devise icon indicating copy to clipboard operation
devise copied to clipboard

verified publisher icon heartcombo

Metadata

Flexible authentication solution for Rails with Warden.

Results 275 devise issues
Sort by recently updated
recently updated
newest added

Make test suite work

2 comment

The tests on main are not passing with Rails 7.1 onwards. At the same time, since Rails is supported 7.2 onwards and Ruby 3.1 is EOL in 2 weeks, we...

gregmolnar avatar gregmolnar

Raise on invalid scope

Is there any valid reason for accepting non-existing scopes for `Devise::Mapping.find_scope!`, `Devise::Controllers::SignInOut.sign_out` etc.? I suggest raising when passing a string/symbol representing a non-existing scope.

c960657 avatar c960657

Registering a new Extension with devise

I'm working on a proof of concept around user authentication with `Cognito`. As there are extensions for other services, I was wondering if a new extension needs to be "registered"...

wp4nuv avatar wp4nuv

Feature: Add strong parameters to the PasswordsController

3 comment

## Problem The `Devise::PasswordsController` uses unsanitized [resource_params](https://github.com/heartcombo/devise/blob/main/app/controllers/devise_controller.rb#L221) during password reset, which could lead to security issues. ## Proposal * Add a new `:reset_password` action to the [DEFAULT_PERMITTED_ATTRIBUTES](https://github.com/heartcombo/devise/blob/main/lib/devise/parameter_sanitizer.rb#L152) ```ruby DEFAULT_PERMITTED_ATTRIBUTES =...

hakeem0114 avatar hakeem0114

Release Devise 5

18 comment

What is blocking the release? CI testing for Rails 8?

runephilosof-abtion avatar runephilosof-abtion

CSRF Not being disabled even when told to

2 comment

I tried to stop CSRF for API in application_controller.rb with skip_before_action :verify_authenticity_token It worked well until I generated devise views for custom logging. Now, CSRF keeps working even if I...

MUSTDOS avatar MUSTDOS

Set `attempted_path` in `warden.options` before calling failure app in controller test helpers

In controller tests, the failure app seems to be called directly rather than going through Warden. As such, it duplicates some of the set up Warden does before calling the...

cgunther avatar cgunther

deprecation warning: resource received a hash argument * Please use a keyword instead

6 comment

## Environment - Ruby **3.3.3** - Rails **8.1.0.alpha** - Devise **4.9.4** ## Current behavior Strangely enough this only is reported in test ?! ``` √ bellis % rails test test/services/dinero_service_test.rb...

wdiechmann avatar wdiechmann

Translate error messages in the activatable and timeoutable hooks

Pass down the current locale to the Warden error handler in the _activatable_ and _timeoutable_ hooks. When used from a Rails application and a [timeout](https://github.com/heartcombo/devise/blob/fec67f98f26fcd9a79072e4581b1bd40d0c7fa1d/lib/devise/hooks/timeoutable.rb#L28) occurs or when a user...

sandrasi avatar sandrasi

Adds Ruby 3.4 support

1 comment

This pull request adds support for `ruby-3.4`.

boimw avatar boimw

Metadata

23.8k
Stars
5.5k
Forks
Watchers

Owner

verified publisher icon heartcombo

Metadata

Flexible authentication solution for Rails with Warden.

Back