Devise Token Auth v0.1.38 Release Notes

  • Full Changelog

    Implemented enhancements:

    • Rails generator to update views #33
    • Extract Omniauth attributes assignation into a method #31

    πŸ›  Fixed bugs:

    • Generator doesn't work correctly with mongoid and/or rails-api #14
    • Generator issues #13

    Closed issues:

    • rails g devise_token_auth:install User auth hangs and does nothing #671
    • πŸ‘‰ callback :set_user_by_token has not been defined #649
    • Issues with active_model_serializers #644
    • Error with devise #643
    • undefined method `token_validation_response' #635
    • when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
    • Relax devise dependency to allow 4.1 #631
    • Rails 5 generator doesn't insert concern #627
    • NoMethodError (undefined method `find_by_uid') in production. #625
    • Curl not working for sign_in but works on ng-token-angular #620
    • After Sign-in success, The following requests on Angular side are unauthorized. #619
    • Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
    • πŸ‘‰ :authenticate_user! wired behaviour #614
    • πŸ›  current_user is nil, request headers are all upcased and prefixed with HTML_ #611
    • Problem in generated routes #607
    • Rails 5 API Mode - no headers in response #606
    • πŸ‘‰ Filter chain halted as :authenticate_user! rendered or redirected #603
    • 422 Unprocessable Entity when using local IP address #601
    • overriding rendering methods in devise_token_auth #597
    • redirect_url is missing in email instructions sent to the user for password reset #588
    • Unpermitted parameter: {"email":"[email protected]","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
    • can't authenticate user when opening a new download tab #582
    • Mails are not being sent #581
    • πŸ‘€ current_user seems to be nil after doing requests from different tabs #579
    • Do we have any rspec helpers to sign_in an user? #577
    • πŸ‘‰ Cannot override json response of authenticate_user! #575
    • return custom json data after sign_in #567
    • /auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
    • Where is the access key of omniauth provider? #549
    • How this gem is different from a JWT system? #543
    • Improper formatting for JSON API error/success responses #536
    • Is it a hybrid authentication system? #527
    • check_current_password_before_update still requires password when resetting password #526
    • Manually authenticate for testing #521
    • Support for STI #517
    • JSON responses don't fit JSON_API requirements #512
    • Not working with rails 5 and devise master #504
    • Unpermitted parameters: confirm_success_url, config_name, registration #501
    • πŸ‘‰ set_user_by_token not defined in production for rails 5 #500
    • Master branch no longer working with devise master branch (version error) #498
    • uid is not getting set in git revision 996b9cf23a18 #497
    • ve_model_serializer namespace #492
    • User remains logged in when using devise and devise_token_auth in the same app #486
    • DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
    • validate_token - resource_name - undefined method `name' for nil:NilClass #480
    • Helpers being loaded for Rails API's #468
    • Unable to call rails g devise\_token\_auth:install within rails engine #465
    • locales errors.messages.already\_in\_use seems broken #463
    • It shows "An error occurred" after omniauth callback #445
    • - #444
    • Put Access Token in body #442
    • Unable to add a new param for sign up #440
    • Undefined method provider from devise_toke_auth concerns/user.rb #438
    • Scoped DeviseToken but it still affects the original Omniauth redirects. #429
    • Can't create user via api #422
    • Password Reset question, do I need my own form? #418
    • Large Size on Disk #415
    • The validate_token function in the readme is missing a parameter #413
    • Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
    • change_headers_on_each_request and batch requests #403
    • Multiple users, returning(and creating) wrong model's auth token #399
    • Can't verify CSRF token authenticity #398
    • uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
    • Sign in not success. #388
    • password length #380
    • Devise token auth not found routing error #379
    • Defining a custom primary key #378
    • seeing other users data after login/out with different users on ionic #375
    • omniauth: when redirecting, user object should not be serialized into url #368
    • getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
    • omniauth callback redirect not working properly when using namespace/scope #362
    • πŸ‘‰ invalid token in method set_user_by_token on RegistrationsController#update #357
    • Allow devise patch version updates #351
    • Error validating token #348
    • Allow for HTTP Basic Auth ? #337
    • Allow Omniauth user reset password #335
    • NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
    • Unpermitted parameters: format, session #328
    • devise token auth + Save Facebook auth_hash info in database #326
    • Error sending password reset email when not using confirmable (reopened #124) #321
    • Routing error / Preflight request / OPTIONS #320
    • delete tokens after password change #318
    • Can't authorize (user_signed_in? always show false) #315
    • Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
    • The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
    • Having 401 Unauthorized only with mobile #305
    • remove unused nickname, image from user object #304
    • HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
    • Getting 401's when making requests using iOS/Android clients #299
    • undefined method `tokens' for #<Hash:0x000000063f0920> #297
    • Confirmation URL giving bad arguments #293
    • πŸ‘‰ set_user_by_token not called in overriden controller #291
    • Question: Should we send password reset instructions to unconfirmed emails? #287
    • NoMethodError (undefined method `[]' for nil:NilClass): #286
    • Facebook omniauth redirection is missing url when testing on localhost #285
    • No route matches [GET] "/users/facebook/callback" #280
    • No route matches [GET] "/omniauth/:provider" #278
    • How to refresh token/expiry? #275
    • wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
    • Can not save a user with nil tokens attribute #271
    • Shouldn't validate_token param be access-token, not auth_token? #270
    • include associations on login #269
    • Failure route not handled #262
    • Getting Unauthorized error even after sending the correct token, uid and client #261
    • Weird error message #259
    • undefined method `provider' for #<User:0x007f49fd5da2e8> #257
    • Custom Serializer like ActiveModel Serializer #249
    • File download with query params #246
    • Info: is devise_token_auth compatible with rails 3.2.19? #245
    • Headers required for different methods #243
    • Unpermitted parameters: format, session, lang #239
    • On sign_in, devise_token_auth expects the uid to be the same as the email #237
    • Name conflict with inherited_resources #236
    • sign_in will not fetch the token #234
    • Remove ('#') symbol when using html5mode in locationProvider #232
    • Log in request 401 error #231
    • User Registration - "email address already in use" when it is unique #230
    • Devise email validation disabled...why? #229
    • confirm_success_url error not working #226
    • pending_reconfirmation called when confirmable isn't used #224
    • omniauth_success.html.erb JSON bug #221
    • Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
    • Where can I got token? #217
    • URI fragment prevent to send params in Confirmation URL #213
    • Generating many client tokens #210
    • Limit tokens hash? #208
    • 500 error returned when no data is POSTed to registration controller #203
    • undefined method `match' for nil:NilClass #201
    • DELETE method becoming OPTIONS @ Heroku #197
    • 40 Mb log file and 1 minute to have token with curl #195
    • 401 unauthorized #193
    • πŸ‘» GET requests to sign_in shouldn't raise an exception #190
    • Api not locked by default #189
    • Rails 4.1 #187
    • Unable to override OmniauthCallbacksController#redirect_callbacks #186
    • Token based authentication with no sessions #183
    • πŸ‘‰ undefined method `authenticate_user!' #182
    • confirm_success_url shouldn't be a required param #176
    • Provide an OAuth implementation for native apps #175
    • getting an argument error when trying to use omniauth #174
    • Sign in via username doesn't seem to work correctly. #173
    • Cannot use + sign in email address. #171
    • How can i authenticate using curl and get private entries ! #167
    • Pessimistic Locking produces ArgumentError #165
    • POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
    • Sign out just on client side ? #161
    • Unpermitted parameter: redirect_url #160
    • Issues using devise and devise_token_auth #159
    • Add role based authorization #158
    • Not compatible with ActiveAdmin #156
    • πŸ‘ [Duplicate] is devise_invitable supported? #154
    • User can register with a "false" email #149
    • /validate_token #148
    • Email confirmation link #147
    • Tokens field on database #146
    • Twitter OAuth always throughs CookieOverflow #145
    • Is there a way to configure apiUrl for both dev and prod? #144
    • Getting 401 unauthorized on login attempt #142
    • Comparing with jwt #140
    • Can't get omniauth to work (error in redirect_callbacks) #139
    • Change controller inheritance #138
    • Reset Password call returns 400 for Not Found user #137
    • The gem is too big. Please take care of it. #136
    • Error when loging with facebook the second time without logout #135
    • OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
    • Missing template /omniauth_response #132
    • Unpermitted parameter: session #130
    • OAuth error: We're sorry, but something went wrong #129
    • Would it be useful to integrate login with username ? #127
    • Sign in with login instead of email #126
    • Error sending password reset email when not using confirmable #124
    • Using expired token for parallel calls #123
    • User tokens don't properly deserialize #121
    • Could not load 'omniauth' #118
    • bad argument (expected URI object or URI string) #116
    • devise_token_auth for public API, but devise for rest of app? #114
    • Omniauthable deleted on UsersConcern : Why ? #111
    • Unrequired route #110
    • raises NoMethodError instead of displaying error when email is missing #108
    • Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
    • Circular dependency detected while autoloading constant Api #106
    • Can't Authenticate via cURL #105
    • Unpermitted parameters: user, registration #104
    • BCrypt::Errors::InvalidSalt errors #103
    • Active job token expiring integration #102
    • The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
    • Disable confirmable #99
    • responders - rails 4.2 #98
    • forward skip to devise #97
    • API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
    • Overwriting default "from" email address #94
    • uninitialized constant DeviseTokenAuth #92
    • change_headers_on_each_request not working expiry header empty #90
    • Gem render consistency #87
    • Sample Sessions Controller for logging in via Rails View. #86
    • Change authorization key: Use phone_number instead of email #84
    • Conflict with active_admin gem #83
    • NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
    • All the APIs are getting 'Authorized users only' #81
    • Is Devise option Rememberable required ? #80
    • Problem with skip_confirmation! #78
    • Cannot reset password if registered by omniauth #77
    • NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
    • Remove dependency on ActiveRecord #72
    • Skipping Registrations Controller Altogether #70
    • Problem in validate_token if the model is in a namespace #69
    • Cannot send confirmation email if there is no 'User' model #68
    • Better guidelines for contributors #65
    • admin namespace #63
    • Devise trackable module not working #62
    • Devise_token_auth without OmniAuth authentication #60
    • Reset Password error #59
    • Confirmable - unconfirmed email #58
    • Email Column Isn't Used for Database Authentication #56
    • Unique Key for Provider and UID Combination #55
    • User Info in separate table or removed #53
    • rename @user to @resource #48
    • Active_admin issue #47
    • Possible Logout Issue #46
    • Routes not appended to routes.rb #45
    • Return resource.errors.full_messages in addition to resource.errors #44
    • Devise and Devise_Token_Auth in api namespace #43
    • Trackable attributes are not being updated. #42
    • Avoid using respond_to in application controller #41
    • devise_token_auth assumes you want the :confirmable functionality #40
    • undefined method `match' for nil:NilClass #39
    • Expired token aren't removed when session expires #38
    • sign_up helper #37
    • self.tokens[client_id]['token'] != token #30
    • How is the uid generated for non-omniauth users? #29
    • πŸ‘‰ Access to current_user variable? #28
    • Filter chain halted as :require_no_authentication #27
    • Allow additional parameters for registration #25
    • Cannot add more parameters at sign_up #22
    • Error on Registration #21
    • Error with authentication #20
    • Cascade of Issues with Omniauth(?) #18
    • Batch Requests Respond with Original Auth Token #17
    • Sign out with email provider error #16
    • sessions_controller.rb #12
    • Github login in example is broken #10
    • Facebook auth is broken #9
    • Generator is not working #8
    • Test ticket from Code Climate #6
    • Test ticket from Code Climate #5
    • extending the devise_token_auth user model #4
    • A few ideas #3
    • Google Oauth2 does not set cookies in production. #1

    πŸ”€ Merged pull requests: