devise

devise copied to clipboard

Fix bug with sign_out_all_scopes trying to edit resource after it has already been destroyed

1

When destroying a resource and resource is rememberable, `Devise.sign_out_all_scopes` attempts to edit the resource after resource has already been destroyed. The reason is because `lib/devise/models/rememberable.rb:60: forget_me!` sets the `remember_token` and...

jcdogo

Shameless plug, but I think the guide I wrote could be a good resource since it covers topics such as timing attacks and multiple sessions. It also highlights the Current...

stevepolitodesign

## Pre-check - Creating a new project without errors and with the stack below. ## Environment - Ruby 3.1.0 - Rails 7.0.1 - Devise both { - gem 'devise', github:...

evertonlopesc

Improved failure_message to interpret OAuth2::Error

1

OAuth2::Error Exceptions do not have `error_reason` and `error` as the Omniauth::CallbackError, but rather use the fields `description` and `code`. This is particularly useful if the error is returned server-side and...

coezbek

sign in issue with module Encryptor and wrong value returned by ::BCrypt::Engine.hash_secret() after session expiration

2

## Environment - Ruby 2.7.2p137 - Rails 6.1.3.2 - Devise 4.8.0 ``` devise :database_authenticatable, :registerable, :confirmable, :lockable, :timeoutable, :trackable, :recoverable, :rememberable, :validatable, password_length: 6..64 ``` ## Current behavior I have...

aeigus

## Environment - Ruby **2.7.0p0** - Rails **6.1.4.1** - Devise **4.8.0** ## Current behavior Any request for `Users::SessionsController#create` with `User A token` and `User B params` will login with User...

edimossilva

current_user - load associations

1

Hey! I have the following model ```ruby class User < ApplicationRecord devise :database_authenticatable, :registerable, :confirmable, :lockable, :timeoutable, :trackable, :recoverable, :rememberable, :trackable, :validatable has_one_attached :avatar do |attachable| attachable.variant :thumb, resize_to_fit: [150,...

alec-c4

## Environment - Ruby **ruby 3.1.0p0 (2021-12-25 revision fb4df44d16) [arm64-darwin21.2.0]** - Rails **7.0.1** - Devise **4.8.1** ## Current behavior Hello. :wave: I've been seeing the following in my logs when...

bkuhlmann

Way to remove useless endpoints in API mode

2

I think it would be cool if Devise could have endpoints be in API mode and in those cases all the endpoints that just show a form should not be...

pupeno

Hi. I noticed that there is refactoring point in `lib/generators/active_record/devise_generator.rb`, and so I created PR. All public methods in `devise_generator.rb` is called by executing `rails g active_record:devise`. But I think...

kekke-n