Gems_big

sorcery

All 48 versions

Version Release date
0.11.0 May 16, 2017  
0.10.3 March 24, 2017  
0.10.2 January 04, 2017  
0.10.1 January 03, 2017  
0.10.0 December 30, 2016  
0.9.1 April 05, 2015
  • Fixed fetching private emails from github (thanks to @saratovsource)
  • Added support for active_for_authentication? method (thanks to @gchaincl)
  • Fixed migration bug for external submodule (thanks to @skv-headless)
  • Added support for new Facebook Graph API (thanks to @mchaisse)
  • Fixed issue with Xing submodule (thanks to @yoyostile)
  • Fixed security bug with using state field in oAuth requests
0.9.0 January 13, 2015
  • Sending emails works with Rails 4.2 (thanks to @wooly)
  • Added valid_password? method
  • Added support for JIRA OAuth (thanks to @camilasan)
  • Added support for Heroku OAuth (thanks to @tyrauber)
  • Added support for Salesforce OAuth (thanks to @supremebeing7)
  • Added support for Mongoid 4
  • Fixed issues with empty passwords (thanks to @Borzik)
  • find_by_provider_and_uid method was replaced with find_by_oauth_credentials
  • Sorcery::VERSION constant was added to allow easy version check
  • @user.setup_activation method was made to be public (thanks @iTakeshi)
  • current_users method is deprecated
  • Fetching email from VK auth, thanks to @makaroni4
  • Add logged_in? method to test_helpers (thanks to @oriolbcn)
  • #locked? method is now public API (thanks @rogercampos)
  • Introduces a new User instance method generate_reset_password_token to generate a new reset password token without sending an email (thanks to @tbuehl)
0.8.6 June 15, 2014
  • current_user returns nil instead of false if there's no user loggd in (#493)
  • MongoMapper adapter does not override save! method anymore. However due to ORM's lack of support for validate: false in save!, the combination of validate: false and raise_on_failure: true is not possible in MongoMapper. The errors will not be raised in this situation. (#151)
  • Fixed rename warnings for bcrypt-ruby
  • The way Sorcery adapters are included has been changed due to problem with multiple included blocks error in ActiveSupport::Concern class (#527)
  • Session timeout works with new cookie serializer introduced in Rails 4.1
  • Rails 4.1 compatibility bugs were fixed, this version is fully supported (#538)
  • VK providers now supports scope option
  • Support for DataMapper added
  • Helpers for integration tests were added
  • Fixed problems with special characters in user login attributes (MongoMapper & Mongoid)
  • Fixed remaining password_confirmation value - it is now cleared just like password
0.8.5 December 19, 2013
  • Fixed add_provider_to_user with CamelCased authentications_class model (#382)

  • Fixed unlock_token_mailer_disabled to only disable automatic mailing (#467)

  • Make send_email_* methods easier to overwrite (#473)

  • Don't add :username field for User. Config option username_attribute_names is now :email by default instead of :username.

    If you're using username as main field for users to login, you'll need to tune your Sorcery config:

    config.user_config do |user|
      # ...
      user.username_attribute_names = [:username]
    end
    
  • rails generate sorcery:install now works inside Rails engine

0.8.4 November 10, 2013
  • Few security fixes in external module
0.8.3 November 10, 2013

(yanked because of bad Jeweler release)

0.8.2 July 05, 2013
  • Activity logging feature has a new column called last_login_from_ip_address (string type). If you use ActiveRecord, you will have to add this column to DB (#465)
0.8.1 January 25, 2013
<!-- TO BE WRITTEN -->
0.8.0 January 12, 2013
<!-- TO BE WRITTEN -->
0.7.13 July 22, 2012
<!-- TO BE WRITTEN -->
0.7.12 May 06, 2012
<!-- TO BE WRITTEN -->
0.7.11 April 18, 2012
<!-- TO BE WRITTEN -->
0.7.10 April 17, 2012
<!-- TO BE WRITTEN -->
0.7.9 April 17, 2012
<!-- TO BE WRITTEN -->
0.7.8 March 30, 2012
<!-- TO BE WRITTEN -->
0.7.7 March 03, 2012
<!-- TO BE WRITTEN -->
0.7.6 January 03, 2012
<!-- TO BE WRITTEN -->
0.7.5 November 11, 2011
<!-- TO BE WRITTEN -->
0.7.4 October 29, 2011  
0.7.3 October 29, 2011  
0.7.2 October 22, 2011  
0.7.1 October 22, 2011  
0.7.0 September 30, 2011
  • Many bugfixes
  • Added default SSL certificate for oauth2
  • Added multi-username ability
  • Security fixes (CSRF, cookie digesting)
  • Added auto_login(user) to the API
  • Updated gem versions of oauth(1/2)
  • Added logged_in? as a view helper
  • Github provider added to external submodule
0.6.1 September 02, 2011

Gemfile versions updated due to public demand. (bcrypt 3.0.0 and oauth2 0.4.1)

0.6.0 July 29, 2011

Fixes issues with external user_hash not including some fields, and an issue with User model not loaded when user_class is called. Now config.user_class should be a string or a symbol.

Improved specs.

0.5.30 June 30, 2011  
0.5.21 May 19, 2011

Fixed typo in initializer - MUST be "config.user_class = User"

0.5.3 June 30, 2011

Fixed #9 Fixed hardcoded method names in remember_me submodule. Improved specs.

0.5.2 May 18, 2011

Fixed #3 and #4 - Modular Sinatra apps work now, and User model isn't cached in development mode.

0.5.1 May 10, 2011

Fixed bug in reset_password - after reset can't login due to bad salt creation. Affected only Mongoid.

0.5.0 May 09, 2011

Added support for Mongoid! (still buggy and not recommended for serious use)

'reset_password!(:password => new_password)' changed into 'change_password!(new_password)'

0.4.2 April 29, 2011

Added test helpers for Rails 3 & Sinatra.

0.4.1 April 20, 2011

Fixing Rails app name in initializer.

0.4.0 April 20, 2011

Changed the way Sorcery is configured. Now inside the model only add:

authenticates_with_sorcery!

In the controller no code is needed! All configuration is done in an initializer. Added a rake task to create it.

rake sorcery:bootstrap
0.3.1 April 16, 2011

Renamed "oauth" module to "external" and made API prettier.

auth_at_provider(provider) => login_at(provider)
login_from_access_token(provider) => login_from(provider)
create_from_provider!(provider) => create_from(provider)
0.3.0 April 03, 2011

Added Sinatra support!

Added Rails 3 generator for migrations

0.2.1 March 14, 2011

Fixed bug with OAuth submodule - oauth gems were not required properly in gem.

Fixed bug with OAuth submodule - Authentications class was not passed between model and controller in all cases resulting in Nil exception.

0.2.0 March 12, 2011

Added OAuth submodule.

OAuth:

  • OAuth1 and OAuth2 support (currently twitter & facebook)
  • configurable db field names and authentications table.

Some bug fixes: 'return_to' feature, brute force permanent ban.

0.1.4 February 18, 2011

Added activity logging submodule.

Activity Logging:

  • automatic logging of last login, last logout and last activity time.
  • an easy method of collecting the list of currently logged in users.
  • configurable timeout by which to decide whether to include a user in the list of logged in users.

Fixed bug in basic_auth - it didn't set the session[:user_id] on successful login and tried to relogin from basic_auth on every action.

Added Reset Password hammering protection and updated the API.

Totally rewritten Brute Force Protection submodule.

0.1.3 February 04, 2011

Added support for Basic HTTP Auth.

0.1.2 February 03, 2011

Separated mailers between user_activation and password_reset and updated readme.

0.1.1 February 03, 2011

Fixed bug with BCrypt not being used properly by the lib and thus not working for authentication.

0.1.0 January 31, 2011

Core Features:

  • login/logout, optional redirect on login to where the user tried to reach before, configurable redirect for non-logged-in users.
  • password encryption, algorithms: bcrypt(default), md5, sha1, sha256, sha512, aes256, custom(yours!), none. Configurable stretches and salt.
  • configurable attribute names for username, password and email.

User Activation:

  • User activation by email with optional success email.
  • configurable attribute names.
  • configurable mailer.
  • Optionally prevent active users to login.

Password Reset:

  • Reset password with email verification.
  • configurable mailer, method name, and attribute name.

Remember Me:

  • Remember me with configurable expiration.
  • configurable attribute names.

Session Timeout:

  • Configurable session timeout.
  • Optionally session timeout will be calculated from last user action.

Brute Force Protection:

  • Brute force login hammering protection.
  • configurable logins before ban, logins within time period before ban, ban time and ban action.