devise

devise copied to clipboard

Upgrade to rails 8 Version

imsny28

Users are being logged in as the wrong user

10

Hi We are having a really strange issue with devise for some reason a user is using 1 set of credentials and being randomly logged in as another user. The...

x9sim9

So far Devise models are using method overloading, or monkey-patching in order to provide the right flash message to be shown to the user informing about the authentication failure reason....

zedtux

Warden [used to](https://github.com/wardencommunity/warden/issues/180) switch back to the default locale on `throw` and it's already [fixed](https://github.com/heartcombo/devise/pull/5567) by passing the current locale to Warden as an option. There are two hooks -...

sandrasi

Allow providing computed method for To header

1

Hello, I am trying to do the following so that the mail header `To` field contains a user's name as well as email address. ```ruby class ApplicationDeviseMailer < Devise::Mailer default...

DaAwesomeP

Regenerate password hash on a sign in after the stretches config changes

1

I want to remind about a feature which was requested in https://github.com/plataformatec/devise/pull/1862, https://github.com/plataformatec/devise/issues/3635 and https://github.com/plataformatec/devise/pull/3549#issuecomment-193235701. https://github.com/rails/rails/pull/35321/commits/87aa60ec367212e5ca49f39a9de29088f22ff469 handles this: * Rehash passwords with newer cost when they're authenticated. On successful authentication,...

sergey-alekseev

This concerns the interaction between `rememberable`, `timeoutable` and `trackable`. Currently, when a session expires after a timeout, but a remember token is active, the tracked fields (sign in count, ip,...

rolftimmermans

Add sanitization to the passwords controller

1

Closes https://github.com/heartcombo/devise/issues/5747. ## What This MR introduces the `:reset_password` parameter to sanitize the password reset request. ## Why Sanitizes the `resource_params` used in the `Devise::PasswordsController` to conform with the `Registration...

hakeem0114

## Environment - Ruby ruby 3.3.0 (2023-12-25 revision 5124f9ac75) [arm64-darwin22] - Rails Rails 7.2.2 - Devise 4.9.4 ## Current behavior Created a new Rails app for the first time in...

ghost

One way to mitigate brute force attacks is to exponentially add a delay before a user can retry to login again, which is not supported by this gem so far....

zedtux