Posts tagged "devise"

Devise Security Release 1.1.6

Note: Devise 1.1.6 broke compatibility with Rails versions prior to 3.0.4, this has been fixed on Devise 1.1.7. Devise 1.1.6 has just been released and it follows Rails 3.0.4 release. Rails 3.0.4 changes how CSRF works and adds a new method called handle_unverified_request that should be properly overridden by authentication frameworks. Devise 1.1.6 implements this … »

2010 – A year in review

This year is coming to an end and it was amazing for us at Plataforma Tecnologia. We are proud to share with you, faithful reader, our accomplishments in 2010, which weren’t few. Open Source The year has begun on fire. In February, José Valim made his way into the Rails Core team and has been … »

Acceptance tests for OmniAuth

One of the great gems released in the past few months was OmniAuth. It is very easy to use, it works without tons of configurations (unless configuring XML files is your thing) and there are already plenty of resources about it on the internet. However, it is not easy to do acceptance tests with Omniauth … »

Session fixation vulnerability in Devise

There is a vulnerability in Devise source code that allows someone to steal your session through session fixation attacks. Who is affected? This vulnerability is present in all Devise versions, in both 1.0 and 1.1 branches. However, you are only affected if you are using a Active Record ou Memcached or other server persistent session … »

Devise 1.1 is out and ready to rock with Rails 3

A couple weeks ago we finally released Devise 1.1 which is fully-compatible with Rails 3! Not only that, we’ve been working with Rails 3 since the first betas and several features were added along the way! Let’s take a look at those, some architectural changes and see how Devise 1.1 and Rails 3 will change … »

Authentication is with Devise!

Two months ago we were celebrating Devise’s birthday. We were not talking about its age, Devise had just 4 months of life, but we were happy to reach the 1.0 release. Today we are celebrating again! We are very proud and glad to have Devise in its first Railscast! Ryan Bates has done a great … »