diff --git a/Gemfile b/Gemfile index 1bf8f15af..53f364093 100644 --- a/Gemfile +++ b/Gemfile @@ -16,7 +16,7 @@ gem 'rack-cors', '~> 0.2.4', :require => 'rack/cors' # authentication -gem 'devise', '1.5.3' +gem 'devise', '2.1.2' gem 'remotipart', '~> 1.0' diff --git a/Gemfile.lock b/Gemfile.lock index c226a2f21..93f6c42f1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -149,10 +149,11 @@ GEM debugger-linecache (1.1.2) debugger-ruby_core_source (>= 1.1.1) debugger-ruby_core_source (1.1.3) - devise (1.5.3) + devise (2.1.2) bcrypt-ruby (~> 3.0) - orm_adapter (~> 0.0.3) - warden (~> 1.1) + orm_adapter (~> 0.1) + railties (~> 3.1) + warden (~> 1.2.1) diff-lcs (1.1.3) erubis (2.7.0) eventmachine (0.12.10) @@ -311,7 +312,7 @@ GEM omniauth-twitter (0.0.11) multi_json (~> 1.3) omniauth-oauth (~> 1.0) - orm_adapter (0.0.7) + orm_adapter (0.4.0) pg (0.14.1) polyglot (0.3.3) rack (1.4.1) @@ -450,7 +451,7 @@ GEM raindrops (~> 0.7) vegas (0.1.11) rack (>= 1.0.0) - warden (1.2.0) + warden (1.2.1) rack (>= 1.0) webmock (1.8.7) addressable (>= 2.2.7) @@ -482,7 +483,7 @@ DEPENDENCIES cucumber-rails (= 1.3.0) database_cleaner (= 0.8) debugger - devise (= 1.5.3) + devise (= 2.1.2) factory_girl_rails (= 1.7.0) faraday faraday_middleware diff --git a/app/models/user.rb b/app/models/user.rb index 7e3cd1e93..e2070fde4 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -185,7 +185,7 @@ class User < ActiveRecord::Base end def send_reset_password_instructions - generate_reset_password_token! if should_generate_token? + generate_reset_password_token! if should_generate_reset_token? Resque.enqueue(Jobs::ResetPassword, self.id) end diff --git a/config/environment.rb b/config/environment.rb index a763de08e..c55253105 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -31,7 +31,7 @@ module Devise module Strategies class TokenAuthenticatable < Authenticatable private - def valid_request? + def valid_params_request? params[:controller] == "activity_streams/photos" && params[:action] == "create" end end diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index d4a480f0a..5e5ec0313 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -56,14 +56,10 @@ Devise.setup do |config| # using other encryptors, it sets how many times you want the password re-encrypted. config.stretches = Rails.env.test? ? 1 : 10 - # Define which will be the encryption algorithm. Devise also supports encryptors - # from others authentication tools as :clearance_sha1, :authlogic_sha512 (then - # you should set stretches above to 20 for default behavior) and :restful_authentication_sha1 - # (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper) - config.encryptor = :bcrypt - # Setup a pepper to generate the encrypted password. config.pepper = "065eb8798b181ff0ea2c5c16aee0ff8b70e04e2ee6bd6e08b49da46924223e39127d5335e466207d42bf2a045c12be5f90e92012a4f05f7fc6d9f3c875f4c95b" + + config.reset_password_within = 2.days # ==> Configuration for :invitable # Time interval where the invitation token is valid (default: 0). @@ -77,12 +73,12 @@ Devise.setup do |config| # You can use this to let your user access some features of your application # without confirming the account, but blocking it after a certain period # (ie 2 days). - # config.confirm_within = 2.days + # config.allow_unconfirmed_access_for = 2.days # ==> Configuration for :rememberable # The time the user will be remembered without asking for credentials again. # config.remember_for = 2.weeks - + # ==> Configuration for :validatable # Range for password length # config.password_length = 6..20 @@ -118,7 +114,7 @@ Devise.setup do |config| # ==> Configuration for :token_authenticatable # Defines name of the authentication token params key config.token_authentication_key = :auth_token - config.stateless_token = true + config.skip_session_storage << :token_auth # ==> Scopes configuration # Turn scoped views on. Before rendering "sessions/new", it will first check for diff --git a/db/migrate/0000_create_schema.rb b/db/migrate/0000_create_schema.rb index 768054c8f..8ed9af304 100644 --- a/db/migrate/0000_create_schema.rb +++ b/db/migrate/0000_create_schema.rb @@ -151,16 +151,21 @@ class CreateSchema < ActiveRecord::Migration t.boolean :getting_started, :default => true t.boolean :disable_mail, :default => false t.string :language - t.string :email - t.database_authenticatable + t.string :email, :null => false, :default => "" + t.string :encrypted_password, :null => false, :default => "" t.string :invitation_token, :limit => 60 t.datetime :invitation_sent_at - t.recoverable - t.rememberable - t.trackable + t.string :reset_password_token + t.datetime :reset_password_sent_at + t.datetime :remember_created_at + t.integer :sign_in_count, :default => 0 + t.datetime :current_sign_in_at + t.datetime :last_sign_in_at + t.string :current_sign_in_ip + t.string :last_sign_in_ip t.timestamps end diff --git a/db/migrate/20110105051803_create_import_tables.rb b/db/migrate/20110105051803_create_import_tables.rb index 0388d2cef..6e676951d 100644 --- a/db/migrate/20110105051803_create_import_tables.rb +++ b/db/migrate/20110105051803_create_import_tables.rb @@ -164,11 +164,17 @@ class CreateImportTables < ActiveRecord::Migration t.boolean :getting_started t.boolean :disable_mail t.string :language - t.string :email - t.database_authenticatable - t.recoverable - t.rememberable - t.trackable + t.string :email, :null => false, :default => "" + t.string :encrypted_password, :null => false, :default => "" + t.string :reset_password_token + t.datetime :reset_password_sent_at + t.datetime :remember_created_at + t.integer :sign_in_count, :default => 0 + t.datetime :current_sign_in_at + t.datetime :last_sign_in_at + t.string :current_sign_in_ip + t.string :last_sign_in_ip + t.timestamps t.string :mongo_id diff --git a/db/migrate/20120906162503_update_devise.rb b/db/migrate/20120906162503_update_devise.rb new file mode 100644 index 000000000..3e5196895 --- /dev/null +++ b/db/migrate/20120906162503_update_devise.rb @@ -0,0 +1,11 @@ +class UpdateDevise < ActiveRecord::Migration + def up + remove_column :users, :remember_token + add_column :users, :reset_password_sent_at, :datetime + end + + def down + add_column :users, :remember_token, :string + remove_column :users, :reset_password_sent_at + end +end diff --git a/db/schema.rb b/db/schema.rb index d95863d52..d29d3df17 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -20,8 +20,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "aspect_memberships", :force => true do |t| t.integer "aspect_id", :null => false t.integer "contact_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "aspect_memberships", ["aspect_id", "contact_id"], :name => "index_aspect_memberships_on_aspect_id_and_contact_id", :unique => true @@ -31,8 +31,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "aspect_visibilities", :force => true do |t| t.integer "shareable_id", :null => false t.integer "aspect_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.string "shareable_type", :default => "Post", :null => false end @@ -43,8 +43,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "aspects", :force => true do |t| t.string "name", :null => false t.integer "user_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.boolean "contacts_visible", :default => true, :null => false t.integer "order_id" end @@ -64,8 +64,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "guid", :null => false t.text "author_signature" t.text "parent_author_signature" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.integer "likes_count", :default => 0, :null => false t.string "commentable_type", :limit => 60, :default => "Post", :null => false end @@ -77,8 +77,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "contacts", :force => true do |t| t.integer "user_id", :null => false t.integer "person_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.boolean "sharing", :default => false, :null => false t.boolean "receiving", :default => false, :null => false end @@ -90,8 +90,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.integer "conversation_id", :null => false t.integer "person_id", :null => false t.integer "unread", :default => 0, :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "conversation_visibilities", ["conversation_id", "person_id"], :name => "index_conversation_visibilities_usefully", :unique => true @@ -102,8 +102,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "subject" t.string "guid", :null => false t.integer "author_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "conversations", ["author_id"], :name => "conversations_author_id_fk" @@ -112,8 +112,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "token" t.integer "user_id" t.integer "count" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end create_table "invitations", :force => true do |t| @@ -121,8 +121,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.integer "sender_id" t.integer "recipient_id" t.integer "aspect_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.string "service" t.string "identifier" t.boolean "admin", :default => false @@ -140,8 +140,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "guid" t.text "author_signature" t.text "parent_author_signature" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.string "target_type", :limit => 60, :null => false end @@ -164,8 +164,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.integer "author_id", :null => false t.string "guid", :null => false t.text "text", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.text "author_signature" t.text "parent_author_signature" end @@ -176,8 +176,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "notification_actors", :force => true do |t| t.integer "notification_id" t.integer "person_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "notification_actors", ["notification_id", "person_id"], :name => "index_notification_actors_on_notification_id_and_person_id", :unique => true @@ -189,8 +189,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.integer "target_id" t.integer "recipient_id", :null => false t.boolean "unread", :default => true, :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.string "type" end @@ -212,8 +212,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.integer "author_id" t.text "author_signature" t.text "parent_author_signature" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "participations", ["guid"], :name => "index_participations_on_guid" @@ -225,8 +225,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "diaspora_handle", :null => false t.text "serialized_public_key", :null => false t.integer "owner_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.boolean "closed_account", :default => false t.integer "fetch_status", :default => 0 end @@ -261,8 +261,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "pods", :force => true do |t| t.string "host" t.boolean "ssl" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end create_table "posts", :force => true do |t| @@ -277,8 +277,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "remote_photo_name" t.string "random_string" t.string "processed_image" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.string "unprocessed_image" t.string "object_url" t.string "image_url" @@ -319,8 +319,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.text "bio" t.boolean "searchable", :default => true, :null => false t.integer "person_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.string "location" t.string "full_name", :limit => 70 t.boolean "nsfw", :default => false @@ -337,8 +337,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "table" t.integer "month", :limit => 2 t.integer "year", :limit => 8 - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "rails_admin_histories", ["item", "table", "month", "year"], :name => "index_rails_admin_histories" @@ -346,8 +346,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "roles", :force => true do |t| t.integer "person_id" t.string "name" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end create_table "services", :force => true do |t| @@ -357,8 +357,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "access_token" t.string "access_secret" t.string "nickname" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "services", ["type", "uid"], :name => "index_services_on_type_and_uid" @@ -366,8 +366,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "share_visibilities", :force => true do |t| t.integer "shareable_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.boolean "hidden", :default => false, :null => false t.integer "contact_id", :null => false t.string "shareable_type", :limit => 60, :default => "Post", :null => false @@ -381,8 +381,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "tag_followings", :force => true do |t| t.integer "tag_id", :null => false t.integer "user_id", :null => false - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end add_index "tag_followings", ["tag_id", "user_id"], :name => "index_tag_followings_on_tag_id_and_user_id", :unique => true @@ -413,8 +413,8 @@ ActiveRecord::Schema.define(:version => 20120909053122) do create_table "user_preferences", :force => true do |t| t.string "email_type" t.integer "user_id" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" end create_table "users", :force => true do |t| @@ -428,15 +428,14 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.string "invitation_token", :limit => 60 t.datetime "invitation_sent_at" t.string "reset_password_token" - t.string "remember_token" t.datetime "remember_created_at" t.integer "sign_in_count", :default => 0 t.datetime "current_sign_in_at" t.datetime "last_sign_in_at" t.string "current_sign_in_ip" t.string "last_sign_in_ip" - t.datetime "created_at", :null => false - t.datetime "updated_at", :null => false + t.datetime "created_at" + t.datetime "updated_at" t.string "invitation_service", :limit => 127 t.string "invitation_identifier", :limit => 127 t.integer "invitation_limit" @@ -450,13 +449,13 @@ ActiveRecord::Schema.define(:version => 20120909053122) do t.boolean "auto_follow_back", :default => false t.integer "auto_follow_back_aspect_id" t.text "hidden_shareables" + t.datetime "reset_password_sent_at" end add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true add_index "users", ["email"], :name => "index_users_on_email" add_index "users", ["invitation_service", "invitation_identifier"], :name => "index_users_on_invitation_service_and_invitation_identifier", :unique => true add_index "users", ["invitation_token"], :name => "index_users_on_invitation_token" - add_index "users", ["remember_token"], :name => "index_users_on_remember_token", :unique => true add_index "users", ["username"], :name => "index_users_on_username", :unique => true add_foreign_key "aspect_memberships", "aspects", :name => "aspect_memberships_aspect_id_fk", :dependent => :delete diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 08e70ba9c..07eb74cd3 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -803,14 +803,14 @@ describe User do describe "#send_reset_password_instructions" do it "generates a reset password token if it's supposed to" do user = User.new - user.stub!(:should_generate_token?).and_return(true) + user.stub!(:should_generate_reset_token?).and_return(true) user.should_receive(:generate_reset_password_token) user.send_reset_password_instructions end it "does not generate a reset password token if it's not supposed to" do user = User.new - user.stub!(:should_generate_token?).and_return(false) + user.stub!(:should_generate_reset_token?).and_return(false) user.should_not_receive(:generate_reset_password_token) user.send_reset_password_instructions end @@ -872,8 +872,8 @@ describe User do language invitation_token invitation_sent_at + reset_password_sent_at reset_password_token - remember_token remember_created_at sign_in_count current_sign_in_at