NEWS.rdoc

1.1.0¶ ↑

• ‘Oath.config.sign_in_notice` should now be a callable object in order for I18n to work correctly

• DEPRECATED

  you should no longer set ‘Oath.config.sign_in_notice` to a string value

1.0.1¶ ↑

• Wrap helper_method calls in respond_to?(:helper_method)

• param_transformations now correctly use string keys

1.0.0¶ ↑

• Do not perform lookup if no params are passed to lookup

• Add param transformer for sanitizing and normalizing

0.3.1¶ ↑

• Extend private interface for services

0.3.0¶ ↑

• Warden serialization is now configurable

0.2.1¶ ↑

• Updated documentation for test helpers

• Updated documentation for using oath in console

• Fixed bug with failure app now allowing actual http auth to occur

0.2.0¶ ↑

• ‘sign_in` test helper now returns the user

• ‘authenticate_session` arguments are coerced to Hash

• Oath::BackDoor can be configured with a block

• Document validation suggestions

• Document locale suggestions

• Deprecate usage of Oath.user_class in favor of Oath.config.user_class

• Make warden strategy configurable via Oath.config.authentication_strategy

• Extract warden setup into the WardenSetup class

• Document layout suggestions

0.1.1¶ ↑

• Link to Rubydoc in documentation

• Fix header in documentation

• Fix no_login_redirect to default to a properly named controller

• Fix documentation reference to sign_up to mention user_params instead of user

0.1.0¶ ↑

• Fix PasswordStrategy to use configuration options

• Documentation

• Renamed encryption to hashing

• Renamed encrypted to digested

• Renamed unencrypted to undigested

• A configuration for ‘no_login_redirect` was added. This accepts anything that can be passed to `redirect_to` and is used when `require_login` is called with no logged in user.

• A configuration for ‘no_login_handler` was added. This allows developers to completely customize the response when `require_login` is called with no logged in user.

0.0.15¶ ↑

• Delegate user_class correctly so that config returns class

• Fixed issue authenticate session not allowing for multiple fields

• Do not hardcode User class

• Add signed out routing constraint

• Backfill NEWS.md

0.0.14¶ ↑

• Encryption of empty string is empty string.

• Remove last trace of generators.

0.0.13¶ ↑

• Oath requires Rails 4+.

• Move generators to the oath-generators gem.

0.0.12¶ ↑

• Ensure forms can’t be tampered with by providing no username.

• Prevent hashing of empty string passwords.

• Memoize the configuration.

0.0.11¶ ↑

• Add ‘Oath::Backdoor` for easier tests.

0.0.10¶ ↑

• Add Oath::Test::ControllerHelpers for controller specs.

• Depend on the bcrypt gem, not the bcrypt-ruby gem.

0.0.9¶ ↑

• Make user creation method configurable.

• Redirect to SessionsController#new, ignoring namespace.

• Add ‘Oath.config.creation_method`.

0.0.8¶ ↑

• Now configurable via ‘Oath.configure`:

  • sign in service

  • sign up service

  • authentication service

  • user_token_store_field

  • user_token_field

• Add PasswordReset service.

• Rename controller_helpers to services.

• Allos blocks to be passed into sign_in and sign_up.

• Fix error on trying to respond with HTTP 401.

• Oath does not generate a User model for you.

• Add ‘Oath.test_mode!` and `Oath.test_reset!`.

• Add a lot of tests.

0.0.7¶ ↑

• Check for Rails 4 or the strong_parameters gem, not just the strong_parameters gem

0.0.6¶ ↑

• FIX

  require_login should use controller and action for routing.

0.0.5¶ ↑

• FIX

  Scaffolded SessionsController should have respond_to.

• FIX

  SignUp should get the value instead of slicing.

0.0.4¶ ↑

• Cleaned up generated controllers.

• Use find_by_id instead of find so invalid sessions don’t cause apps to crash.

• Hashes passed in are no longer mutated via delete.

0.0.3¶ ↑

• Fixed bug where password wasn’t deleted from session params which would cause lookup to fail.