rails 5 API and Google OAuth2 #1020
- Reset Password Tokens No Longer Expire #1008
- Password Reset: Is it possible to disable returning 404 when user is not found? #987
- Fix Warnings in Test Suite Output #976
- error in sessions_controller.rb:42 - on sign_in after application restart #941
- Working example with omniauth? #937
- Duplicate error messages #892
- Redirects to https domains break in 1.40 #832
- Remove "AND provider='email'" from SQL when login #266
- Using Google's Authenticator 2FA Mobile app #172
- is devise_invitable supported? (solvable with workaround) #155
- current_user and authenticate_user! returns false #74
Merged pull requests:
- Further refactor of token creation #1098 (Evan-M)
- Return locked out message from sessions controller when resource is locked #1095 (TylerRockwell)
- [ci skip ] Improve documentation - add link #1086 (BKSpurgeon)
- s/set_user_token/set_user_by_token on comment #1078 (marcpeabody)
- Update user template #1071 (dkniffin)
- Make confirmable not dependant on trackable #1064 (romankovt)
- Refactor token creation #1061 (MaicolBen)
- chore(deps): expand devise to allow < 4.5 #1056 (Tom-Tom)
- Separate error messages for missing vs invalid email #1055 (pjungwir)
- Remove verbose warnings in test output #1049 (asartalo)
- Translate into Vietnamese #1044 (minhthuan274)
- Fix polish translations #1042 (sbadura)
- Update devise configuration for :database_authenticatable #1040 (dks17)
- Improve registrations controller and add downloads badge in Readme #1039 (MaicolBen)
- #155 fix authenticate_#{mapping} definition #1036 (salmanasiddiqui)
- add redux-token-auth to README.md #1033 (FunkyloverOne)
- Fix bypass_sign_in broken tests #1030 (MaicolBen)
- Remove params that are not being used in resource params #1029 (MaicolBen)
- Honor strip_whitespace_keys from devise config #1028 (nerfologist)
- Reset password token test fix2 #1026 (dks17)
- Added ukrainian locale #1023 (Dimkarodinz)
- Issue 803 fixed indentation #1021 (Blitzkev)
- Restore reset password tokens behavior #1017 (dks17)
- Check if recoverable is enabled in case allow_password_change is used #995 (MaicolBen)
- Remove save tokens in build auth header #994 (MaicolBen)
- Refactor render error #989 (MaicolBen)
- bypass_sign_in setting (re-created) #911 (Borzik)
v0.1.43.beta1 (2017-11-13)
Closed issues:
- Return a authentication token #1015
- API is not using defined ApiController but rather ApplicationController #1014
- TypeError (can't dump hash with default proc) #1012
- Namespaces and overriding default mailer templates #1011
- Cant login after signing in via oauth #1010
- Omniauth with devise token auth #1007
- Not returning headers on error #1002
- Hardcoded resource.provider in RegistrationsController? #997
- Confirmation URL query parameters don't match header counterparts #993
- Gem clashing #991
- Sign in, Sign out not working #982
- access token always expires in one minute #980
- How to customize Omniauth payload #974
- How do Create user's roles. #963
- Why does a confirm_success_url column appear in some of the test migrations? #959
- Readme "Usage TL;DR" section - add confirm_success_url to required params? #955
- ar #954
- how to get first name and last name of user #953
- Model for nested attributes not being saved #952
- Can not have multiple model #950
- NoMethodError when current_user is called #947
- How to manually send the confirmation email (e.g. after User.create in Rails console)? #946
- Make DeviseAuthToken inherits my API base Controller? #945
- Missing auth headers in response to validate_token #944
- tokens_match? issue #942
- Not send email notification when email changed ? #940
- Token generation fails when user has incomplete data that is mandatory #938
- Is there a way to prevent persisting the same token to user table when in batch mode? #934
- Token expires too soon #933
- Seeing other users data on logout and login #932
- token authentication not working on production #931
- Getting 'uninitialized constant ActionDispatch::Routing::Mapper::Scope (NameError)' with rails 3 #930
- How do I include User relationships to response after authenticate #928
- Can't unlock account through email link in lockable #927
- accidental issue #926
- Can't verify CSRF token authenticity on PUT request only #924
- Reset password url no host #923
- In batch mode tokens are unnecessarily stored for every request although unchanged #922
- current_user not available during authorization #921
- Resend confirmation email #920
- Change Authentication Keys #919
- Devise Set User By Token Is Clashing with Normal Devise Helpers #917
- XSS (javascript execution vulnerability) #916
- Using the Generator Without Capitalizing Model Name #912
- undefined method `authenticate_user!' when want to version my api #908
- RuntimeError in DeviseTokenAuth::OmniauthCallbacksController#omniauth_success on google_oauth2 login #907
- JSON API status? #906
- Filter chain halted as :authenticate_user! rendered or redirected #905
- Completed 422 Unprocessable Entity [Rails 5 API only, React with J-Toker] #904
- API authentication. Method not allowed 405. Use POST /sign_in to sign in. GET is not supported. #900
- validate_token Works but nothing else... #899
- OAuth failure callback error with Google provider #898
- Registration Name attribute is not stored #897
- The action 'edit' could not be found for DeviseTokenAuth::RegistrationsController #896
- Change provider when sessions controller #893
- Overriding render_create_success does not obey serializer option (AMS) #890
- How can i get access-token with omniauth on React Native app #889
- Forgot Password flow with JSON responses #888
- unknown attribute 'expiry' for User. #886
- Email Regex causing Issue - not synced with Devise email RegEx #885
- undefined method `[]=' for nil:NilClass due to missing client_id #881
- Return parent with sign in data? #880
- json-hyper-schema for devise_token_auth #879
- validate_token works on local web server, but not remote? #873
- getting random "Authorized users only." when uploading multiple files at once. #862
- Caching causing an issue #861
- How to authenticate user using username using this gem ? #859
- Segmentation Fault is raising while trying to send emails. #857
- How to Restrict Access to a Single Client? #854
- NoMethodError (undefined method `new_session_path' for #<Devise::OmniauthCallbacksController:0x0000000630f628>) #853
- Token based authentication with LDAP only #850
- Insecure session created with reset password link #848
- Swagger / Yard Docs #846
- NoMethodError: undefined method `[]=' for nil:NilClass in unit test #839
- No resource_class found #838
- How to Custom Mailer ? #837
- Password gets updated but current password is still invalid. #836
- CookieOverflow on namespaced controllers #835
- no registration routes when used with devise #834
- Incompatibility with shoulda in email uniqueness #833
- No HTML for omniauth_external_window view in Rails 5 API #830
- DeviseTokenAuth::TokenValidationsController#validate_token returns 401 unauthorized. #829
- Console warning #828
- omniauth-facebook authentication with an Angular 2 front end application. #827
- uid is similar to email #825
- Use POST to sign in. GET is not supported. #823
- Invalid login credentials. Please try again. #822
- Devise redirecting Web request to the Token JSON API #821
- Wrong model mapped for token_validation #820
- Banning a user #817
- Sometimes very frequently, sometimes very randomly - 401 Unauthorized. #813
- The confirmation email is not send with the standard devise support #812
- Securing headers on client side #809
- Impersonate user #802
- Can't use JBuilder templates when overriding rendering methods #801
- I18n broken (e.g. :already_in_use) #799
- very unstable gem full of bugs !! #795
- CORS answers 404 always #794
- Authorized Users Only on iOS client #792
- user_signed_in? doesn't returning access_token after few continuous call to it !!! #791
- 302 found when I try to redirect to "/devise_token_auth/sessions#create" #790
- Initializer default_password_reset_url not working. #789
- Gem querying database twice for authenticating user #788
- No authentication headers when using Single Table Inheritance on my User model #783
- Can't migrate database after 'rails g devise_token_auth:install User auth' #781
- Diferent tokens from devise and devise_token_auth some times get in conflict... #780
- LinkedIn SignIn #778
- Rails engine (api only) - undefined method `mount_devise_token_auth_for' for #<ActionDispatch::Routing::Mapper: #777
- multiple congratulation emails #774
- Set up a new API application controller not working? #773
- Explicitly do not invalidate token #772
- Prevent user from sharing account #770
- I'am not able to serialize user #769
- Could not find generator 'devise_token_auth:install' #768
- Soft deletion #766
- QUESTION:
tokens
field in database #763 - Current user from channel. #760
- devise_token_auth with LDAP? #759
- Passing block to for strong parameters breaks code #758
- API authentication: Use POST /sign_in to sign in. GET is not supported. #754
- Integration help #753
- undefined method `tokens' upon signing up #752
- resource name for scoped mounting #748
- Signing in with Mongoid 6 + Rails 5 causes AuthenticationError #742
- Multiple user registration with multiple providers #740
- Headers not sent on GET request #739
- Best practice for using virtual attributes #738
- E-mail update is enabled by default #736
- Limit formats allowed to make requests #735
- Error in password reset. Password not changed, even though edit returns 200 #732
- Using devise_async and sidekiq to send emails asynchronously #727
- Separate Devise Token Auth configuration per model #725
- No token on response header #721
- Massive Cookie Size Leads to Errors #718
- 401 on sign_in #717
- Unable to reconfirm a users email #716
- Which is client and access_token #714
- Sign_in custom method: how? #711
- define_helpers not called at rails launch #708
- Always Set Headers in Batch Mode #702
- Use with existing User model #701
- The inactive_message and active_for_authentication #695
- Reset password link not working for the second time #691
- How to properly set headers in order to use current_user, authenticate_user! etc methods? #690
- Sign Up Permitted Parameters gets Passed but Never saves succesfully to Database #688
- Live Demo on heroku crashes #687
- Ruby on rails devise_token_auth gem unable to find routes #686
- undefined method `[]' for nil:NilClass during omniauth callback #682
- client_id resets to default after session_controller#create #680
- "Unpermitted parameter: session" issues when action_controller.action_on_unpermitted_parameters is :raise #676
- Rails 5 + mongoid + devise_token_auth - undefined method `add_mongoid_support=' for DeviseTokenAuth:Module (NoMethodError) #675
- 0.1.36 to 0.1.37 Breaks Test Suite #670
- Why NOT 'email_required?' is considered? #668
- make a separate Apicontroller from Applicationcontroller #667
- Devise Omniauth and DeviseTokenAuth Omniauth #666
- Seperate view files for different models. #664
- Password Reset Link doesn't work #658
- [Question] Using in mobile apps (pass reset/libs for major OSes)? #657
- confrimable registration token expire #655
- Get extra from omniauth-facebook. #647
- Ability to change email? #646
- headers_names is not defined in 0.1.37 #645
- Oauth2 - Android Authentication - one-time-code flow #639
- make use of max_number_of_devices on sign_in #637
- is possible to use provider and uid columns on the authentications table? #633
- undefined method 'render' at devise_token_auth/controllers/helpers.rb #630
- Override default routes #628
- user_signed_in? VS user.signedIn ? #623
- Retrieve from (local) cache first? #622
- Update Gem (RubyGem) Not issue #621
- Email uniqueness on both email and oauth provider #617
- ArgumentError (wrong number of arguments (given 1, expected 0)) #616
- exclude devise validatable module? #613
- Devise omniauth_path_prefix overriden #610
- Override devise token auth response #609
- Previous authentication params remain in url after sign out when using OAuth #605
- Problem with auth headers and multiple models #602
- Re-written URL with token does not work with Angular default routing #599
- Rails 5 - Missing template devise_token_auth/registrations/create #598
- REST routes #595
- Multiple providers per user #594
- MongoDB #593
- Problem with CORS setup and exposing special headers #591
- Password reset allows user to bypass confirmable #590
- empty request.env['omniauth.params'] causes exception #586
- Getting Error: 'No connection pool for ActiveRecord::Base' when generating the devise_token_auth generator inside an Rails Engine #584
- Preventing creation of users in an oauth scenario #583
- Extend token lifespan on use? #573
- Unable to sign in using LinkedIn #572
- Cannot use rake with mount_devise_token_auth_for in routes.rb #570
- Provide configuration for token hashing algorithm #560
- Using devise_token_auth with devise for one method #559
- omiauth-google #558
- Use devise_token_auth with facebook iOS login SDK #556
- omniauth-facebook login #555
- ActionController::RoutingError (No route matches [POST] "/omniauth/steam/callback") #554
- get Authorized users only when use devise with devise_token_auth #553
- Models other than
User
not returning auth headers after each request #552 - Cannot get ng-token-auth, devise-token-auth and Rails to work for facebook login #551
- Yielding Resource to Overriding Controller #548
- Confirmation controller does not response with JSON #546
- message['redirect-url'] in the reset password email is not set automatically. #545
- Failed migration: how to handle existing user db #544
- set a no reply email adresse #542
- check if user confirmed is account #539
- support for multiple client_id #535
- Cut some actions? #534
- Getting issues with api authentication #529
- Error: unknown attribute 'current_password' for User when updating a password #524
- Error Response as HTML #522
- render_create_success should return 201 code not 200? #516
- RuntimeError (can't modify frozen Hash) #515
- tokens not being serialized! #495
- Sign in from controller #494
- Unpermitted Parameters: confirm_success_url, config_name, registration #489
- Bundler could not find compatible versions for gem "rails": #488
- Does anyone try to link current omniauth account to devise-token-auth account? #487
- I want to use a different column for provider instead of defalut "email" #485
- @resource.allow_password_change is not persisted across requests #481
- Would like to know is there any missing for i18n translation file? #479
- Unpermitted paramter: session (401 Unauthorized) for only one particluar user #477
- Reading logged user in constraint #475
- devise_token_auth is being called when it shouldn't #473
- Unable to override sessions controller #471
- Support Devise Strong Parameters by Block #464
- How to make http header still available when return to oauth call back #461
- skip: [:omniauth_callbacks] doesn't work in v0.1.37.beta3 #460
- This gem change default omniauth path? #459
- Rails 5 compatible? #458
- Null email causes NoMethodError (undefined method `downcase!' for nil:NilClass) #457
- Cannot send confirmation email when using alongside with standard devise #456
- cancancan: load_and_authorize_resources causes method_missing failure #452
- example app for api #451
- is session store necessary? #449
- HTTP Headers not being sent when using as an API from an Android Phone #448
- Is it possible to pass token via json? #447
- NoMethodError (undefined method
enable\_standard\_devise\_support' for DeviseTokenAuth:Module\): app/controllers/devise\_token\_auth/concerns/set\_user\_by\_token.rb:35:in
set_user_by_token' #437 - duplicate method - resource_class #433
- Unpermitted parameter errors #432
- redirect_uri_mismatch after update from 0.1.34 to 0.1.37 #420
- password_confirmation not actually required #419
- Why should I use .to_json to get the right json object and not an array? #400
- Errors after removing confirmable #397
- Add JSON API (v1.0) compliant API option #396
- NoMethodError in DeviseTokenAuth::SessionsController#create #394
- Add better uid + provider unique support #392
- Unable to Logout after sign up and/or sign in #391
- Cohabitation with doorkeeper #389
- React native signup/login using Facebook SDK #385
- when does tokens field get cleared #372
- Passing access_token after signup #366
- 'no implicit conversion of Hash into String (TypeError)' on Travis CI #365
- discrepancy between registration events #364
- Block isn't called in super do |resource| override. #363
- Auth header is not being set in sign up when using confirmable with allowed unconfirmed access #361
- Spontaneous log out from app (presumably because of batch requests) #359
- github provider callback url (?auth_token) #354
- Is it possible to authenticate_user! without failing the filter chain? #353
- Support for Lockable and Timeoutable when using Devise and DeviseTokenAuth #346
- Official support and documentation on how to use alongside Devise for APIs #345
- permitted parameters not working as expected #344
- Using devise and devise_token_auth side by side #343
- Multiple Devise Models. One using token #342
- ArgumentError in DeviseTokenAuth::ConfirmationsController#show #339
- Issue with audited-activerecord #338
- Ember Simple Auth #334
- group authentication not redirecting #332
- Getting `table_exists?' error when using devise_token_auth with Mongoid #325
- Can't authorize (user_signed_in? always show false) #316
- Devise Email Validation #314
- Android native - Unpredictable 401 #313
- How to skip confirmation on register but possibility to ask later #303
- User with multiple providers gets invalid login credential except the latest provider he/she registered. #298
- Conder making view helpers available in token_validations_controller #292
- Using alongside "normal" rails app #290
- Reset password error. #284
- Configured verbatim, devise_token_auth receives this error google only #282
- Facebook Auth isn't working for Google Chrome users that have Data Compression set to on #279
- Used alongside standard Devise broke the Devise mail confirmation #265
- How To Handle Guest Account #264
- confirmable feature bugs? #263
- helper methods don't work #258
- reset password link is not getting to redirection #247
- Should a 404 reset tokens? #244
- Devise.secret_key was not set. Please add the following to your Devise initializer #235
- Expected params don't match Devise itself #233
- Namespaced Models #228
- Can't verify CSRF token authenticity #227
- Error on OmniauthCallbacksController#omniauth_success #222
- undefined method `authenticate_user!' #219
- The omniauth implementation on this gem use redirection. We need to get around these. #216
- Which software did you use to create the workflow ? #215
- AbstractController::ActionNotFound (The action 'new' could not be found for DeviseTokenAuth::RegistrationsController): #212
- Oauth broken when attributes have a new line #211
- No route matches [GET] "/omniauth/sign_in" #199
- I have a rails backend rendered app (erb). Can I switch to devise token auth? #196
- authentication via phone # #194
- Cannot use this gem alongside Devise #192
- Some headers without "access-token" (and friends) while testing with Rspec #188
- AbstractController::ActionNotFound with Controller Override #185
- Best way to set up migration for installation on existing User table already using Devise? #181
- Architecture Q: Why did you not use Warden? #180
- NoMethodError (undefined method `[]=' for nil:NilClass) #178
- Sign_in / Sign_up via token_auth and via session #168
- Facebook login - Redirect issue #166
- expired confirmation & reset link #164
- Storing token in Redis? #163
- list with http response codes #157
- Trouble accessing provider auth key and secret #153
- Omniauth: New user or not ? #151
- Forcing SSL for DeviseTokenAuth causes error 'new' could not be found #141
- NoMethodError (undefined method `name' for nil:NilClass) - devise_controller.rb:22 #134
- Sudo action / confirm your identity protocol #131
- devise_token_auth for multiple client #122
- Invalid Authenticity Token with last version #109
- Routes not properly set #101
- allow_unconfirmed_access_for #89
- Usage with Grape #73
- Allow updating of default attributes by default? #61
Merged pull requests:
- Fixes include bug causing sign_in to require auth #1016 (karlingen)
- Update CONTRIBUTING.md #1009 (stratigos)
- Adding Danish locale #1006 (mikkeljuhl)
- allow only one confirmation #1001 (MaicolBen)
- Added capitalize to user_class in model file template #1000 (kiritAyya)
- Match email regexp with devise #999 (MaicolBen)
- Edit RegistrationsController#create to use ResourceFinder::provider #998 (m4-miranda)
- 993 - mirror auth header keys in build_auth_url query params #996 (ethagnawl)
- Add link to wiki of how to add fields for an existing user table #985 (MaicolBen)
- contemplate single table inheritance in DeviseTokenAuth::Concerns::SetUserByToken#set_user_by_token #984 (maxwells)
- Upgrade test suite to use Rails 5 #981 (lynndylanhurley)
- Conditionally set rails version on migration #979 (MaicolBen)
- remove confirm_success_url entries from dummy migrations #978 (ethagnawl)
- link to cached version of _How to Run a Single Rails Unit Test_ blog … #977 (ethagnawl)
- Fix default provider after refactor in concern #975 (MaicolBen)
- Adding in unlocks controller and specs. This should resolve #927. #971 (brycesenz)
- Add a call to contribute to the top of the README. Ref #969. #970 (zachfeldman)
- CONTRIBUTING: Add header, format sections #968 (olleolleolle)
- Add note about Grape usage. Closes #73. #967 (zachfeldman)
- Allow other provider than email when logins #964 (MaicolBen)
- change devise method to reset password by token #957 (dks17)
- Docs - add confirm_sucess_url to required params in email registration #956 (pnewsam)
- Fix header name on account delete documentation #909 (mconiglio)
- Document the confirm_success_url param for email registration #901 (nerfologist)
- Fix header markdown typo #895 (f3ndot)
- Support setting whitelist, without setting default redirect_url #894 (dkniffin)
- Feature/customable authorized users only error response #869 (abeyuya)
- Use rails validator instead of custom one #865 (MaicolBen)
- Ability to use different default fields in model #849 (blddmnd)
- GitHub Issues template, Contributing guidelines #847 (olleolleolle)
- Better implementation to test if connection to db is active #843 (richardxia)
- Improve documentation for testing. #840 (JonRowe)
- Allow user specific token lifespans #704 (codez)
- Always set header in batch mode #703 (codez)
- Fix for issue #677 #678 (develop-test1)
- Flag signin when user confirms email address. #410 (ghost)
Implemented enhancements:
Fixed bugs:
Closed issues:
- Return a authentication token #1015
- API is not using defined ApiController but rather ApplicationController #1014
- TypeError (can't dump hash with default proc) #1012
- Namespaces and overriding default mailer templates #1011
- Cant login after signing in via oauth #1010
- Omniauth with devise token auth #1007
- Not returning headers on error #1002
- Hardcoded resource.provider in RegistrationsController? #997
- Confirmation URL query parameters don't match header counterparts #993
- Gem clashing #991
- Sign in, Sign out not working #982
- access token always expires in one minute #980
- How to customize Omniauth payload #974
- How do Create user's roles. #963
- Why does a confirm_success_url column appear in some of the test migrations? #959
- Readme "Usage TL;DR" section - add confirm_success_url to required params? #955
- ar #954
- how to get first name and last name of user #953
- Model for nested attributes not being saved #952
- Can not have multiple model #950
- NoMethodError when current_user is called #947
- How to manually send the confirmation email (e.g. after User.create in Rails console)? #946
- Make DeviseAuthToken inherits my API base Controller? #945
- Missing auth headers in response to validate_token #944
- tokens_match? issue #942
- Not send email notification when email changed ? #940
- Token generation fails when user has incomplete data that is mandatory #938
- Is there a way to prevent persisting the same token to user table when in batch mode? #934
- Token expires too soon #933
- Seeing other users data on logout and login #932
- token authentication not working on production #931
- Getting 'uninitialized constant ActionDispatch::Routing::Mapper::Scope (NameError)' with rails 3 #930
- How do I include User relationships to response after authenticate #928
- Can't unlock account through email link in lockable #927
- accidental issue #926
- Can't verify CSRF token authenticity on PUT request only #924
- Reset password url no host #923
- In batch mode tokens are unnecessarily stored for every request although unchanged #922
- current_user not available during authorization #921
- Resend confirmation email #920
- Change Authentication Keys #919
- Devise Set User By Token Is Clashing with Normal Devise Helpers #917
- XSS (javascript execution vulnerability) #916
- Using the Generator Without Capitalizing Model Name #912
- undefined method `authenticate_user!' when want to version my api #908
- RuntimeError in DeviseTokenAuth::OmniauthCallbacksController#omniauth_success on google_oauth2 login #907
- JSON API status? #906
- Filter chain halted as :authenticate_user! rendered or redirected #905
- Completed 422 Unprocessable Entity [Rails 5 API only, React with J-Toker] #904
- API authentication. Method not allowed 405. Use POST /sign_in to sign in. GET is not supported. #900
- validate_token Works but nothing else... #899
- OAuth failure callback error with Google provider #898
- Registration Name attribute is not stored #897
- The action 'edit' could not be found for DeviseTokenAuth::RegistrationsController #896
- Change provider when sessions controller #893
- Overriding render_create_success does not obey serializer option (AMS) #890
- How can i get access-token with omniauth on React Native app #889
- Forgot Password flow with JSON responses #888
- unknown attribute 'expiry' for User. #886
- Email Regex causing Issue - not synced with Devise email RegEx #885
- undefined method `[]=' for nil:NilClass due to missing client_id #881
- Return parent with sign in data? #880
- json-hyper-schema for devise_token_auth #879
- Can´t retrieve access token in login response headers #877
- devise_token_auth blocks upgrade to Rails 5.1.0 #875
- validate_token works on local web server, but not remote? #873
- how do I login a user after account signup? #866
- getting random "Authorized users only." when uploading multiple files at once. #862
- Caching causing an issue #861
- How to authenticate user using username using this gem ? #859
- Can only register one account. #858
- Segmentation Fault is raising while trying to send emails. #857
- No access-token in the header #855
- How to Restrict Access to a Single Client? #854
- NoMethodError (undefined method `new_session_path' for #<Devise::OmniauthCallbacksController:0x0000000630f628>) #853
- Headers not present in all requests #851
- Token based authentication with LDAP only #850
- Insecure session created with reset password link #848
- Swagger / Yard Docs #846
- uninitialized constant SECRET_KEY_BASE #845
- NoMethodError: undefined method `[]=' for nil:NilClass in unit test #839
- No resource_class found #838
- How to Custom Mailer ? #837
- Password gets updated but current password is still invalid. #836
- CookieOverflow on namespaced controllers #835
- no registration routes when used with devise #834
- Incompatibility with shoulda in email uniqueness #833
- devise_token_auth: can't work with Rails subdomain. #831
- No HTML for omniauth_external_window view in Rails 5 API #830
- DeviseTokenAuth::TokenValidationsController#validate_token returns 401 unauthorized. #829
- Console warning #828
- omniauth-facebook authentication with an Angular 2 front end application. #827
- uid is similar to email #825
- Question: email confirmation token URI with Rails API #824
- Use POST to sign in. GET is not supported. #823
- Invalid login credentials. Please try again. #822
- Devise redirecting Web request to the Token JSON API #821
- Wrong model mapped for token_validation #820
- readme code for controller override needs a slight change #819
- Banning a user #817
- Support for multiple providers during same session #815
- Sometimes very frequently, sometimes very randomly - 401 Unauthorized. #813
- The confirmation email is not send with the standard devise support #812
- not supporting for angular1.6 #810
- Securing headers on client side #809
- Add has one/belongs to assotiation #807
- redirect_url required but not permitted in strong parameters #805
- Impersonate user #802
- Can't use JBuilder templates when overriding rendering methods #801
- I18n broken (e.g. :already_in_use) #799
- Data leak on create password reset #797
- Rails 5 API Mode Not Authorizing #796
- very unstable gem full of bugs !! #795
- CORS answers 404 always #794
- Authorized Users Only on iOS client #792
- user_signed_in? doesn't returning access_token after few continuous call to it !!! #791
- 302 found when I try to redirect to "/devise_token_auth/sessions#create" #790
- Initializer default_password_reset_url not working. #789
- Gem querying database twice for authenticating user #788
- wrong constant name user #784
- No authentication headers when using Single Table Inheritance on my User model #783
- Can't migrate database after 'rails g devise_token_auth:install User auth' #781
- Diferent tokens from devise and devise_token_auth some times get in conflict... #780
- current_user returns nill #779
- LinkedIn SignIn #778
- Rails engine (api only) - undefined method `mount_devise_token_auth_for' for #<ActionDispatch::Routing::Mapper: #777
- ActionController::RoutingError - undefined method `helper_method' #776
- multiple congratulation emails #774
- Set up a new API application controller not working? #773
- Explicitly do not invalidate token #772
- Prevent user from sharing account #770
- I'am not able to serialize user #769
- Could not find generator 'devise_token_auth:install' #768
- Soft deletion #766
- Minimum Limits on a token? #764
- QUESTION:
tokens
field in database #763 - Octopus throwing error when deleting expired tokens #761
- Current user from channel. #760
- devise_token_auth with LDAP? #759
- Passing block to for strong parameters breaks code #758
- Only one User model return the correct headers #757
- API authentication: Use POST /sign_in to sign in. GET is not supported. #754
- Integration help #753
- undefined method `tokens' upon signing up #752
- ArgumentError in Devise::RegistrationsController#new #750
- OAuth (GitHub) redirects to callback url twice #749
- resource name for scoped mounting #748
- Signing in with Mongoid 6 + Rails 5 causes AuthenticationError #742
- Rails 5 API deployed as microservices #741
- Multiple user registration with multiple providers #740
- Headers not sent on GET request #739
- Best practice for using virtual attributes #738
- E-mail update is enabled by default #736
- Limit formats allowed to make requests #735
- Query params left in url after facebook login cause authentication to fail on refresh #734
- Error in password reset. Password not changed, even though edit returns 200 #732
- Can't permit parameters in rails engine #731
- Cannot integrate with omniauth-facebook #729
- Using devise_async and sidekiq to send emails asynchronously #727
- Two models, one not working #726
- Separate Devise Token Auth configuration per model #725
- No token on response header #721
- Massive Cookie Size Leads to Errors #718
- 401 on sign_in #717
- Unable to reconfirm a users email #716
- API response bodies are empty when using active_model_serializers #715
- Which is client and access_token #714
- /sign_out route is returning 404 not found #713
- Sign_in custom method: how? #711
- define_helpers not called at rails launch #708
- Why is
tokens
field a json type and how to create a query based on inside values? #707 - Always Set Headers in Batch Mode #702
- Use with existing User model #701
- Deprecation Error Message on 5.0 #698
- "Covert Redirect" Vulnerability #696
- The inactive_message and active_for_authentication #695
- No route matches [POST] "/api/v1/auth" #694
- Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
- Reset password link not working for the second time #691
- How to properly set headers in order to use current_user, authenticate_user! etc methods? #690
- using devise_token_auth for API alongside standard devise gem for HTML view #689
- Sign Up Permitted Parameters gets Passed but Never saves succesfully to Database #688
- Live Demo on heroku crashes #687
- Ruby on rails devise_token_auth gem unable to find routes #686
- No Headers after sign_in for new Users created by Admin #685
- NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
- Fast page refresh problem #683
- undefined method `[]' for nil:NilClass during omniauth callback #682
- IndexError: string not matched on User sign_in #681
- client_id resets to default after session_controller#create #680
- skip_confirmation_notification! not working #679
- "Unpermitted parameter: session" issues when action_controller.action_on_unpermitted_parameters is :raise #676
- Rails 5 + mongoid + devise_token_auth - undefined method `add_mongoid_support=' for DeviseTokenAuth:Module (NoMethodError) #675
- rails g devise_token_auth:install User auth hangs and does nothing #671
- 0.1.36 to 0.1.37 Breaks Test Suite #670
- Why NOT 'email_required?' is considered? #668
- make a separate Apicontroller from Applicationcontroller #667
- Devise Omniauth and DeviseTokenAuth Omniauth #666
- Seperate view files for different models. #664
- Bump version to support devise 4.1.1 #659
- Password Reset Link doesn't work #658
- [Question] Using in mobile apps (pass reset/libs for major OSes)? #657
- confrimable registration token expire #655
- callback :set_user_by_token has not been defined #649
- Get extra from omniauth-facebook. #647
- Ability to change email? #646
- headers_names is not defined in 0.1.37 #645
- Issues with active_model_serializers #644
- Error with devise #643
- Oauth2 - Android Authentication - one-time-code flow #639
- make use of max_number_of_devices on sign_in #637
- undefined method `token_validation_response' #635
- when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
- is possible to use provider and uid columns on the authentications table? #633
- Relax devise dependency to allow 4.1 #631
- undefined method 'render' at devise_token_auth/controllers/helpers.rb #630
- Override default routes #628
- Rails 5 generator doesn't insert concern #627
- NoMethodError (undefined method `find_by_uid') in production. #625
- Why is password confirmation required ? #624
- user_signed_in? VS user.signedIn ? #623
- Retrieve from (local) cache first? #622
- Update Gem (RubyGem) Not issue #621
- Curl not working for sign_in but works on ng-token-angular #620
- After Sign-in success, The following requests on Angular side are unauthorized. #619
- Email uniqueness on both email and oauth provider #617
- ArgumentError (wrong number of arguments (given 1, expected 0)) #616
- Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
- :authenticate_user! wired behaviour #614
- exclude devise validatable module? #613
- current_user is nil, request headers are all upcased and prefixed with HTML_ #611
- Devise omniauth_path_prefix overriden #610
- Override devise token auth response #609
- Problem in generated routes #607
- Rails 5 API Mode - no headers in response #606
- Previous authentication params remain in url after sign out when using OAuth #605
- Filter chain halted as :authenticate_user! rendered or redirected #603
- Problem with auth headers and multiple models #602
- 422 Unprocessable Entity when using local IP address #601
- not working with latest version of active_model_serializers #600
- Re-written URL with token does not work with Angular default routing #599
- Rails 5 - Missing template devise_token_auth/registrations/create #598
- overriding rendering methods in devise_token_auth #597
- REST routes #595
- Multiple providers per user #594
- MongoDB #593
- Problem with CORS setup and exposing special headers #591
- Password reset allows user to bypass confirmable #590
- redirect_url is missing in email instructions sent to the user for password reset #588
- Unpermitted parameter: {"email":"[email protected]","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
- empty request.env['omniauth.params'] causes exception #586
- Getting Error: 'No connection pool for ActiveRecord::Base' when generating the devise_token_auth generator inside an Rails Engine #584
- Preventing creation of users in an oauth scenario #583
- can't authenticate user when opening a new download tab #582
- Mails are not being sent #581
- current_user seems to be nil after doing requests from different tabs #579
- Do we have any rspec helpers to sign_in an user? #577
- Cannot override json response of authenticate_user! #575
- Extend token lifespan on use? #573
- Unable to sign in using LinkedIn #572
- Cannot use rake with mount_devise_token_auth_for in routes.rb #570
- return custom json data after sign_in #567
- Provide configuration for token hashing algorithm #560
- Using devise_token_auth with devise for one method #559
- omiauth-google #558
- Use devise_token_auth with facebook iOS login SDK #556
- omniauth-facebook login #555
- ActionController::RoutingError (No route matches [POST] "/omniauth/steam/callback") #554
- get Authorized users only when use devise with devise_token_auth #553
- Models other than
User
not returning auth headers after each request #552 - Cannot get ng-token-auth, devise-token-auth and Rails to work for facebook login #551
- /auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
- Where is the access key of omniauth provider? #549
- Yielding Resource to Overriding Controller #548
- Confirmation controller does not response with JSON #546
- message['redirect-url'] in the reset password email is not set automatically. #545
- Failed migration: how to handle existing user db #544
- How this gem is different from a JWT system? #543
- set a no reply email adresse #542
- check if user confirmed is account #539
- Improper formatting for JSON API error/success responses #536
- support for multiple client_id #535
- Cut some actions? #534
- Getting issues with api authentication #529
- Is it a hybrid authentication system? #527
- check_current_password_before_update still requires password when resetting password #526
- Error: unknown attribute 'current_password' for User when updating a password #524
- Error Response as HTML #522
- Manually authenticate for testing #521
- Support for STI #517
- render_create_success should return 201 code not 200? #516
- RuntimeError (can't modify frozen Hash) #515
- DEPRECATION WARNING: alias_method_chain is deprecated #514
- JSON responses don't fit JSON_API requirements #512
- Not working with rails 5 and devise master #504
- Unpermitted parameters: confirm_success_url, config_name, registration #501
- set_user_by_token not defined in production for rails 5 #500
- Master branch no longer working with devise master branch (version error) #498
- uid is not getting set in git revision 996b9cf23a18 #497
- tokens not being serialized! #495
- Sign in from controller #494
- ve_model_serializer namespace #492
- Unpermitted Parameters: confirm_success_url, config_name, registration #489
- Bundler could not find compatible versions for gem "rails": #488
- Does anyone try to link current omniauth account to devise-token-auth account? #487
- User remains logged in when using devise and devise_token_auth in the same app #486
- I want to use a different column for provider instead of defalut "email" #485
- DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
- @resource.allow_password_change is not persisted across requests #481
- validate_token - resource_name - undefined method `name' for nil:NilClass #480
- Would like to know is there any missing for i18n translation file? #479
- Unpermitted paramter: session (401 Unauthorized) for only one particluar user #477
- Reading logged user in constraint #475
- devise_token_auth is being called when it shouldn't #473
- Unable to override sessions controller #471
- Helpers being loaded for Rails API's #468
- Unable to call
rails g devise\_token\_auth:install
within rails engine #465 - Support Devise Strong Parameters by Block #464
- locales
errors.messages.already\_in\_use
seems broken #463 - How to make http header still available when return to oauth call back #461
- skip: [:omniauth_callbacks] doesn't work in v0.1.37.beta3 #460
- This gem change default omniauth path? #459
- Rails 5 compatible? #458
- Null email causes NoMethodError (undefined method `downcase!' for nil:NilClass) #457
- Cannot send confirmation email when using alongside with standard devise #456
- cancancan: load_and_authorize_resources causes method_missing failure #452
- example app for api #451
- is session store necessary? #449
- HTTP Headers not being sent when using as an API from an Android Phone #448
- Is it possible to pass token via json? #447
- It shows "An error occurred" after omniauth callback #445
- Put Access Token in body #442
- Unable to add a new param for sign up #440
- Undefined method provider from devise_toke_auth concerns/user.rb #438
- NoMethodError (undefined method
enable\_standard\_devise\_support' for DeviseTokenAuth:Module\): app/controllers/devise\_token\_auth/concerns/set\_user\_by\_token.rb:35:in
set_user_by_token' #437 - duplicate method - resource_class #433
- Unpermitted parameter errors #432
- Scoped DeviseToken but it still affects the original Omniauth redirects. #429
- Can't create user via api #422
- redirect_uri_mismatch after update from 0.1.34 to 0.1.37 #420
- password_confirmation not actually required #419
- Password Reset question, do I need my own form? #418
- Large Size on Disk #415
- The validate_token function in the readme is missing a parameter #413
- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
- change_headers_on_each_request and batch requests #403
- Why should I use .to_json to get the right json object and not an array? #400
- Multiple users, returning(and creating) wrong model's auth token #399
- Can't verify CSRF token authenticity #398
- Errors after removing confirmable #397
- Add JSON API (v1.0) compliant API option #396
- NoMethodError in DeviseTokenAuth::SessionsController#create #394
- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
- Add better uid + provider unique support #392
- Unable to Logout after sign up and/or sign in #391
- Cohabitation with doorkeeper #389
- Sign in not success. #388
- React native signup/login using Facebook SDK #385
- password length #380
- Devise token auth not found routing error #379
- Defining a custom primary key #378
- seeing other users data after login/out with different users on ionic #375
- when does tokens field get cleared #372
- omniauth: when redirecting, user object should not be serialized into url #368
- getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
- Passing access_token after signup #366
- 'no implicit conversion of Hash into String (TypeError)' on Travis CI #365
- discrepancy between registration events #364
- Block isn't called in super do |resource| override. #363
- omniauth callback redirect not working properly when using namespace/scope #362
- Auth header is not being set in sign up when using confirmable with allowed unconfirmed access #361
- Spontaneous log out from app (presumably because of batch requests) #359
- invalid token in method set_user_by_token on RegistrationsController#update #357
- github provider callback url (?auth_token) #354
- Is it possible to authenticate_user! without failing the filter chain? #353
- Allow devise patch version updates #351
- Error validating token #348
- Support for Lockable and Timeoutable when using Devise and DeviseTokenAuth #346
- Official support and documentation on how to use alongside Devise for APIs #345
- permitted parameters not working as expected #344
- Using devise and devise_token_auth side by side #343
- Multiple Devise Models. One using token #342
- Restricting access to controllers methods #340
- ArgumentError in DeviseTokenAuth::ConfirmationsController#show #339
- Issue with audited-activerecord #338
- Allow for HTTP Basic Auth ? #337
- Allow Omniauth user reset password #335
- Ember Simple Auth #334
- NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
- group authentication not redirecting #332
- Unpermitted parameters: format, session #328
- Concern causes app to connect to database when precompiling assets. #327
- devise token auth + Save Facebook auth_hash info in database #326
- Getting `table_exists?' error when using devise_token_auth with Mongoid #325
- Error sending password reset email when not using confirmable (reopened #124) #321
- Routing error / Preflight request / OPTIONS #320
- delete tokens after password change #318
- Can't authorize (user_signed_in? always show false) #316
- Can't authorize (user_signed_in? always show false) #315
- Devise Email Validation #314
- Android native - Unpredictable 401 #313
- Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
- Having 401 Unauthorized only with mobile #305
- remove unused nickname, image from user object #304
- How to skip confirmation on register but possibility to ask later #303
- HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
- Getting 401's when making requests using iOS/Android clients #299
- User with multiple providers gets invalid login credential except the latest provider he/she registered. #298
- undefined method `tokens' for #<Hash:0x000000063f0920> #297
- Confirmation URL giving bad arguments #293
- Conder making view helpers available in token_validations_controller #292
- set_user_by_token not called in overriden controller #291
- Using alongside "normal" rails app #290
- Question: Should we send password reset instructions to unconfirmed emails? #287
- NoMethodError (undefined method `[]' for nil:NilClass): #286
- Facebook omniauth redirection is missing url when testing on localhost #285
- Reset password error. #284
- Configured verbatim, devise_token_auth receives this error google only #282
- No route matches [GET] "/users/facebook/callback" #280
- Facebook Auth isn't working for Google Chrome users that have Data Compression set to on #279
- No route matches [GET] "/omniauth/:provider" #278
- How to refresh token/expiry? #275
- wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
- Can not save a user with nil tokens attribute #271
- Shouldn't validate_token param be access-token, not auth_token? #270
- include associations on login #269
- Used alongside standard Devise broke the Devise mail confirmation #265
- How To Handle Guest Account #264
- confirmable feature bugs? #263
- Failure route not handled #262
- Getting Unauthorized error even after sending the correct token, uid and client #261
- Weird error message #259
- helper methods don't work #258
- undefined method `provider' for #<User:0x007f49fd5da2e8> #257
- Custom Serializer like ActiveModel Serializer #249
- reset password link is not getting to redirection #247
- File download with query params #246
- Info: is devise_token_auth compatible with rails 3.2.19? #245
- Should a 404 reset tokens? #244
- Headers required for different methods #243
- Unpermitted parameters: format, session, lang #239
- On sign_in, devise_token_auth expects the uid to be the same as the email #237
- Name conflict with inherited_resources #236
- Devise.secret_key was not set. Please add the following to your Devise initializer #235
- sign_in will not fetch the token #234
- Expected params don't match Devise itself #233
- Remove ('#') symbol when using html5mode in locationProvider #232
- Log in request 401 error #231
- User Registration - "email address already in use" when it is unique #230
- Devise email validation disabled...why? #229
- Namespaced Models #228
- Can't verify CSRF token authenticity #227
- confirm_success_url error not working #226
- pending_reconfirmation called when confirmable isn't used #224
- Error on OmniauthCallbacksController#omniauth_success #222
- omniauth_success.html.erb JSON bug #221
- undefined method `authenticate_user!' #219
- Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
- Where can I got token? #217
- The omniauth implementation on this gem use redirection. We need to get around these. #216
- Which software did you use to create the workflow ? #215
- URI fragment prevent to send params in Confirmation URL #213
- AbstractController::ActionNotFound (The action 'new' could not be found for DeviseTokenAuth::RegistrationsController): #212
- Oauth broken when attributes have a new line #211
- Generating many client tokens #210
- Limit tokens hash? #208
- 500 error returned when no data is POSTed to registration controller #203
- undefined method `match' for nil:NilClass #201
- No route matches [GET] "/omniauth/sign_in" #199
- DELETE method becoming OPTIONS @ Heroku #197
- I have a rails backend rendered app (erb). Can I switch to devise token auth? #196
- 40 Mb log file and 1 minute to have token with curl #195
- authentication via phone # #194
- 401 unauthorized #193
- Cannot use this gem alongside Devise #192
- GET requests to sign_in shouldn't raise an exception #190
- Api not locked by default #189
- Some headers without "access-token" (and friends) while testing with Rspec #188
- Rails 4.1 #187
- Unable to override OmniauthCallbacksController#redirect_callbacks #186
- AbstractController::ActionNotFound with Controller Override #185
- Devise and devise_token_auth omniauth callbacks #184
- Token based authentication with no sessions #183
- undefined method `authenticate_user!' #182
- Best way to set up migration for installation on existing User table already using Devise? #181
- Architecture Q: Why did you not use Warden? #180
- NoMethodError (undefined method `[]=' for nil:NilClass) #178
- confirm_success_url shouldn't be a required param #176
- Provide an OAuth implementation for native apps #175
- getting an argument error when trying to use omniauth #174
- Sign in via username doesn't seem to work correctly. #173
- Cannot use + sign in email address. #171
- Sign_in / Sign_up via token_auth and via session #168
- How can i authenticate using curl and get private entries ! #167
- Facebook login - Redirect issue #166
- Pessimistic Locking produces ArgumentError #165
- expired confirmation & reset link #164
- Storing token in Redis? #163
- POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
- Sign out just on client side ? #161
- Unpermitted parameter: redirect_url #160
- Issues using devise and devise_token_auth #159
- Add role based authorization #158
- list with http response codes #157
- Not compatible with ActiveAdmin #156
- [Duplicate] is devise_invitable supported? #154
- Trouble accessing provider auth key and secret #153
- Omniauth: New user or not ? #151
- User can register with a "false" email #149
- /validate_token #148
- Email confirmation link #147
- Tokens field on database #146
- Twitter OAuth always throughs CookieOverflow #145
- Is there a way to configure apiUrl for both dev and prod? #144
- Getting 401 unauthorized on login attempt #142
- Forcing SSL for DeviseTokenAuth causes error 'new' could not be found #141
- Comparing with jwt #140
- Can't get omniauth to work (error in redirect_callbacks) #139
- Change controller inheritance #138
- Reset Password call returns 400 for Not Found user #137
- The gem is too big. Please take care of it. #136
- Error when loging with facebook the second time without logout #135
- NoMethodError (undefined method `name' for nil:NilClass) - devise_controller.rb:22 #134
- OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
- Missing template /omniauth_response #132
- Sudo action / confirm your identity protocol #131
- Unpermitted parameter: session #130
- OAuth error: We're sorry, but something went wrong #129
- Would it be useful to integrate login with username ? #127
- Sign in with login instead of email #126
- Error sending password reset email when not using confirmable #124
- Using expired token for parallel calls #123
- devise_token_auth for multiple client #122
- OmniauthCallbacksController#omniauth_success wrong number of arguments (1 for 0) #119
- Could not load 'omniauth' #118
- bad argument (expected URI object or URI string) #116
- devise_token_auth for public API, but devise for rest of app? #114
- Omniauthable deleted on UsersConcern : Why ? #111
- Unrequired route #110
- Invalid Authenticity Token with last version #109
- raises NoMethodError instead of displaying error when email is missing #108
- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
- Circular dependency detected while autoloading constant Api #106
- Can't Authenticate via cURL #105
- Unpermitted parameters: user, registration #104
- BCrypt::Errors::InvalidSalt errors #103
- Active job token expiring integration #102
- Routes not properly set #101
- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
- Disable confirmable #99
- responders - rails 4.2 #98
- forward skip to devise #97
- API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
- Overwriting default "from" email address #94
- uninitialized constant DeviseTokenAuth #92
- change_headers_on_each_request not working expiry header empty #90
- allow_unconfirmed_access_for #89
- Gem render consistency #87
- Sample Sessions Controller for logging in via Rails View. #86
- Change authorization key: Use phone_number instead of email #84
- Conflict with active_admin gem #83
- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
- All the APIs are getting 'Authorized users only' #81
- Is Devise option Rememberable required ? #80
- Problem with skip_confirmation! #78
- Cannot reset password if registered by omniauth #77
- NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
- Usage with Grape #73
- Remove dependency on ActiveRecord #72
- Skipping Registrations Controller Altogether #70
- Problem in validate_token if the model is in a namespace #69
- Cannot send confirmation email if there is no 'User' model #68
- Better guidelines for contributors #65
- admin namespace #63
- Devise trackable module not working #62
- Allow updating of default attributes by default? #61
- Devise_token_auth without OmniAuth authentication #60
- Reset Password error #59
- Confirmable - unconfirmed email #58
- Email Column Isn't Used for Database Authentication #56
- Unique Key for Provider and UID Combination #55
- User Info in separate table or removed #53
- rename @user to @resource #48
- Active_admin issue #47
- Possible Logout Issue #46
- Routes not appended to routes.rb #45
- Return resource.errors.full_messages in addition to resource.errors #44
- Devise and Devise_Token_Auth in api namespace #43
- Trackable attributes are not being updated. #42
- Avoid using respond_to in application controller #41
- devise_token_auth assumes you want the :confirmable functionality #40
- undefined method `match' for nil:NilClass #39
- Expired token aren't removed when session expires #38
- sign_up helper #37
- self.tokens[client_id]['token'] != token #30
- How is the uid generated for non-omniauth users? #29
- Access to current_user variable? #28
- Filter chain halted as :require_no_authentication #27
- Allow additional parameters for registration #25
- Cannot add more parameters at sign_up #22
- Error on Registration #21
- Error with authentication #20
- Cascade of Issues with Omniauth(?) #18
- Batch Requests Respond with Original Auth Token #17
- Sign out with email provider error #16
- sessions_controller.rb #12
- Github login in example is broken #10
- Facebook auth is broken #9
- Generator is not working #8
- Test ticket from Code Climate #6
- Test ticket from Code Climate #5
- extending the devise_token_auth user model #4
- A few ideas #3
- Google Oauth2 does not set cookies in production. #1
Merged pull requests:
- Fixes include bug causing sign_in to require auth #1016 (karlingen)
- Update CONTRIBUTING.md #1009 (stratigos)
- Adding Danish locale #1006 (mikkeljuhl)
- allow only one confirmation #1001 (MaicolBen)
- Added capitalize to user_class in model file template #1000 (kiritAyya)
- Match email regexp with devise #999 (MaicolBen)
- Edit RegistrationsController#create to use ResourceFinder::provider #998 (m4-miranda)
- 993 - mirror auth header keys in build_auth_url query params #996 (ethagnawl)
- Add link to wiki of how to add fields for an existing user table #985 (MaicolBen)
- contemplate single table inheritance in DeviseTokenAuth::Concerns::SetUserByToken#set_user_by_token #984 (maxwells)
- Upgrade test suite to use Rails 5 #981 (lynndylanhurley)
- Conditionally set rails version on migration #979 (MaicolBen)
- remove confirm_success_url entries from dummy migrations #978 (ethagnawl)
- link to cached version of _How to Run a Single Rails Unit Test_ blog … #977 (ethagnawl)
- Fix default provider after refactor in concern #975 (MaicolBen)
- Adding in unlocks controller and specs. This should resolve #927. #971 (brycesenz)
- Add a call to contribute to the top of the README. Ref #969. #970 (zachfeldman)
- CONTRIBUTING: Add header, format sections #968 (olleolleolle)
- Add note about Grape usage. Closes #73. #967 (zachfeldman)
- Allow other provider than email when logins #964 (MaicolBen)
- change devise method to reset password by token #957 (dks17)
- Docs - add confirm_sucess_url to required params in email registration #956 (pnewsam)
- Fix header name on account delete documentation #909 (mconiglio)
- Document the confirm_success_url param for email registration #901 (nerfologist)
- Fix header markdown typo #895 (f3ndot)
- Support setting whitelist, without setting default redirect_url #894 (dkniffin)
- Support for devise 4.3 that is now supporting rails 5.1 #891 (silviusimeria)
- Translate message: Authorized users only through devise #883 (vincenzodev)
- Updated generator test code to work with rails 5 #872 (jrhee17)
- Feature/customable authorized users only error response #869 (abeyuya)
- Use rails validator instead of custom one #865 (MaicolBen)
- use URI::HTTPS to generate HTTPS redirects #864 (cgc)
- Persist allow_password_change in the database #863 (MohamedBassem)
- Rename find_by methods #860 (alex-lairan)
- Support for Devise 4.2.1 #852 (ckho)
- Ability to use different default fields in model #849 (blddmnd)
- GitHub Issues template, Contributing guidelines #847 (olleolleolle)
- Better implementation to test if connection to db is active #843 (richardxia)
- Add Albanian locale #842 (fatosmorina)
- Improve documentation for testing. #840 (JonRowe)
- Update german translation. #816 (gobijan)
- Prevent getting table info if not connected to db #814 (cbliard)
- Add support for italian locale #811 (Chosko)
- Fix privacy issue with password reset request #808 (biomancer)
- Add missing parameter :redirect_url, fixes #805 #806 (Rush)
- Fix language errors in German locale #800 (morgler)
- Don't send extra data on request password reset #798 (Mrjaco12)
- Travis: use the code_climate addon config #786 (olleolleolle)
- Update link #782 (dijonkitchen)
- Add index for confirmation_token #767 (dijonkitchen)
- Fixes constructing redirect_route #765 (piotrkaczmarek)
- Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
- Add Romanian locale. #743 (razvanmitre)
- Ruby syntax: replace and/not with &&/! #733 (olleolleolle)
- Update indexes on template #724 (dijonkitchen)
- Add an extra line to the "contributing" list #720 (jahammo2)
- Fix grammar #712 (dijonkitchen)
- Added reference to Angular2-Token to README #710 (neroniaky)
- feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)
- Allow user specific token lifespans #704 (codez)
- Always set header in batch mode #703 (codez)
- Fix Migration Deprecation Warning #700 (juddey)
- Apply
redirect\_whitelist
to OAuth redirect URI. #699 (lynndylanhurley) - add zh-CN.yml #697 (halfray)
- update README.md #693 (nhattan)
- Fix for issue #677 #678 (develop-test1)
- Fix for issue #600 #674 (milep)
- Use lockable devise option and unlock controller overwrite #669 (genaromadrid)
- Fix setup config example in README #665 (guich-wo)
- added bypass_sign_in for next version of Devise #663 (KendallPark)
- fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
- Tokens count overmuch fixed #650 (JerryGreen)
- updates config wrapper to conform with newer idiom #648 (bvandgrift)
- Adding support for devise 4.1.1 #642 (iainmcg)
- Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
- Fix yields from controller actions #638 (tiagojsag)
- Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
- fix spelling in comment on token auth concern #632 (dandlezzz)
- fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
- Revert "Update readme for headers names" #592 (ash1day)
- Update readme for headers names #589 (ash1day)
- Add info to README #585 (ghost)
- Fix typo and remove trailing spaces #578 (ash1day)
- allowing authenticating using headers as well as a post request #576 (ingolfured)
- Whitespace: tabs removed #574 (olleolleolle)
- Added dutch translations #571 (nschmoller)
- now possible to change headers names in the config file #569 (ingolfured)
- User concern: Ensure fallback is in place #564 (olleolleolle)
- Return resource with top-level 'type' member. #562 (ruimiguelsantos)
- Fix devise mapping #540 (merqlove)
- Make all json responses to be json_api compliant #537 (djsegal)
- Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
- Add Japanese locale and fix typo #530 (metalunk)
- Added omniauth post route #528 (v3rtx)
- Extract model callbacks #525 (merqlove)
- create token when no client_id token #523 (charlesdg)
- Fix enable_standard_devise_support in initializer #518 (halilim)
- Make render_create_success render valid json_api #513 (djsegal)
- Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
- send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
- [REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
- remove deprecations from RegistrationsController #506 (fivetwentysix)
- Allow new devise version for rails 5 compatibility #499 (djsegal)
- Spelling mistake #493 (Tom-Tom)
- Improve Brazilian Portuguese locale #491 (ssouza)
- fix namespaced mapping name #484 (paulosoares86)
- Locale file for both zh-TW and zh-HK #483 (SunnyTam)
- Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
- Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
- removing old tokens when user changes passwords #474 (paulosoares86)
- Move travis to container based configuration #470 (ValentinTrinque)
- Prevent helpers being loaded for Rails API’s #469 (djsegal)
- Reduce dependencies to allow Rails 5.0 #467 (djsegal)
- Fix locales
errors.messages.already\_in\_use
+ clean up #466 (ValentinTrinque) - Added 401 response to failed group authentication #446 (rstrobl)
- RU translations #441 (yivo)
- to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
- limiting the number of concurrent devices #434 (paulosoares86)
- Raise error in controller method #430 (ArneZsng)
- feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
- Support for i18n in mailers views #427 (ponyesteves)
- Fix omniauthredirection when under scopes #425 (xjunior)
- Translation to German #423 (haslinger)
- fix(url): preserve query parameters when building urls #421 (nbrustein)
- Change default message for already in use error and added to english … #417 (ponyesteves)
- Issue #413 #414 (Carrigan)
- Add .ruby-version entry to .gitignore #412 (xymbol)
- 404 for invalid link with password reset token #411 (rmvenancio)
- Flag signin when user confirms email address. #410 (rmvenancio)
- Portuguese Translation #409 (rmvenancio)
- Added polish translation. #405 (h3xed)
- Drop .ruby-version file #404 (xymbol)
- Implement hook methods for customized json rendering #384 (neutronz)
- Feature/password reset with check fix #374 (jakubrohleder)
- fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
- Fallback to ActiveModel translations in EmailValidator #369 (yivo)
- Add a Gitter chat badge to README.md #360 (gitter-badger)
- Improvements to the docs. #358 (aarongray)
- Add description to readme about the devise.rb initializer. #356 (aarongray)
- Correct handling namespaced resources #355 (yivo)
- Fix concern not being inserted for rails-api apps. #350 (aarongray)
- Add documentation to explain gotcha with rails-api. #349 (aarongray)
- Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
- #340 Restrict access to controllers methods #341 (gkopylov)
- fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
- add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
- Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
- Fixed error when using standard devise authentication #329 (colavitam)
- feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
- Fix invalid omniauth redirect #322 (troggy)
- Old password check before password update #317 (jakubrohleder)
- Remove erroneous colon from before_action callback #310 (jmliu)
- Disabled serialization for JSON type columns #306 (colavitam)
- Set default provider to "email" in migration #302 (colavitam)
- Fix an issue for not :confirmable users #296 (sebfie)
- Update README.md #295 (adisos)
- Fix MOUNT_PATH 'Read More' link #294 (jmliu)
- Don't send password reset instructions to unconfirmed email #288 (coryschires)
- Feature/i18n support #283 (sebfie)
- Update documentation for validate_token #277 (adamgall)
- Added json support for tokens #276 (shicholas)
- perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
- perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
- fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
- fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
- feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
- fix(sessions controller): call reset_session on destroy #251 (nbrustein)
- fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
- Allow current_password to be supplied when updating profile. #240 (jasonswett)
- fixes password reset when not using confirmable #225 (aesnyder)
- Fix error when email missing from registration params #220 (iangreenleaf)
- URI fragment should appear at the end of URL #214 (edymerchk)
- Super block yield (all controllers) #209 (sgwilym)
- Super block yield #207 (sgwilym)
- Ability to localize error message #206 (lda)
- remove fragment sign ("#") from URLs without fragment #205 (tomdov)
- Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
- Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
- Authenticating an existing Warden/Devise User #200 (nickL)
- GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
- Some missing as_json ? #152 (nicolas-besnard)
- Check email format on registration #150 (nicolas-besnard)
- Actual header key uses dashes, not underscores. #143 (ragaskar)
- Username register login #128 (nicolas-besnard)
- Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
- Fix links to section about controller integration. #117 (Le6ow5k1)
- document GET for /validate_token #113 (lukaselmer)
- Fix small error in documentation. #91 (edgarhenriquez)
- Exclude devise modules #85 (jartek)
- fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
- Add better guidelines for contributors. #67 (edgarhenriquez)
- Use resource_class to override email confirmation. #64 (edgarhenriquez)
- fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
- fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
- Include resource.errors.full_messages in error response. #50 (jasonswett)
- fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
- Update README with Example Generator Command #35 (wwilkins)
- Remove OmniAuth dependency #26 (hannahhoward)
- Update README.md #24 (davidsavoya)
- guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
- Fix expiry data type #11 (lonre)
- README and travis config tweaks #7 (guilhermesimoes)
v0.1.42 (2017-05-17)
Closed issues:
- devise_token_auth blocks upgrade to Rails 5.1.0 #875
Merged pull requests:
- Support for devise 4.3 that is now supporting rails 5.1 #891 (silviusimeria)
Implemented enhancements:
Fixed bugs:
Closed issues:
- Can´t retrieve access token in login response headers #877
- how do I login a user after account signup? #866
- Can only register one account. #858
- No access-token in the header #855
- Headers not present in all requests #851
- uninitialized constant SECRET_KEY_BASE #845
- devise_token_auth: can't work with Rails subdomain. #831
- Question: email confirmation token URI with Rails API #824
- readme code for controller override needs a slight change #819
- Support for multiple providers during same session #815
- not supporting for angular1.6 #810
- Add has one/belongs to assotiation #807
- redirect_url required but not permitted in strong parameters #805
- Data leak on create password reset #797
- Rails 5 API Mode Not Authorizing #796
- wrong constant name user #784
- current_user returns nill #779
- ActionController::RoutingError - undefined method `helper_method' #776
- Minimum Limits on a token? #764
- Octopus throwing error when deleting expired tokens #761
- Only one User model return the correct headers #757
- ArgumentError in Devise::RegistrationsController#new #750
- OAuth (GitHub) redirects to callback url twice #749
- Rails 5 API deployed as microservices #741
- Query params left in url after facebook login cause authentication to fail on refresh #734
- Can't permit parameters in rails engine #731
- Cannot integrate with omniauth-facebook #729
- Two models, one not working #726
- API response bodies are empty when using active_model_serializers #715
- /sign_out route is returning 404 not found #713
- Why is
tokens
field a json type and how to create a query based on inside values? #707 - Deprecation Error Message on 5.0 #698
- "Covert Redirect" Vulnerability #696
- No route matches [POST] "/api/v1/auth" #694
- Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
- using devise_token_auth for API alongside standard devise gem for HTML view #689
- No Headers after sign_in for new Users created by Admin #685
- NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
- Fast page refresh problem #683
- IndexError: string not matched on User sign_in #681
- skip_confirmation_notification! not working #679
- rails g devise_token_auth:install User auth hangs and does nothing #671
- Bump version to support devise 4.1.1 #659
- callback :set_user_by_token has not been defined #649
- Issues with active_model_serializers #644
- Error with devise #643
- undefined method `token_validation_response' #635
- when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
- Relax devise dependency to allow 4.1 #631
- Rails 5 generator doesn't insert concern #627
- NoMethodError (undefined method `find_by_uid') in production. #625
- Why is password confirmation required ? #624
- Curl not working for sign_in but works on ng-token-angular #620
- After Sign-in success, The following requests on Angular side are unauthorized. #619
- Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
- :authenticate_user! wired behaviour #614
- current_user is nil, request headers are all upcased and prefixed with HTML_ #611
- Problem in generated routes #607
- Rails 5 API Mode - no headers in response #606
- Filter chain halted as :authenticate_user! rendered or redirected #603
- 422 Unprocessable Entity when using local IP address #601
- not working with latest version of active_model_serializers #600
- overriding rendering methods in devise_token_auth #597
- redirect_url is missing in email instructions sent to the user for password reset #588
- Unpermitted parameter: {"email":"[email protected]","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
- can't authenticate user when opening a new download tab #582
- Mails are not being sent #581
- current_user seems to be nil after doing requests from different tabs #579
- Do we have any rspec helpers to sign_in an user? #577
- Cannot override json response of authenticate_user! #575
- return custom json data after sign_in #567
- /auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
- Where is the access key of omniauth provider? #549
- How this gem is different from a JWT system? #543
- Improper formatting for JSON API error/success responses #536
- Is it a hybrid authentication system? #527
- check_current_password_before_update still requires password when resetting password #526
- Manually authenticate for testing #521
- Support for STI #517
- DEPRECATION WARNING: alias_method_chain is deprecated #514
- JSON responses don't fit JSON_API requirements #512
- Not working with rails 5 and devise master #504
- Unpermitted parameters: confirm_success_url, config_name, registration #501
- set_user_by_token not defined in production for rails 5 #500
- Master branch no longer working with devise master branch (version error) #498
- uid is not getting set in git revision 996b9cf23a18 #497
- ve_model_serializer namespace #492
- User remains logged in when using devise and devise_token_auth in the same app #486
- DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
- validate_token - resource_name - undefined method `name' for nil:NilClass #480
- Helpers being loaded for Rails API's #468
- Unable to call
rails g devise\_token\_auth:install
within rails engine #465 - locales
errors.messages.already\_in\_use
seems broken #463 - It shows "An error occurred" after omniauth callback #445
- Put Access Token in body #442
- Unable to add a new param for sign up #440
- Undefined method provider from devise_toke_auth concerns/user.rb #438
- Scoped DeviseToken but it still affects the original Omniauth redirects. #429
- Can't create user via api #422
- Password Reset question, do I need my own form? #418
- Large Size on Disk #415
- The validate_token function in the readme is missing a parameter #413
- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
- change_headers_on_each_request and batch requests #403
- Multiple users, returning(and creating) wrong model's auth token #399
- Can't verify CSRF token authenticity #398
- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
- Sign in not success. #388
- password length #380
- Devise token auth not found routing error #379
- Defining a custom primary key #378
- seeing other users data after login/out with different users on ionic #375
- omniauth: when redirecting, user object should not be serialized into url #368
- getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
- omniauth callback redirect not working properly when using namespace/scope #362
- invalid token in method set_user_by_token on RegistrationsController#update #357
- Allow devise patch version updates #351
- Error validating token #348
- Restricting access to controllers methods #340
- Allow for HTTP Basic Auth ? #337
- Allow Omniauth user reset password #335
- NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
- Unpermitted parameters: format, session #328
- Concern causes app to connect to database when precompiling assets. #327
- devise token auth + Save Facebook auth_hash info in database #326
- Error sending password reset email when not using confirmable (reopened #124) #321
- Routing error / Preflight request / OPTIONS #320
- delete tokens after password change #318
- Can't authorize (user_signed_in? always show false) #315
- Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
- Having 401 Unauthorized only with mobile #305
- remove unused nickname, image from user object #304
- HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
- Getting 401's when making requests using iOS/Android clients #299
- undefined method `tokens' for #<Hash:0x000000063f0920> #297
- Confirmation URL giving bad arguments #293
- set_user_by_token not called in overriden controller #291
- Question: Should we send password reset instructions to unconfirmed emails? #287
- NoMethodError (undefined method `[]' for nil:NilClass): #286
- Facebook omniauth redirection is missing url when testing on localhost #285
- No route matches [GET] "/users/facebook/callback" #280
- No route matches [GET] "/omniauth/:provider" #278
- How to refresh token/expiry? #275
- wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
- Can not save a user with nil tokens attribute #271
- Shouldn't validate_token param be access-token, not auth_token? #270
- include associations on login #269
- Failure route not handled #262
- Getting Unauthorized error even after sending the correct token, uid and client #261
- Weird error message #259
- undefined method `provider' for #<User:0x007f49fd5da2e8> #257
- Custom Serializer like ActiveModel Serializer #249
- File download with query params #246
- Info: is devise_token_auth compatible with rails 3.2.19? #245
- Headers required for different methods #243
- Unpermitted parameters: format, session, lang #239
- On sign_in, devise_token_auth expects the uid to be the same as the email #237
- Name conflict with inherited_resources #236
- sign_in will not fetch the token #234
- Remove ('#') symbol when using html5mode in locationProvider #232
- Log in request 401 error #231
- User Registration - "email address already in use" when it is unique #230
- Devise email validation disabled...why? #229
- confirm_success_url error not working #226
- pending_reconfirmation called when confirmable isn't used #224
- omniauth_success.html.erb JSON bug #221
- Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
- Where can I got token? #217
- URI fragment prevent to send params in Confirmation URL #213
- Generating many client tokens #210
- Limit tokens hash? #208
- 500 error returned when no data is POSTed to registration controller #203
- undefined method `match' for nil:NilClass #201
- DELETE method becoming OPTIONS @ Heroku #197
- 40 Mb log file and 1 minute to have token with curl #195
- 401 unauthorized #193
- GET requests to sign_in shouldn't raise an exception #190
- Api not locked by default #189
- Rails 4.1 #187
- Unable to override OmniauthCallbacksController#redirect_callbacks #186
- Devise and devise_token_auth omniauth callbacks #184
- Token based authentication with no sessions #183
- undefined method `authenticate_user!' #182
- confirm_success_url shouldn't be a required param #176
- Provide an OAuth implementation for native apps #175
- getting an argument error when trying to use omniauth #174
- Sign in via username doesn't seem to work correctly. #173
- Cannot use + sign in email address. #171
- How can i authenticate using curl and get private entries ! #167
- Pessimistic Locking produces ArgumentError #165
- POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
- Sign out just on client side ? #161
- Unpermitted parameter: redirect_url #160
- Issues using devise and devise_token_auth #159
- Add role based authorization #158
- Not compatible with ActiveAdmin #156
- [Duplicate] is devise_invitable supported? #154
- User can register with a "false" email #149
- /validate_token #148
- Email confirmation link #147
- Tokens field on database #146
- Twitter OAuth always throughs CookieOverflow #145
- Is there a way to configure apiUrl for both dev and prod? #144
- Getting 401 unauthorized on login attempt #142
- Comparing with jwt #140
- Can't get omniauth to work (error in redirect_callbacks) #139
- Change controller inheritance #138
- Reset Password call returns 400 for Not Found user #137
- The gem is too big. Please take care of it. #136
- Error when loging with facebook the second time without logout #135
- OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
- Missing template /omniauth_response #132
- Unpermitted parameter: session #130
- OAuth error: We're sorry, but something went wrong #129
- Would it be useful to integrate login with username ? #127
- Sign in with login instead of email #126
- Error sending password reset email when not using confirmable #124
- Using expired token for parallel calls #123
- User tokens don't properly deserialize #121
- OmniauthCallbacksController#omniauth_success wrong number of arguments (1 for 0) #119
- Could not load 'omniauth' #118
- bad argument (expected URI object or URI string) #116
- devise_token_auth for public API, but devise for rest of app? #114
- Omniauthable deleted on UsersConcern : Why ? #111
- Unrequired route #110
- raises NoMethodError instead of displaying error when email is missing #108
- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
- Circular dependency detected while autoloading constant Api #106
- Can't Authenticate via cURL #105
- Unpermitted parameters: user, registration #104
- BCrypt::Errors::InvalidSalt errors #103
- Active job token expiring integration #102
- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
- Disable confirmable #99
- responders - rails 4.2 #98
- forward skip to devise #97
- API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
- Overwriting default "from" email address #94
- uninitialized constant DeviseTokenAuth #92
- change_headers_on_each_request not working expiry header empty #90
- Gem render consistency #87
- Sample Sessions Controller for logging in via Rails View. #86
- Change authorization key: Use phone_number instead of email #84
- Conflict with active_admin gem #83
- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
- All the APIs are getting 'Authorized users only' #81
- Is Devise option Rememberable required ? #80
- Problem with skip_confirmation! #78
- Cannot reset password if registered by omniauth #77
- NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
- Remove dependency on ActiveRecord #72
- Skipping Registrations Controller Altogether #70
- Problem in validate_token if the model is in a namespace #69
- Cannot send confirmation email if there is no 'User' model #68
- Better guidelines for contributors #65
- admin namespace #63
- Devise trackable module not working #62
- Devise_token_auth without OmniAuth authentication #60
- Reset Password error #59
- Confirmable - unconfirmed email #58
- Email Column Isn't Used for Database Authentication #56
- Unique Key for Provider and UID Combination #55
- User Info in separate table or removed #53
- rename @user to @resource #48
- Active_admin issue #47
- Possible Logout Issue #46
- Routes not appended to routes.rb #45
- Return resource.errors.full_messages in addition to resource.errors #44
- Devise and Devise_Token_Auth in api namespace #43
- Trackable attributes are not being updated. #42
- Avoid using respond_to in application controller #41
- devise_token_auth assumes you want the :confirmable functionality #40
- undefined method `match' for nil:NilClass #39
- Expired token aren't removed when session expires #38
- sign_up helper #37
- self.tokens[client_id]['token'] != token #30
- How is the uid generated for non-omniauth users? #29
- Access to current_user variable? #28
- Filter chain halted as :require_no_authentication #27
- Allow additional parameters for registration #25
- Cannot add more parameters at sign_up #22
- Error on Registration #21
- Error with authentication #20
- Cascade of Issues with Omniauth(?) #18
- Batch Requests Respond with Original Auth Token #17
- Sign out with email provider error #16
- sessions_controller.rb #12
- Github login in example is broken #10
- Facebook auth is broken #9
- Generator is not working #8
- Test ticket from Code Climate #6
- Test ticket from Code Climate #5
- extending the devise_token_auth user model #4
- A few ideas #3
- Google Oauth2 does not set cookies in production. #1
Merged pull requests:
- Translate message: Authorized users only through devise #883 (vincenzodev)
- Updated generator test code to work with rails 5 #872 (jrhee17)
- use URI::HTTPS to generate HTTPS redirects #864 (cgc)
- Rename find_by methods #860 (alex-lairan)
- Support for Devise 4.2.1 #852 (ckho)
- Add Albanian locale #842 (fatosmorina)
- Update german translation. #816 (gobijan)
- Prevent getting table info if not connected to db #814 (cbliard)
- Add support for italian locale #811 (Chosko)
- Fix privacy issue with password reset request #808 (biomancer)
- Add missing parameter :redirect_url, fixes #805 #806 (Rush)
- Fix language errors in German locale #800 (morgler)
- Don't send extra data on request password reset #798 (Mrjaco12)
- Travis: use the code_climate addon config #786 (olleolleolle)
- Update link #782 (dijonkitchen)
- Add index for confirmation_token #767 (dijonkitchen)
- Fixes constructing redirect_route #765 (piotrkaczmarek)
- Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
- Add Romanian locale. #743 (razvanmitre)
- Ruby syntax: replace and/not with &&/! #733 (olleolleolle)
- Update indexes on template #724 (dijonkitchen)
- Add an extra line to the "contributing" list #720 (jahammo2)
- Fix grammar #712 (dijonkitchen)
- Added reference to Angular2-Token to README #710 (neroniaky)
- feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)
- Fix Migration Deprecation Warning #700 (juddey)
- Apply
redirect\_whitelist
to OAuth redirect URI. #699 (lynndylanhurley) - add zh-CN.yml #697 (halfray)
- update README.md #693 (nhattan)
- Fix for issue #600 #674 (milep)
- Use lockable devise option and unlock controller overwrite #669 (genaromadrid)
- Fix setup config example in README #665 (guich-wo)
- added bypass_sign_in for next version of Devise #663 (KendallPark)
- fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
- Tokens count overmuch fixed #650 (JerryGreen)
- updates config wrapper to conform with newer idiom #648 (bvandgrift)
- Adding support for devise 4.1.1 #642 (iainmcg)
- Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
- Fix yields from controller actions #638 (tiagojsag)
- Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
- fix spelling in comment on token auth concern #632 (dandlezzz)
- fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
- Revert "Update readme for headers names" #592 (ash1day)
- Update readme for headers names #589 (ash1day)
- Add info to README #585 (ghost)
- Fix typo and remove trailing spaces #578 (ash1day)
- allowing authenticating using headers as well as a post request #576 (ingolfured)
- Whitespace: tabs removed #574 (olleolleolle)
- Added dutch translations #571 (nschmoller)
- now possible to change headers names in the config file #569 (ingolfured)
- User concern: Ensure fallback is in place #564 (olleolleolle)
- Return resource with top-level 'type' member. #562 (ruimiguelsantos)
- Fix devise mapping #540 (merqlove)
- Make all json responses to be json_api compliant #537 (djsegal)
- Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
- Add Japanese locale and fix typo #530 (metalunk)
- Added omniauth post route #528 (v3rtx)
- Extract model callbacks #525 (merqlove)
- create token when no client_id token #523 (charlesdg)
- Fix enable_standard_devise_support in initializer #518 (halilim)
- Make render_create_success render valid json_api #513 (djsegal)
- Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
- send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
- [REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
- remove deprecations from RegistrationsController #506 (fivetwentysix)
- Allow new devise version for rails 5 compatibility #499 (djsegal)
- Spelling mistake #493 (Tom-Tom)
- Improve Brazilian Portuguese locale #491 (ssouza)
- fix namespaced mapping name #484 (paulosoares86)
- Locale file for both zh-TW and zh-HK #483 (SunnyTam)
- Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
- Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
- removing old tokens when user changes passwords #474 (paulosoares86)
- Move travis to container based configuration #470 (ValentinTrinque)
- Prevent helpers being loaded for Rails API’s #469 (djsegal)
- Reduce dependencies to allow Rails 5.0 #467 (djsegal)
- Fix locales
errors.messages.already\_in\_use
+ clean up #466 (ValentinTrinque) - Added 401 response to failed group authentication #446 (rstrobl)
- RU translations #441 (yivo)
- to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
- limiting the number of concurrent devices #434 (paulosoares86)
- Raise error in controller method #430 (ArneZsng)
- feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
- Support for i18n in mailers views #427 (ponyesteves)
- Fix omniauthredirection when under scopes #425 (xjunior)
- Translation to German #423 (haslinger)
- fix(url): preserve query parameters when building urls #421 (nbrustein)
- Change default message for already in use error and added to english … #417 (ponyesteves)
- Issue #413 #414 (Carrigan)
- Add .ruby-version entry to .gitignore #412 (xymbol)
- 404 for invalid link with password reset token #411 (rmvenancio)
- Portuguese Translation #409 (rmvenancio)
- Added polish translation. #405 (h3xed)
- Drop .ruby-version file #404 (xymbol)
- Implement hook methods for customized json rendering #384 (neutronz)
- Feature/password reset with check fix #374 (jakubrohleder)
- fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
- Fallback to ActiveModel translations in EmailValidator #369 (yivo)
- Add a Gitter chat badge to README.md #360 (gitter-badger)
- Improvements to the docs. #358 (aarongray)
- Add description to readme about the devise.rb initializer. #356 (aarongray)
- Correct handling namespaced resources #355 (yivo)
- Fix concern not being inserted for rails-api apps. #350 (aarongray)
- Add documentation to explain gotcha with rails-api. #349 (aarongray)
- Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
- #340 Restrict access to controllers methods #341 (gkopylov)
- fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
- add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
- Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
- Fixed error when using standard devise authentication #329 (colavitam)
- feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
- Fix invalid omniauth redirect #322 (troggy)
- Old password check before password update #317 (jakubrohleder)
- Remove erroneous colon from before_action callback #310 (jmliu)
- Disabled serialization for JSON type columns #306 (colavitam)
- Set default provider to "email" in migration #302 (colavitam)
- Fix an issue for not :confirmable users #296 (sebfie)
- Update README.md #295 (adisos)
- Fix MOUNT_PATH 'Read More' link #294 (jmliu)
- Don't send password reset instructions to unconfirmed email #288 (coryschires)
- Feature/i18n support #283 (sebfie)
- Update documentation for validate_token #277 (adamgall)
- Added json support for tokens #276 (shicholas)
- perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
- perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
- fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
- fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
- feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
- fix(sessions controller): call reset_session on destroy #251 (nbrustein)
- fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
- Allow current_password to be supplied when updating profile. #240 (jasonswett)
- fixes password reset when not using confirmable #225 (aesnyder)
- Fix error when email missing from registration params #220 (iangreenleaf)
- URI fragment should appear at the end of URL #214 (edymerchk)
- Super block yield (all controllers) #209 (sgwilym)
- Super block yield #207 (sgwilym)
- Ability to localize error message #206 (lda)
- remove fragment sign ("#") from URLs without fragment #205 (tomdov)
- Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
- Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
- Authenticating an existing Warden/Devise User #200 (nickL)
- GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
- Some missing as_json ? #152 (nicolas-besnard)
- Check email format on registration #150 (nicolas-besnard)
- Actual header key uses dashes, not underscores. #143 (ragaskar)
- Username register login #128 (nicolas-besnard)
- Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
- Fix links to section about controller integration. #117 (Le6ow5k1)
- document GET for /validate_token #113 (lukaselmer)
- Fix small error in documentation. #91 (edgarhenriquez)
- Exclude devise modules #85 (jartek)
- fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
- Add better guidelines for contributors. #67 (edgarhenriquez)
- Use resource_class to override email confirmation. #64 (edgarhenriquez)
- fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
- fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
- Include resource.errors.full_messages in error response. #50 (jasonswett)
- fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
- Update README with Example Generator Command #35 (wwilkins)
- Remove OmniAuth dependency #26 (hannahhoward)
- Update README.md #24 (davidsavoya)
- guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
- Fix expiry data type #11 (lonre)
- README and travis config tweaks #7 (guilhermesimoes)
v0.1.40 (2017-01-20)
Closed issues:
- Support for multiple providers during same session #815
- not supporting for angular1.6 #810
- Add has one/belongs to assotiation #807
- redirect_url required but not permitted in strong parameters #805
- Rails 5 API Mode Not Authorizing #796
- wrong constant name user #784
- current_user returns nill #779
- ActionController::RoutingError - undefined method `helper_method' #776
- Minimum Limits on a token? #764
- Octopus throwing error when deleting expired tokens #761
- Only one User model return the correct headers #757
- ArgumentError in Devise::RegistrationsController#new #750
- Rails 5 API deployed as microservices #741
- Query params left in url after facebook login cause authentication to fail on refresh #734
- Can't permit parameters in rails engine #731
- Cannot integrate with omniauth-facebook #729
- Two models, one not working #726
- API response bodies are empty when using active_model_serializers #715
- /sign_out route is returning 404 not found #713
- Why is
tokens
field a json type and how to create a query based on inside values? #707 - Deprecation Error Message on 5.0 #698
Merged pull requests:
- Update german translation. #816 (gobijan)
- Add support for italian locale #811 (Chosko)
- Fix privacy issue with password reset request #808 (biomancer)
- Add missing parameter :redirect_url, fixes #805 #806 (Rush)
- Fix language errors in German locale #800 (morgler)
- Don't send extra data on request password reset #798 (Mrjaco12)
- Travis: use the code_climate addon config #786 (olleolleolle)
- Update link #782 (dijonkitchen)
- Add index for confirmation_token #767 (dijonkitchen)
- Fixes constructing redirect_route #765 (piotrkaczmarek)
- Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
- Add Romanian locale. #743 (razvanmitre)
- Update indexes on template #724 (dijonkitchen)
- Add an extra line to the "contributing" list #720 (jahammo2)
- Fix grammar #712 (dijonkitchen)
- Added reference to Angular2-Token to README #710 (neroniaky)
- feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)
v0.1.39 (2016-08-16)
Closed issues:
- "Covert Redirect" Vulnerability #696
- No route matches [POST] "/api/v1/auth" #694
- Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
- using devise_token_auth for API alongside standard devise gem for HTML view #689
- No Headers after sign_in for new Users created by Admin #685
- NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
- Fast page refresh problem #683
- IndexError: string not matched on User sign_in #681
- skip_confirmation_notification! not working #679
- Bump version to support devise 4.1.1 #659
- not working with latest version of active_model_serializers #600
Merged pull requests:
- Fix Migration Deprecation Warning #700 (juddey)
- Apply
redirect\_whitelist
to OAuth redirect URI. #699 (lynndylanhurley) - add zh-CN.yml #697 (halfray)
- update README.md #693 (nhattan)
Implemented enhancements:
Fixed bugs:
Closed issues:
- rails g devise_token_auth:install User auth hangs and does nothing #671
- callback :set_user_by_token has not been defined #649
- Issues with active_model_serializers #644
- Error with devise #643
- undefined method `token_validation_response' #635
- when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
- Relax devise dependency to allow 4.1 #631
- Rails 5 generator doesn't insert concern #627
- NoMethodError (undefined method `find_by_uid') in production. #625
- Curl not working for sign_in but works on ng-token-angular #620
- After Sign-in success, The following requests on Angular side are unauthorized. #619
- Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
- :authenticate_user! wired behaviour #614
- current_user is nil, request headers are all upcased and prefixed with HTML_ #611
- Problem in generated routes #607
- Rails 5 API Mode - no headers in response #606
- Filter chain halted as :authenticate_user! rendered or redirected #603
- 422 Unprocessable Entity when using local IP address #601
- overriding rendering methods in devise_token_auth #597
- redirect_url is missing in email instructions sent to the user for password reset #588
- Unpermitted parameter: {"email":"[email protected]","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
- can't authenticate user when opening a new download tab #582
- Mails are not being sent #581
- current_user seems to be nil after doing requests from different tabs #579
- Do we have any rspec helpers to sign_in an user? #577
- Cannot override json response of authenticate_user! #575
- return custom json data after sign_in #567
- /auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
- Where is the access key of omniauth provider? #549
- How this gem is different from a JWT system? #543
- Improper formatting for JSON API error/success responses #536
- Is it a hybrid authentication system? #527
- check_current_password_before_update still requires password when resetting password #526
- Manually authenticate for testing #521
- Support for STI #517
- JSON responses don't fit JSON_API requirements #512
- Not working with rails 5 and devise master #504
- Unpermitted parameters: confirm_success_url, config_name, registration #501
- set_user_by_token not defined in production for rails 5 #500
- Master branch no longer working with devise master branch (version error) #498
- uid is not getting set in git revision 996b9cf23a18 #497
- ve_model_serializer namespace #492
- User remains logged in when using devise and devise_token_auth in the same app #486
- DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
- validate_token - resource_name - undefined method `name' for nil:NilClass #480
- Helpers being loaded for Rails API's #468
- Unable to call
rails g devise\_token\_auth:install
within rails engine #465 - locales
errors.messages.already\_in\_use
seems broken #463 - It shows "An error occurred" after omniauth callback #445
- Put Access Token in body #442
- Unable to add a new param for sign up #440
- Undefined method provider from devise_toke_auth concerns/user.rb #438
- Scoped DeviseToken but it still affects the original Omniauth redirects. #429
- Can't create user via api #422
- Password Reset question, do I need my own form? #418
- Large Size on Disk #415
- The validate_token function in the readme is missing a parameter #413
- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
- change_headers_on_each_request and batch requests #403
- Multiple users, returning(and creating) wrong model's auth token #399
- Can't verify CSRF token authenticity #398
- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
- Sign in not success. #388
- password length #380
- Devise token auth not found routing error #379
- Defining a custom primary key #378
- seeing other users data after login/out with different users on ionic #375
- omniauth: when redirecting, user object should not be serialized into url #368
- getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
- omniauth callback redirect not working properly when using namespace/scope #362
- invalid token in method set_user_by_token on RegistrationsController#update #357
- Allow devise patch version updates #351
- Error validating token #348
- Allow for HTTP Basic Auth ? #337
- Allow Omniauth user reset password #335
- NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
- Unpermitted parameters: format, session #328
- devise token auth + Save Facebook auth_hash info in database #326
- Error sending password reset email when not using confirmable (reopened #124) #321
- Routing error / Preflight request / OPTIONS #320
- delete tokens after password change #318
- Can't authorize (user_signed_in? always show false) #315
- Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
- Having 401 Unauthorized only with mobile #305
- remove unused nickname, image from user object #304
- HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
- Getting 401's when making requests using iOS/Android clients #299
- undefined method `tokens' for #<Hash:0x000000063f0920> #297
- Confirmation URL giving bad arguments #293
- set_user_by_token not called in overriden controller #291
- Question: Should we send password reset instructions to unconfirmed emails? #287
- NoMethodError (undefined method `[]' for nil:NilClass): #286
- Facebook omniauth redirection is missing url when testing on localhost #285
- No route matches [GET] "/users/facebook/callback" #280
- No route matches [GET] "/omniauth/:provider" #278
- How to refresh token/expiry? #275
- wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
- Can not save a user with nil tokens attribute #271
- Shouldn't validate_token param be access-token, not auth_token? #270
- include associations on login #269
- Failure route not handled #262
- Getting Unauthorized error even after sending the correct token, uid and client #261
- Weird error message #259
- undefined method `provider' for #<User:0x007f49fd5da2e8> #257
- Custom Serializer like ActiveModel Serializer #249
- File download with query params #246
- Info: is devise_token_auth compatible with rails 3.2.19? #245
- Headers required for different methods #243
- Unpermitted parameters: format, session, lang #239
- On sign_in, devise_token_auth expects the uid to be the same as the email #237
- Name conflict with inherited_resources #236
- sign_in will not fetch the token #234
- Remove ('#') symbol when using html5mode in locationProvider #232
- Log in request 401 error #231
- User Registration - "email address already in use" when it is unique #230
- Devise email validation disabled...why? #229
- confirm_success_url error not working #226
- pending_reconfirmation called when confirmable isn't used #224
- omniauth_success.html.erb JSON bug #221
- Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
- Where can I got token? #217
- URI fragment prevent to send params in Confirmation URL #213
- Generating many client tokens #210
- Limit tokens hash? #208
- 500 error returned when no data is POSTed to registration controller #203
- undefined method `match' for nil:NilClass #201
- DELETE method becoming OPTIONS @ Heroku #197
- 40 Mb log file and 1 minute to have token with curl #195
- 401 unauthorized #193
- GET requests to sign_in shouldn't raise an exception #190
- Api not locked by default #189
- Rails 4.1 #187
- Unable to override OmniauthCallbacksController#redirect_callbacks #186
- Token based authentication with no sessions #183
- undefined method `authenticate_user!' #182
- confirm_success_url shouldn't be a required param #176
- Provide an OAuth implementation for native apps #175
- getting an argument error when trying to use omniauth #174
- Sign in via username doesn't seem to work correctly. #173
- Cannot use + sign in email address. #171
- How can i authenticate using curl and get private entries ! #167
- Pessimistic Locking produces ArgumentError #165
- POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
- Sign out just on client side ? #161
- Unpermitted parameter: redirect_url #160
- Issues using devise and devise_token_auth #159
- Add role based authorization #158
- Not compatible with ActiveAdmin #156
- [Duplicate] is devise_invitable supported? #154
- User can register with a "false" email #149
- /validate_token #148
- Email confirmation link #147
- Tokens field on database #146
- Twitter OAuth always throughs CookieOverflow #145
- Is there a way to configure apiUrl for both dev and prod? #144
- Getting 401 unauthorized on login attempt #142
- Comparing with jwt #140
- Can't get omniauth to work (error in redirect_callbacks) #139
- Change controller inheritance #138
- Reset Password call returns 400 for Not Found user #137
- The gem is too big. Please take care of it. #136
- Error when loging with facebook the second time without logout #135
- OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
- Missing template /omniauth_response #132
- Unpermitted parameter: session #130
- OAuth error: We're sorry, but something went wrong #129
- Would it be useful to integrate login with username ? #127
- Sign in with login instead of email #126
- Error sending password reset email when not using confirmable #124
- Using expired token for parallel calls #123
- User tokens don't properly deserialize #121
- Could not load 'omniauth' #118
- bad argument (expected URI object or URI string) #116
- devise_token_auth for public API, but devise for rest of app? #114
- Omniauthable deleted on UsersConcern : Why ? #111
- Unrequired route #110
- raises NoMethodError instead of displaying error when email is missing #108
- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
- Circular dependency detected while autoloading constant Api #106
- Can't Authenticate via cURL #105
- Unpermitted parameters: user, registration #104
- BCrypt::Errors::InvalidSalt errors #103
- Active job token expiring integration #102
- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
- Disable confirmable #99
- responders - rails 4.2 #98
- forward skip to devise #97
- API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
- Overwriting default "from" email address #94
- uninitialized constant DeviseTokenAuth #92
- change_headers_on_each_request not working expiry header empty #90
- Gem render consistency #87
- Sample Sessions Controller for logging in via Rails View. #86
- Change authorization key: Use phone_number instead of email #84
- Conflict with active_admin gem #83
- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
- All the APIs are getting 'Authorized users only' #81
- Is Devise option Rememberable required ? #80
- Problem with skip_confirmation! #78
- Cannot reset password if registered by omniauth #77
- NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
- Remove dependency on ActiveRecord #72
- Skipping Registrations Controller Altogether #70
- Problem in validate_token if the model is in a namespace #69
- Cannot send confirmation email if there is no 'User' model #68
- Better guidelines for contributors #65
- admin namespace #63
- Devise trackable module not working #62
- Devise_token_auth without OmniAuth authentication #60
- Reset Password error #59
- Confirmable - unconfirmed email #58
- Email Column Isn't Used for Database Authentication #56
- Unique Key for Provider and UID Combination #55
- User Info in separate table or removed #53
- rename @user to @resource #48
- Active_admin issue #47
- Possible Logout Issue #46
- Routes not appended to routes.rb #45
- Return resource.errors.full_messages in addition to resource.errors #44
- Devise and Devise_Token_Auth in api namespace #43
- Trackable attributes are not being updated. #42
- Avoid using respond_to in application controller #41
- devise_token_auth assumes you want the :confirmable functionality #40
- undefined method `match' for nil:NilClass #39
- Expired token aren't removed when session expires #38
- sign_up helper #37
- self.tokens[client_id]['token'] != token #30
- How is the uid generated for non-omniauth users? #29
- Access to current_user variable? #28
- Filter chain halted as :require_no_authentication #27
- Allow additional parameters for registration #25
- Cannot add more parameters at sign_up #22
- Error on Registration #21
- Error with authentication #20
- Cascade of Issues with Omniauth(?) #18
- Batch Requests Respond with Original Auth Token #17
- Sign out with email provider error #16
- sessions_controller.rb #12
- Github login in example is broken #10
- Facebook auth is broken #9
- Generator is not working #8
- Test ticket from Code Climate #6
- Test ticket from Code Climate #5
- extending the devise_token_auth user model #4
- A few ideas #3
- Google Oauth2 does not set cookies in production. #1
Merged pull requests:
- Fix for issue #600 #674 (milep)
- Fix setup config example in README #665 (guich-wo)
- added bypass_sign_in for next version of Devise #663 (KendallPark)
- fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
- Tokens count overmuch fixed #650 (JerryGreen)
- updates config wrapper to conform with newer idiom #648 (bvandgrift)
- Adding support for devise 4.1.1 #642 (iainmcg)
- Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
- Fix yields from controller actions #638 (tiagojsag)
- Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
- fix spelling in comment on token auth concern #632 (dandlezzz)
- fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
- Revert "Update readme for headers names" #592 (y4ashida)
- Update readme for headers names #589 (y4ashida)
- Add info to README #585 (ghost)
- Fix typo and remove trailing spaces #578 (y4ashida)
- allowing authenticating using headers as well as a post request #576 (ingolfured)
- Whitespace: tabs removed #574 (olleolleolle)
- Added dutch translations #571 (nschmoller)
- now possible to change headers names in the config file #569 (ingolfured)
- User concern: Ensure fallback is in place #564 (olleolleolle)
- Return resource with top-level 'type' member. #562 (ruimiguelsantos)
- Fix devise mapping #540 (merqlove)
- Make all json responses to be json_api compliant #537 (djsegal)
- Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
- Add Japanese locale and fix typo #530 (metalunk)
- Added omniauth post route #528 (v3rtx)
- Extract model callbacks #525 (merqlove)
- create token when no client_id token #523 (charlesdg)
- Fix enable_standard_devise_support in initializer #518 (halilim)
- Make render_create_success render valid json_api #513 (djsegal)
- Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
- send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
- [REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
- remove deprecations from RegistrationsController #506 (fivetwentysix)
- Allow new devise version for rails 5 compatibility #499 (djsegal)
- Spelling mistake #493 (Tom-Tom)
- Improve Brazilian Portuguese locale #491 (ssouza)
- fix namespaced mapping name #484 (paulosoares86)
- Locale file for both zh-TW and zh-HK #483 (TravisTam)
- Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
- Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
- removing old tokens when user changes passwords #474 (paulosoares86)
- Move travis to container based configuration #470 (ValentinTrinque)
- Prevent helpers being loaded for Rails API’s #469 (djsegal)
- Reduce dependencies to allow Rails 5.0 #467 (djsegal)
- Fix locales
errors.messages.already\_in\_use
+ clean up #466 (ValentinTrinque) - Added 401 response to failed group authentication #446 (rstrobl)
- RU translations #441 (yivo)
- to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
- limiting the number of concurrent devices #434 (paulosoares86)
- Raise error in controller method #430 (ArneZsng)
- feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
- Support for i18n in mailers views #427 (ponyesteves)
- Fix omniauthredirection when under scopes #425 (xjunior)
- Translation to German #423 (haslinger)
- fix(url): preserve query parameters when building urls #421 (nbrustein)
- Change default message for already in use error and added to english … #417 (ponyesteves)
- Issue #413 #414 (Carrigan)
- Add .ruby-version entry to .gitignore #412 (xymbol)
- 404 for invalid link with password reset token #411 (rmvenancio)
- Portuguese Translation #409 (rmvenancio)
- Added polish translation. #405 (h3xed)
- Drop .ruby-version file #404 (xymbol)
- Implement hook methods for customized json rendering #384 (neutronz)
- Feature/password reset with check fix #374 (jakubrohleder)
- fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
- Fallback to ActiveModel translations in EmailValidator #369 (yivo)
- Add a Gitter chat badge to README.md #360 (gitter-badger)
- Improvements to the docs. #358 (aarongray)
- Add description to readme about the devise.rb initializer. #356 (aarongray)
- Correct handling namespaced resources #355 (yivo)
- Fix concern not being inserted for rails-api apps. #350 (aarongray)
- Add documentation to explain gotcha with rails-api. #349 (aarongray)
- Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
- #340 Restrict access to controllers methods #341 (gkopylov)
- fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
- add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
- Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
- Fixed error when using standard devise authentication #329 (colavitam)
- feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
- Fix invalid omniauth redirect #322 (troggy)
- Old password check before password update #317 (jakubrohleder)
- Remove erroneous colon from before_action callback #310 (jmliu)
- Disabled serialization for JSON type columns #306 (colavitam)
- Set default provider to "email" in migration #302 (colavitam)
- Fix an issue for not :confirmable users #296 (sebfie)
- Update README.md #295 (adisos)
- Fix MOUNT_PATH 'Read More' link #294 (jmliu)
- Don't send password reset instructions to unconfirmed email #288 (coryschires)
- Feature/i18n support #283 (sebfie)
- Update documentation for validate_token #277 (adamgall)
- Added json support for tokens #276 (shicholas)
- perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
- perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
- fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
- fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
- feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
- fix(sessions controller): call reset_session on destroy #251 (nbrustein)
- fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
- Allow current_password to be supplied when updating profile. #240 (jasonswett)
- fixes password reset when not using confirmable #225 (aesnyder)
- Fix error when email missing from registration params #220 (iangreenleaf)
- URI fragment should appear at the end of URL #214 (edymerchk)
- Super block yield (all controllers) #209 (sgwilym)
- Super block yield #207 (sgwilym)
- Ability to localize error message #206 (lda)
- remove fragment sign ("#") from URLs without fragment #205 (tomdov)
- Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
- Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
- Authenticating an existing Warden/Devise User #200 (nickL)
- GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
- Some missing as_json ? #152 (nicolas-besnard)
- Check email format on registration #150 (nicolas-besnard)
- Actual header key uses dashes, not underscores. #143 (ragaskar)
- Username register login #128 (nicolas-besnard)
- Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
- Fix links to section about controller integration. #117 (Le6ow5k1)
- document GET for /validate_token #113 (lukaselmer)
- Fix small error in documentation. #91 (edgarhenriquez)
- Exclude devise modules #85 (jartek)
- fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
- Add better guidelines for contributors. #67 (edgarhenriquez)
- Use resource_class to override email confirmation. #64 (edgarhenriquez)
- fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
- fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
- Include resource.errors.full_messages in error response. #50 (jasonswett)
- fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
- Update README with Example Generator Command #35 (wwilkins)
- Remove OmniAuth dependency #26 (hannahhoward)
- Update README.md #24 (davidsavoya)
- guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
- Fix expiry data type #11 (lonre)
- README and travis config tweaks #7 (guilhermesimoes)
0.1.37 (2016-01-26)
Closed issues:
- Not working with rails 5 and devise master #504
- Unpermitted parameters: confirm_success_url, config_name, registration #501
- Master branch no longer working with devise master branch (version error) #498
- uid is not getting set in git revision 996b9cf23a18 #497
- ve_model_serializer namespace #492
- User remains logged in when using devise and devise_token_auth in the same app #486
- DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
- validate_token - resource_name - undefined method `name' for nil:NilClass #480
- Helpers being loaded for Rails API's #468
- locales
errors.messages.already\_in\_use
seems broken #463 - omniauth callback redirect not working properly when using namespace/scope #362
- delete tokens after password change #318
Merged pull requests:
- send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
- [REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
- remove deprecations from RegistrationsController #506 (fivetwentysix)
- Allow new devise version for rails 5 compatibility #499 (djsegal)
- Spelling mistake #493 (Tom-Tom)
- Improve Brazilian Portuguese locale #491 (ssouza)
- fix namespaced mapping name #484 (paulosoares86)
- Locale file for both zh-TW and zh-HK #483 (TravisTam)
- Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
- Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
- removing old tokens when user changes passwords #474 (paulosoares86)
- Move travis to container based configuration #470 (ValentinTrinque)
- Prevent helpers being loaded for Rails API’s #469 (djsegal)
- Reduce dependencies to allow Rails 5.0 #467 (djsegal)
- Fix locales
errors.messages.already\_in\_use
+ clean up #466 (ValentinTrinque) - Fix omniauthredirection when under scopes #425 (xjunior)
v0.1.37.beta4 (2015-12-10)
Closed issues:
- It shows "An error occurred" after omniauth callback #445
- Put Access Token in body #442
- Unable to add a new param for sign up #440
- Undefined method provider from devise_toke_auth concerns/user.rb #438
- Scoped DeviseToken but it still affects the original Omniauth redirects. #429
- Can't create user via api #422
- change_headers_on_each_request and batch requests #403
- password length #380
- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
- undefined method `tokens' for #<Hash:0x000000063f0920> #297
- Generating many client tokens #210
Merged pull requests:
- RU translations #441 (yivo)
- to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
- limiting the number of concurrent devices #434 (paulosoares86)
- Raise error in controller method #430 (ArneZsng)
- feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
- Support for i18n in mailers views #427 (ponyesteves)
- Translation to German #423 (haslinger)
- fix(url): preserve query parameters when building urls #421 (nbrustein)
- Fallback to ActiveModel translations in EmailValidator #369 (yivo)
v0.1.37.beta3 (2015-10-27)
Closed issues:
- Password Reset question, do I need my own form? #418
- seeing other users data after login/out with different users on ionic #375
v0.1.37.beta2 (2015-10-25)
Closed issues:
- The validate_token function in the readme is missing a parameter #413
Merged pull requests:
- Change default message for already in use error and added to english … #417 (ponyesteves)
- Issue #413 #414 (Carrigan)
- 404 for invalid link with password reset token #411 (rmvenancio)
v0.1.37.beta1 (2015-10-25)
Closed issues:
- Large Size on Disk #415
- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
- Devise token auth not found routing error #379
- undefined method `match' for nil:NilClass #201
Merged pull requests:
- Add .ruby-version entry to .gitignore #412 (xymbol)
- Portuguese Translation #409 (rmvenancio)
- Drop .ruby-version file #404 (xymbol)
- Feature/password reset with check fix #374 (jakubrohleder)
v0.1.36 (2015-10-13)
v0.1.35 (2015-10-13)
Fixed bugs:
- Generator doesn't work correctly with mongoid and/or rails-api #14
Closed issues:
- Multiple users, returning(and creating) wrong model's auth token #399
- Sign in not success. #388
- Defining a custom primary key #378
- omniauth: when redirecting, user object should not be serialized into url #368
- getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
- invalid token in method set_user_by_token on RegistrationsController#update #357
- Allow devise patch version updates #351
- Error validating token #348
- Allow for HTTP Basic Auth ? #337
- Allow Omniauth user reset password #335
- NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
- Unpermitted parameters: format, session #328
- devise token auth + Save Facebook auth_hash info in database #326
- Error sending password reset email when not using confirmable (reopened #124) #321
- Facebook omniauth redirection is missing url when testing on localhost #285
- Failure route not handled #262
- Unable to override OmniauthCallbacksController#redirect_callbacks #186
Merged pull requests:
- Added polish translation. #405 (h3xed)
- Implement hook methods for customized json rendering #384 (neutronz)
- fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
- Add a Gitter chat badge to README.md #360 (gitter-badger)
- Improvements to the docs. #358 (aarongray)
- Add description to readme about the devise.rb initializer. #356 (aarongray)
- Correct handling namespaced resources #355 (yivo)
- Fix concern not being inserted for rails-api apps. #350 (aarongray)
- Add documentation to explain gotcha with rails-api. #349 (aarongray)
- Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
- #340 Restrict access to controllers methods #341 (gkopylov)
- fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
- Fix invalid omniauth redirect #322 (troggy)
v0.1.34 (2015-08-10)
Implemented enhancements:
Fixed bugs:
- Generator issues #13
Closed issues:
- Routing error / Preflight request / OPTIONS #320
- Can't authorize (user_signed_in? always show false) #315
- Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
- Having 401 Unauthorized only with mobile #305
- remove unused nickname, image from user object #304
- HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
- Getting 401's when making requests using iOS/Android clients #299
- Confirmation URL giving bad arguments #293
- set_user_by_token not called in overriden controller #291
- Question: Should we send password reset instructions to unconfirmed emails? #287
- No route matches [GET] "/users/facebook/callback" #280
- No route matches [GET] "/omniauth/:provider" #278
- How to refresh token/expiry? #275
- wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
- Can not save a user with nil tokens attribute #271
- Shouldn't validate_token param be access-token, not auth_token? #270
- include associations on login #269
- Getting Unauthorized error even after sending the correct token, uid and client #261
- Weird error message #259
- undefined method `provider' for #<User:0x007f49fd5da2e8> #257
- File download with query params #246
- Info: is devise_token_auth compatible with rails 3.2.19? #245
- Headers required for different methods #243
- Unpermitted parameters: format, session, lang #239
- On sign_in, devise_token_auth expects the uid to be the same as the email #237
- Name conflict with inherited_resources #236
- sign_in will not fetch the token #234
- Log in request 401 error #231
- User Registration - "email address already in use" when it is unique #230
- Devise email validation disabled...why? #229
- confirm_success_url error not working #226
- pending_reconfirmation called when confirmable isn't used #224
- omniauth_success.html.erb JSON bug #221
- Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
- Where can I got token? #217
- URI fragment prevent to send params in Confirmation URL #213
- Limit tokens hash? #208
- 500 error returned when no data is POSTed to registration controller #203
- DELETE method becoming OPTIONS @ Heroku #197
- 40 Mb log file and 1 minute to have token with curl #195
- 401 unauthorized #193
- GET requests to sign_in shouldn't raise an exception #190
- Api not locked by default #189
- Rails 4.1 #187
- Token based authentication with no sessions #183
- undefined method `authenticate_user!' #182
- confirm_success_url shouldn't be a required param #176
- Provide an OAuth implementation for native apps #175
- getting an argument error when trying to use omniauth #174
- Sign in via username doesn't seem to work correctly. #173
- Cannot use + sign in email address. #171
- How can i authenticate using curl and get private entries ! #167
- Pessimistic Locking produces ArgumentError #165
- POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
- Sign out just on client side ? #161
- Unpermitted parameter: redirect_url #160
- Issues using devise and devise_token_auth #159
- Add role based authorization #158
- Not compatible with ActiveAdmin #156
- [Duplicate] is devise_invitable supported? #154
- User can register with a "false" email #149
- /validate_token #148
- Email confirmation link #147
- Tokens field on database #146
- Twitter OAuth always throughs CookieOverflow #145
- Is there a way to configure apiUrl for both dev and prod? #144
- Getting 401 unauthorized on login attempt #142
- Comparing with jwt #140
- Can't get omniauth to work (error in redirect_callbacks) #139
- Change controller inheritance #138
- Reset Password call returns 400 for Not Found user #137
- The gem is too big. Please take care of it. #136
- Error when loging with facebook the second time without logout #135
- OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
- Missing template /omniauth_response #132
- Unpermitted parameter: session #130
- OAuth error: We're sorry, but something went wrong #129
- Would it be useful to integrate login with username ? #127
- Sign in with login instead of email #126
- Error sending password reset email when not using confirmable #124
- Using expired token for parallel calls #123
- User tokens don't properly deserialize #121
- Could not load 'omniauth' #118
- bad argument (expected URI object or URI string) #116
- devise_token_auth for public API, but devise for rest of app? #114
- Omniauthable deleted on UsersConcern : Why ? #111
- Unrequired route #110
- raises NoMethodError instead of displaying error when email is missing #108
- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
- Circular dependency detected while autoloading constant Api #106
- Can't Authenticate via cURL #105
- Unpermitted parameters: user, registration #104
- BCrypt::Errors::InvalidSalt errors #103
- Active job token expiring integration #102
- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
- Disable confirmable #99
- responders - rails 4.2 #98
- forward skip to devise #97
- API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
- Overwriting default "from" email address #94
- uninitialized constant DeviseTokenAuth #92
- change_headers_on_each_request not working expiry header empty #90
- Gem render consistency #87
- Sample Sessions Controller for logging in via Rails View. #86
- Change authorization key: Use phone_number instead of email #84
- Conflict with active_admin gem #83
- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
- All the APIs are getting 'Authorized users only' #81
- Is Devise option Rememberable required ? #80
- Problem with skip_confirmation! #78
- Cannot reset password if registered by omniauth #77
- NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
- Skipping Registrations Controller Altogether #70
- Problem in validate_token if the model is in a namespace #69
- Cannot send confirmation email if there is no 'User' model #68
- Better guidelines for contributors #65
- admin namespace #63
- Devise trackable module not working #62
- Devise_token_auth without OmniAuth authentication #60
- Reset Password error #59
- Confirmable - unconfirmed email #58
- Email Column Isn't Used for Database Authentication #56
- Unique Key for Provider and UID Combination #55
- User Info in separate table or removed #53
- rename @user to @resource #48
- Active_admin issue #47
- Possible Logout Issue #46
- Routes not appended to routes.rb #45
- Return resource.errors.full_messages in addition to resource.errors #44
- Devise and Devise_Token_Auth in api namespace #43
- Trackable attributes are not being updated. #42
- Avoid using respond_to in application controller #41
- devise_token_auth assumes you want the :confirmable functionality #40
- undefined method `match' for nil:NilClass #39
- Expired token aren't removed when session expires #38
- sign_up helper #37
- self.tokens[client_id]['token'] != token #30
- How is the uid generated for non-omniauth users? #29
- Access to current_user variable? #28
- Filter chain halted as :require_no_authentication #27
- Allow additional parameters for registration #25
- Cannot add more parameters at sign_up #22
- Error on Registration #21
- Error with authentication #20
- Cascade of Issues with Omniauth(?) #18
- Batch Requests Respond with Original Auth Token #17
- Sign out with email provider error #16
- sessions_controller.rb #12
- Github login in example is broken #10
- Facebook auth is broken #9
- Generator is not working #8
- Test ticket from Code Climate #6
- Test ticket from Code Climate #5
- extending the devise_token_auth user model #4
- A few ideas #3
- Google Oauth2 does not set cookies in production. #1
Merged pull requests:
- add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
- Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
- Fixed error when using standard devise authentication #329 (colavitam)
- feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
- Old password check before password update #317 (jakubrohleder)
- Remove erroneous colon from before_action callback #310 (jmliu)
- Disabled serialization for JSON type columns #306 (colavitam)
- Set default provider to "email" in migration #302 (colavitam)
- Fix an issue for not :confirmable users #296 (sebfie)
- Update README.md #295 (adisos)
- Fix MOUNT_PATH 'Read More' link #294 (jmliu)
- Don't send password reset instructions to unconfirmed email #288 (coryschires)
- Feature/i18n support #283 (sebfie)
- Update documentation for validate_token #277 (adamgall)
- Added json support for tokens #276 (shicholas)
- perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
- perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
- fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
- fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
- feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
- fix(sessions controller): call reset_session on destroy #251 (nbrustein)
- fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
- Allow current_password to be supplied when updating profile. #240 (jasonswett)
- fixes password reset when not using confirmable #225 (aesnyder)
- Fix error when email missing from registration params #220 (iangreenleaf)
- URI fragment should appear at the end of URL #214 (edymerchk)
- Super block yield (all controllers) #209 (sgwilym)
- Super block yield #207 (sgwilym)
- Ability to localize error message #206 (lda)
- remove fragment sign ("#") from URLs without fragment #205 (tomdov)
- Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
- Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
- Authenticating an existing Warden/Devise User #200 (nickL)
- GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
- Some missing as_json ? #152 (nicolas-besnard)
- Check email format on registration #150 (nicolas-besnard)
- Actual header key uses dashes, not underscores. #143 (ragaskar)
- Username register login #128 (nicolas-besnard)
- Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
- Fix links to section about controller integration. #117 (Le6ow5k1)
- document GET for /validate_token #113 (lukaselmer)
- Fix small error in documentation. #91 (edgarhenriquez)
- Exclude devise modules #85 (jartek)
- fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
- Add better guidelines for contributors. #67 (edgarhenriquez)
- Use resource_class to override email confirmation. #64 (edgarhenriquez)
- fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
- fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
- Include resource.errors.full_messages in error response. #50 (jasonswett)
- fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
- Update README with Example Generator Command #35 (wwilkins)
- Remove OmniAuth dependency #26 (hannahhoward)
- Update README.md #24 (davidsavoya)
- guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
- Fix expiry data type #11 (lonre)
- README and travis config tweaks #7 (guilhermesimoes)
* This Change Log was automatically generated by github_changelog_generator
* This Change Log was automatically generated by github_changelog_generator
* This Change Log was automatically generated by github_changelog_generator