Change Log

v0.1.43

Full Changelog

Implemented enhancements:

Rails generator to update views #33
Extract Omniauth attributes assignation into a method #31

Fixed bugs:

Generator doesn't work correctly with mongoid and/or rails-api #14
Generator issues #13

Closed issues:

Return a authentication token #1015
API is not using defined ApiController but rather ApplicationController #1014
TypeError (can't dump hash with default proc) #1012
Namespaces and overriding default mailer templates #1011
Cant login after signing in via oauth #1010
Omniauth with devise token auth #1007
Not returning headers on error #1002
Hardcoded resource.provider in RegistrationsController? #997
Confirmation URL query parameters don't match header counterparts #993
Gem clashing #991
Sign in, Sign out not working #982
access token always expires in one minute #980
How to customize Omniauth payload #974
How do Create user's roles. #963
Why does a confirm_success_url column appear in some of the test migrations? #959
Readme "Usage TL;DR" section - add confirm_success_url to required params? #955
ar #954
how to get first name and last name of user #953
Model for nested attributes not being saved #952
Can not have multiple model #950
NoMethodError when current_user is called #947
How to manually send the confirmation email (e.g. after User.create in Rails console)? #946
Make DeviseAuthToken inherits my API base Controller? #945
Missing auth headers in response to validate_token #944
tokens_match? issue #942
Not send email notification when email changed ? #940
Token generation fails when user has incomplete data that is mandatory #938
Is there a way to prevent persisting the same token to user table when in batch mode? #934
Token expires too soon #933
Seeing other users data on logout and login #932
token authentication not working on production #931
Getting 'uninitialized constant ActionDispatch::Routing::Mapper::Scope (NameError)' with rails 3 #930
How do I include User relationships to response after authenticate #928
Can't unlock account through email link in lockable #927
accidental issue #926
Can't verify CSRF token authenticity on PUT request only #924
Reset password url no host #923
In batch mode tokens are unnecessarily stored for every request although unchanged #922
current_user not available during authorization #921
Resend confirmation email #920
Change Authentication Keys #919
Devise Set User By Token Is Clashing with Normal Devise Helpers #917
XSS (javascript execution vulnerability) #916
Using the Generator Without Capitalizing Model Name #912
undefined method `authenticate_user!' when want to version my api #908
RuntimeError in DeviseTokenAuth::OmniauthCallbacksController#omniauth_success on google_oauth2 login #907
JSON API status? #906
Filter chain halted as :authenticate_user! rendered or redirected #905
Completed 422 Unprocessable Entity [Rails 5 API only, React with J-Toker] #904
API authentication. Method not allowed 405. Use POST /sign_in to sign in. GET is not supported. #900
validate_token Works but nothing else... #899
OAuth failure callback error with Google provider #898
Registration Name attribute is not stored #897
The action 'edit' could not be found for DeviseTokenAuth::RegistrationsController #896
Change provider when sessions controller #893
Overriding render_create_success does not obey serializer option (AMS) #890
How can i get access-token with omniauth on React Native app #889
Forgot Password flow with JSON responses #888
unknown attribute 'expiry' for User. #886
Email Regex causing Issue - not synced with Devise email RegEx #885
undefined method `[]=' for nil:NilClass due to missing client_id #881
Return parent with sign in data? #880
json-hyper-schema for devise_token_auth #879
Can´t retrieve access token in login response headers #877
devise_token_auth blocks upgrade to Rails 5.1.0 #875
validate_token works on local web server, but not remote? #873
how do I login a user after account signup? #866
getting random "Authorized users only." when uploading multiple files at once. #862
Caching causing an issue #861
How to authenticate user using username using this gem ? #859
Can only register one account. #858
Segmentation Fault is raising while trying to send emails. #857
No access-token in the header #855
How to Restrict Access to a Single Client? #854
NoMethodError (undefined method `new_session_path' for #<Devise::OmniauthCallbacksController:0x0000000630f628>) #853
Headers not present in all requests #851
Token based authentication with LDAP only #850
Insecure session created with reset password link #848
Swagger / Yard Docs #846
uninitialized constant SECRET_KEY_BASE #845
NoMethodError: undefined method `[]=' for nil:NilClass in unit test #839
No resource_class found #838
How to Custom Mailer ? #837
Password gets updated but current password is still invalid. #836
CookieOverflow on namespaced controllers #835
no registration routes when used with devise #834
Incompatibility with shoulda in email uniqueness #833
devise_token_auth: can't work with Rails subdomain. #831
No HTML for omniauth_external_window view in Rails 5 API #830
DeviseTokenAuth::TokenValidationsController#validate_token returns 401 unauthorized. #829
Console warning #828
omniauth-facebook authentication with an Angular 2 front end application. #827
uid is similar to email #825
Question: email confirmation token URI with Rails API #824
Use POST to sign in. GET is not supported. #823
Invalid login credentials. Please try again. #822
Devise redirecting Web request to the Token JSON API #821
Wrong model mapped for token_validation #820
readme code for controller override needs a slight change #819
Banning a user #817
Support for multiple providers during same session #815
Sometimes very frequently, sometimes very randomly - 401 Unauthorized. #813
The confirmation email is not send with the standard devise support #812
not supporting for angular1.6 #810
Securing headers on client side #809
Add has one/belongs to assotiation #807
redirect_url required but not permitted in strong parameters #805
Impersonate user #802
Can't use JBuilder templates when overriding rendering methods #801
I18n broken (e.g. :already_in_use) #799
Data leak on create password reset #797
Rails 5 API Mode Not Authorizing #796
very unstable gem full of bugs !! #795
CORS answers 404 always #794
Authorized Users Only on iOS client #792
user_signed_in? doesn't returning access_token after few continuous call to it !!! #791
302 found when I try to redirect to "/devise_token_auth/sessions#create" #790
Initializer default_password_reset_url not working. #789
Gem querying database twice for authenticating user #788
wrong constant name user #784
No authentication headers when using Single Table Inheritance on my User model #783
Can't migrate database after 'rails g devise_token_auth:install User auth' #781
Diferent tokens from devise and devise_token_auth some times get in conflict... #780
current_user returns nill #779
LinkedIn SignIn #778
Rails engine (api only) - undefined method `mount_devise_token_auth_for' for #<ActionDispatch::Routing::Mapper: #777
ActionController::RoutingError - undefined method `helper_method' #776
multiple congratulation emails #774
Set up a new API application controller not working? #773
Explicitly do not invalidate token #772
Prevent user from sharing account #770
I'am not able to serialize user #769
Could not find generator 'devise_token_auth:install' #768
Soft deletion #766
Minimum Limits on a token? #764
QUESTION: tokens field in database #763
Octopus throwing error when deleting expired tokens #761
Current user from channel. #760
devise_token_auth with LDAP? #759
Passing block to for strong parameters breaks code #758
Only one User model return the correct headers #757
API authentication: Use POST /sign_in to sign in. GET is not supported. #754
Integration help #753
undefined method `tokens' upon signing up #752
ArgumentError in Devise::RegistrationsController#new #750
OAuth (GitHub) redirects to callback url twice #749
resource name for scoped mounting #748
Signing in with Mongoid 6 + Rails 5 causes AuthenticationError #742
Rails 5 API deployed as microservices #741
Multiple user registration with multiple providers #740
Headers not sent on GET request #739
Best practice for using virtual attributes #738
E-mail update is enabled by default #736
Limit formats allowed to make requests #735
Query params left in url after facebook login cause authentication to fail on refresh #734
Error in password reset. Password not changed, even though edit returns 200 #732
Can't permit parameters in rails engine #731
Cannot integrate with omniauth-facebook #729
Using devise_async and sidekiq to send emails asynchronously #727
Two models, one not working #726
Separate Devise Token Auth configuration per model #725
No token on response header #721
Massive Cookie Size Leads to Errors #718
401 on sign_in #717
Unable to reconfirm a users email #716
API response bodies are empty when using active_model_serializers #715
Which is client and access_token #714
/sign_out route is returning 404 not found #713
Sign_in custom method: how? #711
define_helpers not called at rails launch #708
Why is tokens field a json type and how to create a query based on inside values? #707
Always Set Headers in Batch Mode #702
Use with existing User model #701
Deprecation Error Message on 5.0 #698
"Covert Redirect" Vulnerability #696
The inactive_message and active_for_authentication #695
No route matches [POST] "/api/v1/auth" #694
Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
Reset password link not working for the second time #691
How to properly set headers in order to use current_user, authenticate_user! etc methods? #690
using devise_token_auth for API alongside standard devise gem for HTML view #689
Sign Up Permitted Parameters gets Passed but Never saves succesfully to Database #688
Live Demo on heroku crashes #687
Ruby on rails devise_token_auth gem unable to find routes #686
No Headers after sign_in for new Users created by Admin #685
NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
Fast page refresh problem #683
undefined method `[]' for nil:NilClass during omniauth callback #682
IndexError: string not matched on User sign_in #681
client_id resets to default after session_controller#create #680
skip_confirmation_notification! not working #679
"Unpermitted parameter: session" issues when action_controller.action_on_unpermitted_parameters is :raise #676
Rails 5 + mongoid + devise_token_auth - undefined method `add_mongoid_support=' for DeviseTokenAuth:Module (NoMethodError) #675
rails g devise_token_auth:install User auth hangs and does nothing #671
0.1.36 to 0.1.37 Breaks Test Suite #670
Why NOT 'email_required?' is considered? #668
make a separate Apicontroller from Applicationcontroller #667
Devise Omniauth and DeviseTokenAuth Omniauth #666
Seperate view files for different models. #664
Bump version to support devise 4.1.1 #659
Password Reset Link doesn't work #658
[Question] Using in mobile apps (pass reset/libs for major OSes)? #657
confrimable registration token expire #655
callback :set_user_by_token has not been defined #649
Get extra from omniauth-facebook. #647
Ability to change email? #646
headers_names is not defined in 0.1.37 #645
Issues with active_model_serializers #644
Error with devise #643
Oauth2 - Android Authentication - one-time-code flow #639
make use of max_number_of_devices on sign_in #637
undefined method `token_validation_response' #635
when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
is possible to use provider and uid columns on the authentications table? #633
Relax devise dependency to allow 4.1 #631
undefined method 'render' at devise_token_auth/controllers/helpers.rb #630
Override default routes #628
Rails 5 generator doesn't insert concern #627
NoMethodError (undefined method `find_by_uid') in production. #625
Why is password confirmation required ? #624
user_signed_in? VS user.signedIn ? #623
Retrieve from (local) cache first? #622
Update Gem (RubyGem) Not issue #621
Curl not working for sign_in but works on ng-token-angular #620
After Sign-in success, The following requests on Angular side are unauthorized. #619
Email uniqueness on both email and oauth provider #617
ArgumentError (wrong number of arguments (given 1, expected 0)) #616
Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
:authenticate_user! wired behaviour #614
exclude devise validatable module? #613
current_user is nil, request headers are all upcased and prefixed with HTML_ #611
Devise omniauth_path_prefix overriden #610
Override devise token auth response #609
Problem in generated routes #607
Rails 5 API Mode - no headers in response #606
Previous authentication params remain in url after sign out when using OAuth #605
Filter chain halted as :authenticate_user! rendered or redirected #603
Problem with auth headers and multiple models #602
422 Unprocessable Entity when using local IP address #601
not working with latest version of active_model_serializers #600
Re-written URL with token does not work with Angular default routing #599
Rails 5 - Missing template devise_token_auth/registrations/create #598
overriding rendering methods in devise_token_auth #597
REST routes #595
Multiple providers per user #594
MongoDB #593
Problem with CORS setup and exposing special headers #591
Password reset allows user to bypass confirmable #590
redirect_url is missing in email instructions sent to the user for password reset #588
Unpermitted parameter: {"email":"mail@gmail.com","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
empty request.env['omniauth.params'] causes exception #586
Getting Error: 'No connection pool for ActiveRecord::Base' when generating the devise_token_auth generator inside an Rails Engine #584
Preventing creation of users in an oauth scenario #583
can't authenticate user when opening a new download tab #582
Mails are not being sent #581
current_user seems to be nil after doing requests from different tabs #579
Do we have any rspec helpers to sign_in an user? #577
Cannot override json response of authenticate_user! #575
Extend token lifespan on use? #573
Unable to sign in using LinkedIn #572
Cannot use rake with mount_devise_token_auth_for in routes.rb #570
return custom json data after sign_in #567
Provide configuration for token hashing algorithm #560
Using devise_token_auth with devise for one method #559
omiauth-google #558
Use devise_token_auth with facebook iOS login SDK #556
omniauth-facebook login #555
ActionController::RoutingError (No route matches [POST] "/omniauth/steam/callback") #554
get Authorized users only when use devise with devise_token_auth #553
Models other than User not returning auth headers after each request #552
Cannot get ng-token-auth, devise-token-auth and Rails to work for facebook login #551
/auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
Where is the access key of omniauth provider? #549
Yielding Resource to Overriding Controller #548
Confirmation controller does not response with JSON #546
message['redirect-url'] in the reset password email is not set automatically. #545
Failed migration: how to handle existing user db #544
How this gem is different from a JWT system? #543
set a no reply email adresse #542
check if user confirmed is account #539
Improper formatting for JSON API error/success responses #536
support for multiple client_id #535
Cut some actions? #534
Getting issues with api authentication #529
Is it a hybrid authentication system? #527
check_current_password_before_update still requires password when resetting password #526
Error: unknown attribute 'current_password' for User when updating a password #524
Error Response as HTML #522
Manually authenticate for testing #521
Support for STI #517
render_create_success should return 201 code not 200? #516
RuntimeError (can't modify frozen Hash) #515
DEPRECATION WARNING: alias_method_chain is deprecated #514
JSON responses don't fit JSON_API requirements #512
Not working with rails 5 and devise master #504
Unpermitted parameters: confirm_success_url, config_name, registration #501
set_user_by_token not defined in production for rails 5 #500
Master branch no longer working with devise master branch (version error) #498
uid is not getting set in git revision 996b9cf23a18 #497
tokens not being serialized! #495
Sign in from controller #494
ve_model_serializer namespace #492
Unpermitted Parameters: confirm_success_url, config_name, registration #489
Bundler could not find compatible versions for gem "rails": #488
Does anyone try to link current omniauth account to devise-token-auth account? #487
User remains logged in when using devise and devise_token_auth in the same app #486
I want to use a different column for provider instead of defalut "email" #485
DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
@resource.allow_password_change is not persisted across requests #481
validate_token - resource_name - undefined method `name' for nil:NilClass #480
Would like to know is there any missing for i18n translation file? #479
Unpermitted paramter: session (401 Unauthorized) for only one particluar user #477
Reading logged user in constraint #475
devise_token_auth is being called when it shouldn't #473
Unable to override sessions controller #471
Helpers being loaded for Rails API's #468
Unable to call rails g devise\_token\_auth:install within rails engine #465
Support Devise Strong Parameters by Block #464
locales errors.messages.already\_in\_use seems broken #463
How to make http header still available when return to oauth call back #461
skip: [:omniauth_callbacks] doesn't work in v0.1.37.beta3 #460
This gem change default omniauth path? #459
Rails 5 compatible? #458
Null email causes NoMethodError (undefined method `downcase!' for nil:NilClass) #457
Cannot send confirmation email when using alongside with standard devise #456
cancancan: load_and_authorize_resources causes method_missing failure #452
example app for api #451
is session store necessary? #449
HTTP Headers not being sent when using as an API from an Android Phone #448
Is it possible to pass token via json? #447
It shows "An error occurred" after omniauth callback #445
- #444
Put Access Token in body #442
Unable to add a new param for sign up #440
Undefined method provider from devise_toke_auth concerns/user.rb #438
NoMethodError (undefined method enable\_standard\_devise\_support' for DeviseTokenAuth:Module\): app/controllers/devise\_token\_auth/concerns/set\_user\_by\_token.rb:35:in set_user_by_token' #437
duplicate method - resource_class #433
Unpermitted parameter errors #432
Scoped DeviseToken but it still affects the original Omniauth redirects. #429
Can't create user via api #422
redirect_uri_mismatch after update from 0.1.34 to 0.1.37 #420
password_confirmation not actually required #419
Password Reset question, do I need my own form? #418
Large Size on Disk #415
The validate_token function in the readme is missing a parameter #413
Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
change_headers_on_each_request and batch requests #403
Why should I use .to_json to get the right json object and not an array? #400
Multiple users, returning(and creating) wrong model's auth token #399
Can't verify CSRF token authenticity #398
Errors after removing confirmable #397
Add JSON API (v1.0) compliant API option #396
NoMethodError in DeviseTokenAuth::SessionsController#create #394
uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
Add better uid + provider unique support #392
Unable to Logout after sign up and/or sign in #391
Cohabitation with doorkeeper #389
Sign in not success. #388
React native signup/login using Facebook SDK #385
password length #380
Devise token auth not found routing error #379
Defining a custom primary key #378
seeing other users data after login/out with different users on ionic #375
when does tokens field get cleared #372
omniauth: when redirecting, user object should not be serialized into url #368
getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
Passing access_token after signup #366
'no implicit conversion of Hash into String (TypeError)' on Travis CI #365
discrepancy between registration events #364
Block isn't called in super do |resource| override. #363
omniauth callback redirect not working properly when using namespace/scope #362
Auth header is not being set in sign up when using confirmable with allowed unconfirmed access #361
Spontaneous log out from app (presumably because of batch requests) #359
invalid token in method set_user_by_token on RegistrationsController#update #357
github provider callback url (?auth_token) #354
Is it possible to authenticate_user! without failing the filter chain? #353
Allow devise patch version updates #351
Error validating token #348
Support for Lockable and Timeoutable when using Devise and DeviseTokenAuth #346
Official support and documentation on how to use alongside Devise for APIs #345
permitted parameters not working as expected #344
Using devise and devise_token_auth side by side #343
Multiple Devise Models. One using token #342
Restricting access to controllers methods #340
ArgumentError in DeviseTokenAuth::ConfirmationsController#show #339
Issue with audited-activerecord #338
Allow for HTTP Basic Auth ? #337
Allow Omniauth user reset password #335
Ember Simple Auth #334
NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
group authentication not redirecting #332
Unpermitted parameters: format, session #328
Concern causes app to connect to database when precompiling assets. #327
devise token auth + Save Facebook auth_hash info in database #326
Getting `table_exists?' error when using devise_token_auth with Mongoid #325
Error sending password reset email when not using confirmable (reopened #124) #321
Routing error / Preflight request / OPTIONS #320
delete tokens after password change #318
Can't authorize (user_signed_in? always show false) #316
Can't authorize (user_signed_in? always show false) #315
Devise Email Validation #314
Android native - Unpredictable 401 #313
Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
Having 401 Unauthorized only with mobile #305
remove unused nickname, image from user object #304
How to skip confirmation on register but possibility to ask later #303
HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
Getting 401's when making requests using iOS/Android clients #299
User with multiple providers gets invalid login credential except the latest provider he/she registered. #298
undefined method `tokens' for #<Hash:0x000000063f0920> #297
Confirmation URL giving bad arguments #293
Conder making view helpers available in token_validations_controller #292
set_user_by_token not called in overriden controller #291
Using alongside "normal" rails app #290
Question: Should we send password reset instructions to unconfirmed emails? #287
NoMethodError (undefined method `[]' for nil:NilClass): #286
Facebook omniauth redirection is missing url when testing on localhost #285
Reset password error. #284
Configured verbatim, devise_token_auth receives this error google only #282
No route matches [GET] "/users/facebook/callback" #280
Facebook Auth isn't working for Google Chrome users that have Data Compression set to on #279
No route matches [GET] "/omniauth/:provider" #278
How to refresh token/expiry? #275
wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
Can not save a user with nil tokens attribute #271
Shouldn't validate_token param be access-token, not auth_token? #270
include associations on login #269
Used alongside standard Devise broke the Devise mail confirmation #265
How To Handle Guest Account #264
confirmable feature bugs? #263
Failure route not handled #262
Getting Unauthorized error even after sending the correct token, uid and client #261
Weird error message #259
helper methods don't work #258
undefined method `provider' for #<User:0x007f49fd5da2e8> #257
Custom Serializer like ActiveModel Serializer #249
reset password link is not getting to redirection #247
File download with query params #246
Info: is devise_token_auth compatible with rails 3.2.19? #245
Should a 404 reset tokens? #244
Headers required for different methods #243
Unpermitted parameters: format, session, lang #239
On sign_in, devise_token_auth expects the uid to be the same as the email #237
Name conflict with inherited_resources #236
Devise.secret_key was not set. Please add the following to your Devise initializer #235
sign_in will not fetch the token #234
Expected params don't match Devise itself #233
Remove ('#') symbol when using html5mode in locationProvider #232
Log in request 401 error #231
User Registration - "email address already in use" when it is unique #230
Devise email validation disabled...why? #229
Namespaced Models #228
Can't verify CSRF token authenticity #227
confirm_success_url error not working #226
pending_reconfirmation called when confirmable isn't used #224
Error on OmniauthCallbacksController#omniauth_success #222
omniauth_success.html.erb JSON bug #221
undefined method `authenticate_user!' #219
Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
Where can I got token? #217
The omniauth implementation on this gem use redirection. We need to get around these. #216
Which software did you use to create the workflow ? #215
URI fragment prevent to send params in Confirmation URL #213
AbstractController::ActionNotFound (The action 'new' could not be found for DeviseTokenAuth::RegistrationsController): #212
Oauth broken when attributes have a new line #211
Generating many client tokens #210
Limit tokens hash? #208
500 error returned when no data is POSTed to registration controller #203
undefined method `match' for nil:NilClass #201
No route matches [GET] "/omniauth/sign_in" #199
DELETE method becoming OPTIONS @ Heroku #197
I have a rails backend rendered app (erb). Can I switch to devise token auth? #196
40 Mb log file and 1 minute to have token with curl #195
authentication via phone # #194
401 unauthorized #193
Cannot use this gem alongside Devise #192
GET requests to sign_in shouldn't raise an exception #190
Api not locked by default #189
Some headers without "access-token" (and friends) while testing with Rspec #188
Rails 4.1 #187
Unable to override OmniauthCallbacksController#redirect_callbacks #186
AbstractController::ActionNotFound with Controller Override #185
Devise and devise_token_auth omniauth callbacks #184
Token based authentication with no sessions #183
undefined method `authenticate_user!' #182
Best way to set up migration for installation on existing User table already using Devise? #181
Architecture Q: Why did you not use Warden? #180
NoMethodError (undefined method `[]=' for nil:NilClass) #178
confirm_success_url shouldn't be a required param #176
Provide an OAuth implementation for native apps #175
getting an argument error when trying to use omniauth #174
Sign in via username doesn't seem to work correctly. #173
Cannot use + sign in email address. #171
Sign_in / Sign_up via token_auth and via session #168
How can i authenticate using curl and get private entries ! #167
Facebook login - Redirect issue #166
Pessimistic Locking produces ArgumentError #165
expired confirmation & reset link #164
Storing token in Redis? #163
POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
Sign out just on client side ? #161
Unpermitted parameter: redirect_url #160
Issues using devise and devise_token_auth #159
Add role based authorization #158
list with http response codes #157
Not compatible with ActiveAdmin #156
[Duplicate] is devise_invitable supported? #154
Trouble accessing provider auth key and secret #153
Omniauth: New user or not ? #151
User can register with a "false" email #149
/validate_token #148
Email confirmation link #147
Tokens field on database #146
Twitter OAuth always throughs CookieOverflow #145
Is there a way to configure apiUrl for both dev and prod? #144
Getting 401 unauthorized on login attempt #142
Forcing SSL for DeviseTokenAuth causes error 'new' could not be found #141
Comparing with jwt #140
Can't get omniauth to work (error in redirect_callbacks) #139
Change controller inheritance #138
Reset Password call returns 400 for Not Found user #137
The gem is too big. Please take care of it. #136
Error when loging with facebook the second time without logout #135
NoMethodError (undefined method `name' for nil:NilClass) - devise_controller.rb:22 #134
OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
Missing template /omniauth_response #132
Sudo action / confirm your identity protocol #131
Unpermitted parameter: session #130
OAuth error: We're sorry, but something went wrong #129
Would it be useful to integrate login with username ? #127
Sign in with login instead of email #126
Error sending password reset email when not using confirmable #124
Using expired token for parallel calls #123
devise_token_auth for multiple client #122
OmniauthCallbacksController#omniauth_success wrong number of arguments (1 for 0) #119
Could not load 'omniauth' #118
bad argument (expected URI object or URI string) #116
devise_token_auth for public API, but devise for rest of app? #114
Omniauthable deleted on UsersConcern : Why ? #111
Unrequired route #110
Invalid Authenticity Token with last version #109
raises NoMethodError instead of displaying error when email is missing #108
Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
Circular dependency detected while autoloading constant Api #106
Can't Authenticate via cURL #105
Unpermitted parameters: user, registration #104
BCrypt::Errors::InvalidSalt errors #103
Active job token expiring integration #102
Routes not properly set #101
The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
Disable confirmable #99
responders - rails 4.2 #98
forward skip to devise #97
API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
Overwriting default "from" email address #94
uninitialized constant DeviseTokenAuth #92
change_headers_on_each_request not working expiry header empty #90
allow_unconfirmed_access_for #89
Gem render consistency #87
Sample Sessions Controller for logging in via Rails View. #86
Change authorization key: Use phone_number instead of email #84
Conflict with active_admin gem #83
NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
All the APIs are getting 'Authorized users only' #81
Is Devise option Rememberable required ? #80
Problem with skip_confirmation! #78
Cannot reset password if registered by omniauth #77
NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
Usage with Grape #73
Remove dependency on ActiveRecord #72
Skipping Registrations Controller Altogether #70
Problem in validate_token if the model is in a namespace #69
Cannot send confirmation email if there is no 'User' model #68
Better guidelines for contributors #65
admin namespace #63
Devise trackable module not working #62
Allow updating of default attributes by default? #61
Devise_token_auth without OmniAuth authentication #60
Reset Password error #59
Confirmable - unconfirmed email #58
Email Column Isn't Used for Database Authentication #56
Unique Key for Provider and UID Combination #55
User Info in separate table or removed #53
rename @user to @resource #48
Active_admin issue #47
Possible Logout Issue #46
Routes not appended to routes.rb #45
Return resource.errors.full_messages in addition to resource.errors #44
Devise and Devise_Token_Auth in api namespace #43
Trackable attributes are not being updated. #42
Avoid using respond_to in application controller #41
devise_token_auth assumes you want the :confirmable functionality #40
undefined method `match' for nil:NilClass #39
Expired token aren't removed when session expires #38
sign_up helper #37
self.tokens[client_id]['token'] != token #30
How is the uid generated for non-omniauth users? #29
Access to current_user variable? #28
Filter chain halted as :require_no_authentication #27
Allow additional parameters for registration #25
Cannot add more parameters at sign_up #22
Error on Registration #21
Error with authentication #20
Cascade of Issues with Omniauth(?) #18
Batch Requests Respond with Original Auth Token #17
Sign out with email provider error #16
sessions_controller.rb #12
Github login in example is broken #10
Facebook auth is broken #9
Generator is not working #8
Test ticket from Code Climate #6
Test ticket from Code Climate #5
extending the devise_token_auth user model #4
A few ideas #3
Google Oauth2 does not set cookies in production. #1

Merged pull requests:

Fixes include bug causing sign_in to require auth #1016 (karlingen)
Update CONTRIBUTING.md #1009 (stratigos)
Adding Danish locale #1006 (mikkeljuhl)
allow only one confirmation #1001 (MaicolBen)
Added capitalize to user_class in model file template #1000 (kiritAyya)
Match email regexp with devise #999 (MaicolBen)
Edit RegistrationsController#create to use ResourceFinder::provider #998 (m4-miranda)
993 - mirror auth header keys in build_auth_url query params #996 (ethagnawl)
Add link to wiki of how to add fields for an existing user table #985 (MaicolBen)
contemplate single table inheritance in DeviseTokenAuth::Concerns::SetUserByToken#set_user_by_token #984 (maxwells)
Upgrade test suite to use Rails 5 #981 (lynndylanhurley)
Conditionally set rails version on migration #979 (MaicolBen)
remove confirm_success_url entries from dummy migrations #978 (ethagnawl)
link to cached version of _How to Run a Single Rails Unit Test_ blog … #977 (ethagnawl)
Fix default provider after refactor in concern #975 (MaicolBen)
Adding in unlocks controller and specs. This should resolve #927. #971 (brycesenz)
Add a call to contribute to the top of the README. Ref #969. #970 (zachfeldman)
CONTRIBUTING: Add header, format sections #968 (olleolleolle)
Add note about Grape usage. Closes #73. #967 (zachfeldman)
Allow other provider than email when logins #964 (MaicolBen)
change devise method to reset password by token #957 (dks17)
Docs - add confirm_sucess_url to required params in email registration #956 (pnewsam)
Fix header name on account delete documentation #909 (mconiglio)
Document the confirm_success_url param for email registration #901 (nerfologist)
Fix header markdown typo #895 (f3ndot)
Support setting whitelist, without setting default redirect_url #894 (dkniffin)
Support for devise 4.3 that is now supporting rails 5.1 #891 (silviusimeria)
Translate message: Authorized users only through devise #883 (vincenzodev)
Updated generator test code to work with rails 5 #872 (jrhee17)
Feature/customable authorized users only error response #869 (abeyuya)
Use rails validator instead of custom one #865 (MaicolBen)
use URI::HTTPS to generate HTTPS redirects #864 (cgc)
Persist allow_password_change in the database #863 (MohamedBassem)
Rename find_by methods #860 (alex-lairan)
Support for Devise 4.2.1 #852 (ckho)
Ability to use different default fields in model #849 (blddmnd)
GitHub Issues template, Contributing guidelines #847 (olleolleolle)
Better implementation to test if connection to db is active #843 (richardxia)
Add Albanian locale #842 (fatosmorina)
Improve documentation for testing. #840 (JonRowe)
Update german translation. #816 (gobijan)
Prevent getting table info if not connected to db #814 (cbliard)
Add support for italian locale #811 (Chosko)
Fix privacy issue with password reset request #808 (biomancer)
Add missing parameter :redirect_url, fixes #805 #806 (Rush)
Fix language errors in German locale #800 (morgler)
Don't send extra data on request password reset #798 (Mrjaco12)
Travis: use the code_climate addon config #786 (olleolleolle)
Update link #782 (dijonkitchen)
Add index for confirmation_token #767 (dijonkitchen)
Fixes constructing redirect_route #765 (piotrkaczmarek)
Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
Add Romanian locale. #743 (razvanmitre)
Ruby syntax: replace and/not with &&/! #733 (olleolleolle)
Update indexes on template #724 (dijonkitchen)
Add an extra line to the "contributing" list #720 (jahammo2)
Fix grammar #712 (dijonkitchen)
Added reference to Angular2-Token to README #710 (neroniaky)
feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)
Allow user specific token lifespans #704 (codez)
Always set header in batch mode #703 (codez)
Fix Migration Deprecation Warning #700 (juddey)
Apply redirect\_whitelist to OAuth redirect URI. #699 (lynndylanhurley)
add zh-CN.yml #697 (halfray)
update README.md #693 (nhattan)
Fix for issue #677 #678 (develop-test1)
Fix for issue #600 #674 (milep)
Use lockable devise option and unlock controller overwrite #669 (genaromadrid)
Fix setup config example in README #665 (guich-wo)
added bypass_sign_in for next version of Devise #663 (KendallPark)
fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
Tokens count overmuch fixed #650 (JerryGreen)
updates config wrapper to conform with newer idiom #648 (bvandgrift)
Adding support for devise 4.1.1 #642 (iainmcg)
Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
Fix yields from controller actions #638 (tiagojsag)
Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
fix spelling in comment on token auth concern #632 (dandlezzz)
fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
Revert "Update readme for headers names" #592 (ash1day)
Update readme for headers names #589 (ash1day)
Add info to README #585 (ghost)
Fix typo and remove trailing spaces #578 (ash1day)
allowing authenticating using headers as well as a post request #576 (ingolfured)
Whitespace: tabs removed #574 (olleolleolle)
Added dutch translations #571 (nschmoller)
now possible to change headers names in the config file #569 (ingolfured)
User concern: Ensure fallback is in place #564 (olleolleolle)
Return resource with top-level 'type' member. #562 (ruimiguelsantos)
Fix devise mapping #540 (merqlove)
Make all json responses to be json_api compliant #537 (djsegal)
Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
Add Japanese locale and fix typo #530 (metalunk)
Added omniauth post route #528 (v3rtx)
Extract model callbacks #525 (merqlove)
create token when no client_id token #523 (charlesdg)
Fix enable_standard_devise_support in initializer #518 (halilim)
Make render_create_success render valid json_api #513 (djsegal)
Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
[REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
remove deprecations from RegistrationsController #506 (fivetwentysix)
Allow new devise version for rails 5 compatibility #499 (djsegal)
Spelling mistake #493 (Tom-Tom)
Improve Brazilian Portuguese locale #491 (ssouza)
fix namespaced mapping name #484 (paulosoares86)
Locale file for both zh-TW and zh-HK #483 (SunnyTam)
Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
removing old tokens when user changes passwords #474 (paulosoares86)
Move travis to container based configuration #470 (ValentinTrinque)
Prevent helpers being loaded for Rails API’s #469 (djsegal)
Reduce dependencies to allow Rails 5.0 #467 (djsegal)
Fix locales errors.messages.already\_in\_use + clean up #466 (ValentinTrinque)
Added 401 response to failed group authentication #446 (rstrobl)
RU translations #441 (yivo)
to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
limiting the number of concurrent devices #434 (paulosoares86)
Raise error in controller method #430 (ArneZsng)
feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
Support for i18n in mailers views #427 (ponyesteves)
Fix omniauthredirection when under scopes #425 (xjunior)
Translation to German #423 (haslinger)
fix(url): preserve query parameters when building urls #421 (nbrustein)
Change default message for already in use error and added to english … #417 (ponyesteves)
Issue #413 #414 (Carrigan)
Add .ruby-version entry to .gitignore #412 (xymbol)
404 for invalid link with password reset token #411 (rmvenancio)
Flag signin when user confirms email address. #410 (rmvenancio)
Portuguese Translation #409 (rmvenancio)
Added polish translation. #405 (h3xed)
Drop .ruby-version file #404 (xymbol)
Implement hook methods for customized json rendering #384 (neutronz)
Feature/password reset with check fix #374 (jakubrohleder)
fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
Fallback to ActiveModel translations in EmailValidator #369 (yivo)
Add a Gitter chat badge to README.md #360 (gitter-badger)
Improvements to the docs. #358 (aarongray)
Add description to readme about the devise.rb initializer. #356 (aarongray)
Correct handling namespaced resources #355 (yivo)
Fix concern not being inserted for rails-api apps. #350 (aarongray)
Add documentation to explain gotcha with rails-api. #349 (aarongray)
Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
#340 Restrict access to controllers methods #341 (gkopylov)
fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
Fixed error when using standard devise authentication #329 (colavitam)
feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
Fix invalid omniauth redirect #322 (troggy)
Old password check before password update #317 (jakubrohleder)
Remove erroneous colon from before_action callback #310 (jmliu)
Disabled serialization for JSON type columns #306 (colavitam)
Set default provider to "email" in migration #302 (colavitam)
Fix an issue for not :confirmable users #296 (sebfie)
Update README.md #295 (adisos)
Fix MOUNT_PATH 'Read More' link #294 (jmliu)
Don't send password reset instructions to unconfirmed email #288 (coryschires)
Feature/i18n support #283 (sebfie)
Update documentation for validate_token #277 (adamgall)
Added json support for tokens #276 (shicholas)
perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
fix(sessions controller): call reset_session on destroy #251 (nbrustein)
fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
Allow current_password to be supplied when updating profile. #240 (jasonswett)
fixes password reset when not using confirmable #225 (aesnyder)
Fix error when email missing from registration params #220 (iangreenleaf)
URI fragment should appear at the end of URL #214 (edymerchk)
Super block yield (all controllers) #209 (sgwilym)
Super block yield #207 (sgwilym)
Ability to localize error message #206 (lda)
remove fragment sign ("#") from URLs without fragment #205 (tomdov)
Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
Authenticating an existing Warden/Devise User #200 (nickL)
GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
Some missing as_json ? #152 (nicolas-besnard)
Check email format on registration #150 (nicolas-besnard)
Actual header key uses dashes, not underscores. #143 (ragaskar)
Username register login #128 (nicolas-besnard)
Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
Fix links to section about controller integration. #117 (Le6ow5k1)
document GET for /validate_token #113 (lukaselmer)
Fix small error in documentation. #91 (edgarhenriquez)
Exclude devise modules #85 (jartek)
fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
Add better guidelines for contributors. #67 (edgarhenriquez)
Use resource_class to override email confirmation. #64 (edgarhenriquez)
fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
Include resource.errors.full_messages in error response. #50 (jasonswett)
fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
Update README with Example Generator Command #35 (wwilkins)
Remove OmniAuth dependency #26 (hannahhoward)
Update README.md #24 (davidsavoya)
guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
Fix expiry data type #11 (lonre)
README and travis config tweaks #7 (guilhermesimoes)

Change Log

v0.1.42 (2017-05-17)

Full Changelog

Closed issues:

devise_token_auth blocks upgrade to Rails 5.1.0 #875

Merged pull requests:

Support for devise 4.3 that is now supporting rails 5.1 #891 (silviusimeria)

Change Log

v0.1.41

Full Changelog

Implemented enhancements:

Rails generator to update views #33
Extract Omniauth attributes assignation into a method #31

Fixed bugs:

Generator doesn't work correctly with mongoid and/or rails-api #14
Generator issues #13

Closed issues:

Can´t retrieve access token in login response headers #877
how do I login a user after account signup? #866
Can only register one account. #858
No access-token in the header #855
Headers not present in all requests #851
uninitialized constant SECRET_KEY_BASE #845
devise_token_auth: can't work with Rails subdomain. #831
Question: email confirmation token URI with Rails API #824
readme code for controller override needs a slight change #819
Support for multiple providers during same session #815
not supporting for angular1.6 #810
Add has one/belongs to assotiation #807
redirect_url required but not permitted in strong parameters #805
Data leak on create password reset #797
Rails 5 API Mode Not Authorizing #796
wrong constant name user #784
current_user returns nill #779
ActionController::RoutingError - undefined method `helper_method' #776
Minimum Limits on a token? #764
Octopus throwing error when deleting expired tokens #761
Only one User model return the correct headers #757
ArgumentError in Devise::RegistrationsController#new #750
OAuth (GitHub) redirects to callback url twice #749
Rails 5 API deployed as microservices #741
Query params left in url after facebook login cause authentication to fail on refresh #734
Can't permit parameters in rails engine #731
Cannot integrate with omniauth-facebook #729
Two models, one not working #726
API response bodies are empty when using active_model_serializers #715
/sign_out route is returning 404 not found #713
Why is tokens field a json type and how to create a query based on inside values? #707
Deprecation Error Message on 5.0 #698
"Covert Redirect" Vulnerability #696
No route matches [POST] "/api/v1/auth" #694
Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
using devise_token_auth for API alongside standard devise gem for HTML view #689
No Headers after sign_in for new Users created by Admin #685
NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
Fast page refresh problem #683
IndexError: string not matched on User sign_in #681
skip_confirmation_notification! not working #679
rails g devise_token_auth:install User auth hangs and does nothing #671
Bump version to support devise 4.1.1 #659
callback :set_user_by_token has not been defined #649
Issues with active_model_serializers #644
Error with devise #643
undefined method `token_validation_response' #635
when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
Relax devise dependency to allow 4.1 #631
Rails 5 generator doesn't insert concern #627
NoMethodError (undefined method `find_by_uid') in production. #625
Why is password confirmation required ? #624
Curl not working for sign_in but works on ng-token-angular #620
After Sign-in success, The following requests on Angular side are unauthorized. #619
Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
:authenticate_user! wired behaviour #614
current_user is nil, request headers are all upcased and prefixed with HTML_ #611
Problem in generated routes #607
Rails 5 API Mode - no headers in response #606
Filter chain halted as :authenticate_user! rendered or redirected #603
422 Unprocessable Entity when using local IP address #601
not working with latest version of active_model_serializers #600
overriding rendering methods in devise_token_auth #597
redirect_url is missing in email instructions sent to the user for password reset #588
Unpermitted parameter: {"email":"mail@gmail.com","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
can't authenticate user when opening a new download tab #582
Mails are not being sent #581
current_user seems to be nil after doing requests from different tabs #579
Do we have any rspec helpers to sign_in an user? #577
Cannot override json response of authenticate_user! #575
return custom json data after sign_in #567
/auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
Where is the access key of omniauth provider? #549
How this gem is different from a JWT system? #543
Improper formatting for JSON API error/success responses #536
Is it a hybrid authentication system? #527
check_current_password_before_update still requires password when resetting password #526
Manually authenticate for testing #521
Support for STI #517
DEPRECATION WARNING: alias_method_chain is deprecated #514
JSON responses don't fit JSON_API requirements #512
Not working with rails 5 and devise master #504
Unpermitted parameters: confirm_success_url, config_name, registration #501
set_user_by_token not defined in production for rails 5 #500
Master branch no longer working with devise master branch (version error) #498
uid is not getting set in git revision 996b9cf23a18 #497
ve_model_serializer namespace #492
User remains logged in when using devise and devise_token_auth in the same app #486
DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
validate_token - resource_name - undefined method `name' for nil:NilClass #480
Helpers being loaded for Rails API's #468
Unable to call rails g devise\_token\_auth:install within rails engine #465
locales errors.messages.already\_in\_use seems broken #463
It shows "An error occurred" after omniauth callback #445
- #444
Put Access Token in body #442
Unable to add a new param for sign up #440
Undefined method provider from devise_toke_auth concerns/user.rb #438
Scoped DeviseToken but it still affects the original Omniauth redirects. #429
Can't create user via api #422
Password Reset question, do I need my own form? #418
Large Size on Disk #415
The validate_token function in the readme is missing a parameter #413
Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
change_headers_on_each_request and batch requests #403
Multiple users, returning(and creating) wrong model's auth token #399
Can't verify CSRF token authenticity #398
uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
Sign in not success. #388
password length #380
Devise token auth not found routing error #379
Defining a custom primary key #378
seeing other users data after login/out with different users on ionic #375
omniauth: when redirecting, user object should not be serialized into url #368
getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
omniauth callback redirect not working properly when using namespace/scope #362
invalid token in method set_user_by_token on RegistrationsController#update #357
Allow devise patch version updates #351
Error validating token #348
Restricting access to controllers methods #340
Allow for HTTP Basic Auth ? #337
Allow Omniauth user reset password #335
NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
Unpermitted parameters: format, session #328
Concern causes app to connect to database when precompiling assets. #327
devise token auth + Save Facebook auth_hash info in database #326
Error sending password reset email when not using confirmable (reopened #124) #321
Routing error / Preflight request / OPTIONS #320
delete tokens after password change #318
Can't authorize (user_signed_in? always show false) #315
Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
Having 401 Unauthorized only with mobile #305
remove unused nickname, image from user object #304
HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
Getting 401's when making requests using iOS/Android clients #299
undefined method `tokens' for #<Hash:0x000000063f0920> #297
Confirmation URL giving bad arguments #293
set_user_by_token not called in overriden controller #291
Question: Should we send password reset instructions to unconfirmed emails? #287
NoMethodError (undefined method `[]' for nil:NilClass): #286
Facebook omniauth redirection is missing url when testing on localhost #285
No route matches [GET] "/users/facebook/callback" #280
No route matches [GET] "/omniauth/:provider" #278
How to refresh token/expiry? #275
wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
Can not save a user with nil tokens attribute #271
Shouldn't validate_token param be access-token, not auth_token? #270
include associations on login #269
Failure route not handled #262
Getting Unauthorized error even after sending the correct token, uid and client #261
Weird error message #259
undefined method `provider' for #<User:0x007f49fd5da2e8> #257
Custom Serializer like ActiveModel Serializer #249
File download with query params #246
Info: is devise_token_auth compatible with rails 3.2.19? #245
Headers required for different methods #243
Unpermitted parameters: format, session, lang #239
On sign_in, devise_token_auth expects the uid to be the same as the email #237
Name conflict with inherited_resources #236
sign_in will not fetch the token #234
Remove ('#') symbol when using html5mode in locationProvider #232
Log in request 401 error #231
User Registration - "email address already in use" when it is unique #230
Devise email validation disabled...why? #229
confirm_success_url error not working #226
pending_reconfirmation called when confirmable isn't used #224
omniauth_success.html.erb JSON bug #221
Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
Where can I got token? #217
URI fragment prevent to send params in Confirmation URL #213
Generating many client tokens #210
Limit tokens hash? #208
500 error returned when no data is POSTed to registration controller #203
undefined method `match' for nil:NilClass #201
DELETE method becoming OPTIONS @ Heroku #197
40 Mb log file and 1 minute to have token with curl #195
401 unauthorized #193
GET requests to sign_in shouldn't raise an exception #190
Api not locked by default #189
Rails 4.1 #187
Unable to override OmniauthCallbacksController#redirect_callbacks #186
Devise and devise_token_auth omniauth callbacks #184
Token based authentication with no sessions #183
undefined method `authenticate_user!' #182
confirm_success_url shouldn't be a required param #176
Provide an OAuth implementation for native apps #175
getting an argument error when trying to use omniauth #174
Sign in via username doesn't seem to work correctly. #173
Cannot use + sign in email address. #171
How can i authenticate using curl and get private entries ! #167
Pessimistic Locking produces ArgumentError #165
POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
Sign out just on client side ? #161
Unpermitted parameter: redirect_url #160
Issues using devise and devise_token_auth #159
Add role based authorization #158
Not compatible with ActiveAdmin #156
[Duplicate] is devise_invitable supported? #154
User can register with a "false" email #149
/validate_token #148
Email confirmation link #147
Tokens field on database #146
Twitter OAuth always throughs CookieOverflow #145
Is there a way to configure apiUrl for both dev and prod? #144
Getting 401 unauthorized on login attempt #142
Comparing with jwt #140
Can't get omniauth to work (error in redirect_callbacks) #139
Change controller inheritance #138
Reset Password call returns 400 for Not Found user #137
The gem is too big. Please take care of it. #136
Error when loging with facebook the second time without logout #135
OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
Missing template /omniauth_response #132
Unpermitted parameter: session #130
OAuth error: We're sorry, but something went wrong #129
Would it be useful to integrate login with username ? #127
Sign in with login instead of email #126
Error sending password reset email when not using confirmable #124
Using expired token for parallel calls #123
User tokens don't properly deserialize #121
OmniauthCallbacksController#omniauth_success wrong number of arguments (1 for 0) #119
Could not load 'omniauth' #118
bad argument (expected URI object or URI string) #116
devise_token_auth for public API, but devise for rest of app? #114
Omniauthable deleted on UsersConcern : Why ? #111
Unrequired route #110
raises NoMethodError instead of displaying error when email is missing #108
Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
Circular dependency detected while autoloading constant Api #106
Can't Authenticate via cURL #105
Unpermitted parameters: user, registration #104
BCrypt::Errors::InvalidSalt errors #103
Active job token expiring integration #102
The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
Disable confirmable #99
responders - rails 4.2 #98
forward skip to devise #97
API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
Overwriting default "from" email address #94
uninitialized constant DeviseTokenAuth #92
change_headers_on_each_request not working expiry header empty #90
Gem render consistency #87
Sample Sessions Controller for logging in via Rails View. #86
Change authorization key: Use phone_number instead of email #84
Conflict with active_admin gem #83
NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
All the APIs are getting 'Authorized users only' #81
Is Devise option Rememberable required ? #80
Problem with skip_confirmation! #78
Cannot reset password if registered by omniauth #77
NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
Remove dependency on ActiveRecord #72
Skipping Registrations Controller Altogether #70
Problem in validate_token if the model is in a namespace #69
Cannot send confirmation email if there is no 'User' model #68
Better guidelines for contributors #65
admin namespace #63
Devise trackable module not working #62
Devise_token_auth without OmniAuth authentication #60
Reset Password error #59
Confirmable - unconfirmed email #58
Email Column Isn't Used for Database Authentication #56
Unique Key for Provider and UID Combination #55
User Info in separate table or removed #53
rename @user to @resource #48
Active_admin issue #47
Possible Logout Issue #46
Routes not appended to routes.rb #45
Return resource.errors.full_messages in addition to resource.errors #44
Devise and Devise_Token_Auth in api namespace #43
Trackable attributes are not being updated. #42
Avoid using respond_to in application controller #41
devise_token_auth assumes you want the :confirmable functionality #40
undefined method `match' for nil:NilClass #39
Expired token aren't removed when session expires #38
sign_up helper #37
self.tokens[client_id]['token'] != token #30
How is the uid generated for non-omniauth users? #29
Access to current_user variable? #28
Filter chain halted as :require_no_authentication #27
Allow additional parameters for registration #25
Cannot add more parameters at sign_up #22
Error on Registration #21
Error with authentication #20
Cascade of Issues with Omniauth(?) #18
Batch Requests Respond with Original Auth Token #17
Sign out with email provider error #16
sessions_controller.rb #12
Github login in example is broken #10
Facebook auth is broken #9
Generator is not working #8
Test ticket from Code Climate #6
Test ticket from Code Climate #5
extending the devise_token_auth user model #4
A few ideas #3
Google Oauth2 does not set cookies in production. #1

Merged pull requests:

Translate message: Authorized users only through devise #883 (vincenzodev)
Updated generator test code to work with rails 5 #872 (jrhee17)
use URI::HTTPS to generate HTTPS redirects #864 (cgc)
Rename find_by methods #860 (alex-lairan)
Support for Devise 4.2.1 #852 (ckho)
Add Albanian locale #842 (fatosmorina)
Update german translation. #816 (gobijan)
Prevent getting table info if not connected to db #814 (cbliard)
Add support for italian locale #811 (Chosko)
Fix privacy issue with password reset request #808 (biomancer)
Add missing parameter :redirect_url, fixes #805 #806 (Rush)
Fix language errors in German locale #800 (morgler)
Don't send extra data on request password reset #798 (Mrjaco12)
Travis: use the code_climate addon config #786 (olleolleolle)
Update link #782 (dijonkitchen)
Add index for confirmation_token #767 (dijonkitchen)
Fixes constructing redirect_route #765 (piotrkaczmarek)
Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
Add Romanian locale. #743 (razvanmitre)
Ruby syntax: replace and/not with &&/! #733 (olleolleolle)
Update indexes on template #724 (dijonkitchen)
Add an extra line to the "contributing" list #720 (jahammo2)
Fix grammar #712 (dijonkitchen)
Added reference to Angular2-Token to README #710 (neroniaky)
feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)
Fix Migration Deprecation Warning #700 (juddey)
Apply redirect\_whitelist to OAuth redirect URI. #699 (lynndylanhurley)
add zh-CN.yml #697 (halfray)
update README.md #693 (nhattan)
Fix for issue #600 #674 (milep)
Use lockable devise option and unlock controller overwrite #669 (genaromadrid)
Fix setup config example in README #665 (guich-wo)
added bypass_sign_in for next version of Devise #663 (KendallPark)
fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
Tokens count overmuch fixed #650 (JerryGreen)
updates config wrapper to conform with newer idiom #648 (bvandgrift)
Adding support for devise 4.1.1 #642 (iainmcg)
Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
Fix yields from controller actions #638 (tiagojsag)
Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
fix spelling in comment on token auth concern #632 (dandlezzz)
fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
Revert "Update readme for headers names" #592 (ash1day)
Update readme for headers names #589 (ash1day)
Add info to README #585 (ghost)
Fix typo and remove trailing spaces #578 (ash1day)
allowing authenticating using headers as well as a post request #576 (ingolfured)
Whitespace: tabs removed #574 (olleolleolle)
Added dutch translations #571 (nschmoller)
now possible to change headers names in the config file #569 (ingolfured)
User concern: Ensure fallback is in place #564 (olleolleolle)
Return resource with top-level 'type' member. #562 (ruimiguelsantos)
Fix devise mapping #540 (merqlove)
Make all json responses to be json_api compliant #537 (djsegal)
Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
Add Japanese locale and fix typo #530 (metalunk)
Added omniauth post route #528 (v3rtx)
Extract model callbacks #525 (merqlove)
create token when no client_id token #523 (charlesdg)
Fix enable_standard_devise_support in initializer #518 (halilim)
Make render_create_success render valid json_api #513 (djsegal)
Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
[REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
remove deprecations from RegistrationsController #506 (fivetwentysix)
Allow new devise version for rails 5 compatibility #499 (djsegal)
Spelling mistake #493 (Tom-Tom)
Improve Brazilian Portuguese locale #491 (ssouza)
fix namespaced mapping name #484 (paulosoares86)
Locale file for both zh-TW and zh-HK #483 (SunnyTam)
Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
removing old tokens when user changes passwords #474 (paulosoares86)
Move travis to container based configuration #470 (ValentinTrinque)
Prevent helpers being loaded for Rails API’s #469 (djsegal)
Reduce dependencies to allow Rails 5.0 #467 (djsegal)
Fix locales errors.messages.already\_in\_use + clean up #466 (ValentinTrinque)
Added 401 response to failed group authentication #446 (rstrobl)
RU translations #441 (yivo)
to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
limiting the number of concurrent devices #434 (paulosoares86)
Raise error in controller method #430 (ArneZsng)
feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
Support for i18n in mailers views #427 (ponyesteves)
Fix omniauthredirection when under scopes #425 (xjunior)
Translation to German #423 (haslinger)
fix(url): preserve query parameters when building urls #421 (nbrustein)
Change default message for already in use error and added to english … #417 (ponyesteves)
Issue #413 #414 (Carrigan)
Add .ruby-version entry to .gitignore #412 (xymbol)
404 for invalid link with password reset token #411 (rmvenancio)
Portuguese Translation #409 (rmvenancio)
Added polish translation. #405 (h3xed)
Drop .ruby-version file #404 (xymbol)
Implement hook methods for customized json rendering #384 (neutronz)
Feature/password reset with check fix #374 (jakubrohleder)
fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
Fallback to ActiveModel translations in EmailValidator #369 (yivo)
Add a Gitter chat badge to README.md #360 (gitter-badger)
Improvements to the docs. #358 (aarongray)
Add description to readme about the devise.rb initializer. #356 (aarongray)
Correct handling namespaced resources #355 (yivo)
Fix concern not being inserted for rails-api apps. #350 (aarongray)
Add documentation to explain gotcha with rails-api. #349 (aarongray)
Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
#340 Restrict access to controllers methods #341 (gkopylov)
fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
Fixed error when using standard devise authentication #329 (colavitam)
feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
Fix invalid omniauth redirect #322 (troggy)
Old password check before password update #317 (jakubrohleder)
Remove erroneous colon from before_action callback #310 (jmliu)
Disabled serialization for JSON type columns #306 (colavitam)
Set default provider to "email" in migration #302 (colavitam)
Fix an issue for not :confirmable users #296 (sebfie)
Update README.md #295 (adisos)
Fix MOUNT_PATH 'Read More' link #294 (jmliu)
Don't send password reset instructions to unconfirmed email #288 (coryschires)
Feature/i18n support #283 (sebfie)
Update documentation for validate_token #277 (adamgall)
Added json support for tokens #276 (shicholas)
perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
fix(sessions controller): call reset_session on destroy #251 (nbrustein)
fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
Allow current_password to be supplied when updating profile. #240 (jasonswett)
fixes password reset when not using confirmable #225 (aesnyder)
Fix error when email missing from registration params #220 (iangreenleaf)
URI fragment should appear at the end of URL #214 (edymerchk)
Super block yield (all controllers) #209 (sgwilym)
Super block yield #207 (sgwilym)
Ability to localize error message #206 (lda)
remove fragment sign ("#") from URLs without fragment #205 (tomdov)
Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
Authenticating an existing Warden/Devise User #200 (nickL)
GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
Some missing as_json ? #152 (nicolas-besnard)
Check email format on registration #150 (nicolas-besnard)
Actual header key uses dashes, not underscores. #143 (ragaskar)
Username register login #128 (nicolas-besnard)
Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
Fix links to section about controller integration. #117 (Le6ow5k1)
document GET for /validate_token #113 (lukaselmer)
Fix small error in documentation. #91 (edgarhenriquez)
Exclude devise modules #85 (jartek)
fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
Add better guidelines for contributors. #67 (edgarhenriquez)
Use resource_class to override email confirmation. #64 (edgarhenriquez)
fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
Include resource.errors.full_messages in error response. #50 (jasonswett)
fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
Update README with Example Generator Command #35 (wwilkins)
Remove OmniAuth dependency #26 (hannahhoward)
Update README.md #24 (davidsavoya)
guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
Fix expiry data type #11 (lonre)
README and travis config tweaks #7 (guilhermesimoes)

Change Log

v0.1.40 (2017-01-20)

Full Changelog

Closed issues:

Support for multiple providers during same session #815
not supporting for angular1.6 #810
Add has one/belongs to assotiation #807
redirect_url required but not permitted in strong parameters #805
Rails 5 API Mode Not Authorizing #796
wrong constant name user #784
current_user returns nill #779
ActionController::RoutingError - undefined method `helper_method' #776
Minimum Limits on a token? #764
Octopus throwing error when deleting expired tokens #761
Only one User model return the correct headers #757
ArgumentError in Devise::RegistrationsController#new #750
Rails 5 API deployed as microservices #741
Query params left in url after facebook login cause authentication to fail on refresh #734
Can't permit parameters in rails engine #731
Cannot integrate with omniauth-facebook #729
Two models, one not working #726
API response bodies are empty when using active_model_serializers #715
/sign_out route is returning 404 not found #713
Why is tokens field a json type and how to create a query based on inside values? #707
Deprecation Error Message on 5.0 #698

Merged pull requests:

Update german translation. #816 (gobijan)
Add support for italian locale #811 (Chosko)
Fix privacy issue with password reset request #808 (biomancer)
Add missing parameter :redirect_url, fixes #805 #806 (Rush)
Fix language errors in German locale #800 (morgler)
Don't send extra data on request password reset #798 (Mrjaco12)
Travis: use the code_climate addon config #786 (olleolleolle)
Update link #782 (dijonkitchen)
Add index for confirmation_token #767 (dijonkitchen)
Fixes constructing redirect_route #765 (piotrkaczmarek)
Use standart ActiveRecord error message for email uniqueness validation #746 (mpugach)
Add Romanian locale. #743 (razvanmitre)
Update indexes on template #724 (dijonkitchen)
Add an extra line to the "contributing" list #720 (jahammo2)
Fix grammar #712 (dijonkitchen)
Added reference to Angular2-Token to README #710 (neroniaky)
feat(whitelist): add wildcard support for redirect_whitelist patterns #709 (booleanbetrayal)

Change Log

v0.1.39 (2016-08-16)

Full Changelog

Closed issues:

"Covert Redirect" Vulnerability #696
No route matches [POST] "/api/v1/auth" #694
Got this error with ActiveAdmin "wrong number of arguments (1 for 0)" #692
using devise_token_auth for API alongside standard devise gem for HTML view #689
No Headers after sign_in for new Users created by Admin #685
NoMethodError (undefined method `headers_names' for DeviseTokenAuth:Module) #684
Fast page refresh problem #683
IndexError: string not matched on User sign_in #681
skip_confirmation_notification! not working #679
Bump version to support devise 4.1.1 #659
not working with latest version of active_model_serializers #600

Merged pull requests:

Fix Migration Deprecation Warning #700 (juddey)
Apply redirect\_whitelist to OAuth redirect URI. #699 (lynndylanhurley)
add zh-CN.yml #697 (halfray)
update README.md #693 (nhattan)

0.1.38

Full Changelog

Implemented enhancements:

Rails generator to update views #33
Extract Omniauth attributes assignation into a method #31

Fixed bugs:

Generator doesn't work correctly with mongoid and/or rails-api #14
Generator issues #13

Closed issues:

rails g devise_token_auth:install User auth hangs and does nothing #671
callback :set_user_by_token has not been defined #649
Issues with active_model_serializers #644
Error with devise #643
undefined method `token_validation_response' #635
when password is reset from UI, all tokens must be removed if remove_tokens_after_password_reset is true #634
Relax devise dependency to allow 4.1 #631
Rails 5 generator doesn't insert concern #627
NoMethodError (undefined method `find_by_uid') in production. #625
Curl not working for sign_in but works on ng-token-angular #620
After Sign-in success, The following requests on Angular side are unauthorized. #619
Omniauth - Facebook app doesn't run callback url after successful Facebook authentication #615
:authenticate_user! wired behaviour #614
current_user is nil, request headers are all upcased and prefixed with HTML_ #611
Problem in generated routes #607
Rails 5 API Mode - no headers in response #606
Filter chain halted as :authenticate_user! rendered or redirected #603
422 Unprocessable Entity when using local IP address #601
overriding rendering methods in devise_token_auth #597
redirect_url is missing in email instructions sent to the user for password reset #588
Unpermitted parameter: {"email":"mail@gmail.com","password":"abcdefgh","password_confirmation":"abcdefgh"} #587
can't authenticate user when opening a new download tab #582
Mails are not being sent #581
current_user seems to be nil after doing requests from different tabs #579
Do we have any rspec helpers to sign_in an user? #577
Cannot override json response of authenticate_user! #575
return custom json data after sign_in #567
/auth/validate_token works but getting 401 unauthorized when sending request with auth headers #550
Where is the access key of omniauth provider? #549
How this gem is different from a JWT system? #543
Improper formatting for JSON API error/success responses #536
Is it a hybrid authentication system? #527
check_current_password_before_update still requires password when resetting password #526
Manually authenticate for testing #521
Support for STI #517
JSON responses don't fit JSON_API requirements #512
Not working with rails 5 and devise master #504
Unpermitted parameters: confirm_success_url, config_name, registration #501
set_user_by_token not defined in production for rails 5 #500
Master branch no longer working with devise master branch (version error) #498
uid is not getting set in git revision 996b9cf23a18 #497
ve_model_serializer namespace #492
User remains logged in when using devise and devise_token_auth in the same app #486
DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
validate_token - resource_name - undefined method `name' for nil:NilClass #480
Helpers being loaded for Rails API's #468
Unable to call rails g devise\_token\_auth:install within rails engine #465
locales errors.messages.already\_in\_use seems broken #463
It shows "An error occurred" after omniauth callback #445
- #444
Put Access Token in body #442
Unable to add a new param for sign up #440
Undefined method provider from devise_toke_auth concerns/user.rb #438
Scoped DeviseToken but it still affects the original Omniauth redirects. #429
Can't create user via api #422
Password Reset question, do I need my own form? #418
Large Size on Disk #415
The validate_token function in the readme is missing a parameter #413
Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
change_headers_on_each_request and batch requests #403
Multiple users, returning(and creating) wrong model's auth token #399
Can't verify CSRF token authenticity #398
uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
Sign in not success. #388
password length #380
Devise token auth not found routing error #379
Defining a custom primary key #378
seeing other users data after login/out with different users on ionic #375
omniauth: when redirecting, user object should not be serialized into url #368
getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
omniauth callback redirect not working properly when using namespace/scope #362
invalid token in method set_user_by_token on RegistrationsController#update #357
Allow devise patch version updates #351
Error validating token #348
Allow for HTTP Basic Auth ? #337
Allow Omniauth user reset password #335
NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
Unpermitted parameters: format, session #328
devise token auth + Save Facebook auth_hash info in database #326
Error sending password reset email when not using confirmable (reopened #124) #321
Routing error / Preflight request / OPTIONS #320
delete tokens after password change #318
Can't authorize (user_signed_in? always show false) #315
Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
Having 401 Unauthorized only with mobile #305
remove unused nickname, image from user object #304
HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
Getting 401's when making requests using iOS/Android clients #299
undefined method `tokens' for #<Hash:0x000000063f0920> #297
Confirmation URL giving bad arguments #293
set_user_by_token not called in overriden controller #291
Question: Should we send password reset instructions to unconfirmed emails? #287
NoMethodError (undefined method `[]' for nil:NilClass): #286
Facebook omniauth redirection is missing url when testing on localhost #285
No route matches [GET] "/users/facebook/callback" #280
No route matches [GET] "/omniauth/:provider" #278
How to refresh token/expiry? #275
wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
Can not save a user with nil tokens attribute #271
Shouldn't validate_token param be access-token, not auth_token? #270
include associations on login #269
Failure route not handled #262
Getting Unauthorized error even after sending the correct token, uid and client #261
Weird error message #259
undefined method `provider' for #<User:0x007f49fd5da2e8> #257
Custom Serializer like ActiveModel Serializer #249
File download with query params #246
Info: is devise_token_auth compatible with rails 3.2.19? #245
Headers required for different methods #243
Unpermitted parameters: format, session, lang #239
On sign_in, devise_token_auth expects the uid to be the same as the email #237
Name conflict with inherited_resources #236
sign_in will not fetch the token #234
Remove ('#') symbol when using html5mode in locationProvider #232
Log in request 401 error #231
User Registration - "email address already in use" when it is unique #230
Devise email validation disabled...why? #229
confirm_success_url error not working #226
pending_reconfirmation called when confirmable isn't used #224
omniauth_success.html.erb JSON bug #221
Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
Where can I got token? #217
URI fragment prevent to send params in Confirmation URL #213
Generating many client tokens #210
Limit tokens hash? #208
500 error returned when no data is POSTed to registration controller #203
undefined method `match' for nil:NilClass #201
DELETE method becoming OPTIONS @ Heroku #197
40 Mb log file and 1 minute to have token with curl #195
401 unauthorized #193
GET requests to sign_in shouldn't raise an exception #190
Api not locked by default #189
Rails 4.1 #187
Unable to override OmniauthCallbacksController#redirect_callbacks #186
Token based authentication with no sessions #183
undefined method `authenticate_user!' #182
confirm_success_url shouldn't be a required param #176
Provide an OAuth implementation for native apps #175
getting an argument error when trying to use omniauth #174
Sign in via username doesn't seem to work correctly. #173
Cannot use + sign in email address. #171
How can i authenticate using curl and get private entries ! #167
Pessimistic Locking produces ArgumentError #165
POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
Sign out just on client side ? #161
Unpermitted parameter: redirect_url #160
Issues using devise and devise_token_auth #159
Add role based authorization #158
Not compatible with ActiveAdmin #156
[Duplicate] is devise_invitable supported? #154
User can register with a "false" email #149
/validate_token #148
Email confirmation link #147
Tokens field on database #146
Twitter OAuth always throughs CookieOverflow #145
Is there a way to configure apiUrl for both dev and prod? #144
Getting 401 unauthorized on login attempt #142
Comparing with jwt #140
Can't get omniauth to work (error in redirect_callbacks) #139
Change controller inheritance #138
Reset Password call returns 400 for Not Found user #137
The gem is too big. Please take care of it. #136
Error when loging with facebook the second time without logout #135
OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
Missing template /omniauth_response #132
Unpermitted parameter: session #130
OAuth error: We're sorry, but something went wrong #129
Would it be useful to integrate login with username ? #127
Sign in with login instead of email #126
Error sending password reset email when not using confirmable #124
Using expired token for parallel calls #123
User tokens don't properly deserialize #121
Could not load 'omniauth' #118
bad argument (expected URI object or URI string) #116
devise_token_auth for public API, but devise for rest of app? #114
Omniauthable deleted on UsersConcern : Why ? #111
Unrequired route #110
raises NoMethodError instead of displaying error when email is missing #108
Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
Circular dependency detected while autoloading constant Api #106
Can't Authenticate via cURL #105
Unpermitted parameters: user, registration #104
BCrypt::Errors::InvalidSalt errors #103
Active job token expiring integration #102
The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
Disable confirmable #99
responders - rails 4.2 #98
forward skip to devise #97
API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
Overwriting default "from" email address #94
uninitialized constant DeviseTokenAuth #92
change_headers_on_each_request not working expiry header empty #90
Gem render consistency #87
Sample Sessions Controller for logging in via Rails View. #86
Change authorization key: Use phone_number instead of email #84
Conflict with active_admin gem #83
NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
All the APIs are getting 'Authorized users only' #81
Is Devise option Rememberable required ? #80
Problem with skip_confirmation! #78
Cannot reset password if registered by omniauth #77
NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
Remove dependency on ActiveRecord #72
Skipping Registrations Controller Altogether #70
Problem in validate_token if the model is in a namespace #69
Cannot send confirmation email if there is no 'User' model #68
Better guidelines for contributors #65
admin namespace #63
Devise trackable module not working #62
Devise_token_auth without OmniAuth authentication #60
Reset Password error #59
Confirmable - unconfirmed email #58
Email Column Isn't Used for Database Authentication #56
Unique Key for Provider and UID Combination #55
User Info in separate table or removed #53
rename @user to @resource #48
Active_admin issue #47
Possible Logout Issue #46
Routes not appended to routes.rb #45
Return resource.errors.full_messages in addition to resource.errors #44
Devise and Devise_Token_Auth in api namespace #43
Trackable attributes are not being updated. #42
Avoid using respond_to in application controller #41
devise_token_auth assumes you want the :confirmable functionality #40
undefined method `match' for nil:NilClass #39
Expired token aren't removed when session expires #38
sign_up helper #37
self.tokens[client_id]['token'] != token #30
How is the uid generated for non-omniauth users? #29
Access to current_user variable? #28
Filter chain halted as :require_no_authentication #27
Allow additional parameters for registration #25
Cannot add more parameters at sign_up #22
Error on Registration #21
Error with authentication #20
Cascade of Issues with Omniauth(?) #18
Batch Requests Respond with Original Auth Token #17
Sign out with email provider error #16
sessions_controller.rb #12
Github login in example is broken #10
Facebook auth is broken #9
Generator is not working #8
Test ticket from Code Climate #6
Test ticket from Code Climate #5
extending the devise_token_auth user model #4
A few ideas #3
Google Oauth2 does not set cookies in production. #1

Merged pull requests:

Fix for issue #600 #674 (milep)
Fix setup config example in README #665 (guich-wo)
added bypass_sign_in for next version of Devise #663 (KendallPark)
fix method 'is_json_api' with active_model_serialier v 0.10.0 #651 (woodcrust)
Tokens count overmuch fixed #650 (JerryGreen)
updates config wrapper to conform with newer idiom #648 (bvandgrift)
Adding support for devise 4.1.1 #642 (iainmcg)
Updating Devise dependency to max 4.1.1 #641 (TGRGIT)
Fix yields from controller actions #638 (tiagojsag)
Fix generator to correctly inject content into the user model in rails 5 #636 (ethangk)
fix spelling in comment on token auth concern #632 (dandlezzz)
fixed devise deprecation warning for config.email_regexp #618 (lemuelbarango)
Revert "Update readme for headers names" #592 (y4ashida)
Update readme for headers names #589 (y4ashida)
Add info to README #585 (ghost)
Fix typo and remove trailing spaces #578 (y4ashida)
allowing authenticating using headers as well as a post request #576 (ingolfured)
Whitespace: tabs removed #574 (olleolleolle)
Added dutch translations #571 (nschmoller)
now possible to change headers names in the config file #569 (ingolfured)
User concern: Ensure fallback is in place #564 (olleolleolle)
Return resource with top-level 'type' member. #562 (ruimiguelsantos)
Fix devise mapping #540 (merqlove)
Make all json responses to be json_api compliant #537 (djsegal)
Avoid sending auth headers if while processing used token is cleared #531 (virginia-rodriguez)
Add Japanese locale and fix typo #530 (metalunk)
Added omniauth post route #528 (v3rtx)
Extract model callbacks #525 (merqlove)
create token when no client_id token #523 (charlesdg)
Fix enable_standard_devise_support in initializer #518 (halilim)
Make render_create_success render valid json_api #513 (djsegal)
Prevent raise of exception if set_user_by_token not defined #511 (jeryRazakarison)
send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
[REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
remove deprecations from RegistrationsController #506 (fivetwentysix)
Allow new devise version for rails 5 compatibility #499 (djsegal)
Spelling mistake #493 (Tom-Tom)
Improve Brazilian Portuguese locale #491 (ssouza)
fix namespaced mapping name #484 (paulosoares86)
Locale file for both zh-TW and zh-HK #483 (TravisTam)
Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
removing old tokens when user changes passwords #474 (paulosoares86)
Move travis to container based configuration #470 (ValentinTrinque)
Prevent helpers being loaded for Rails API’s #469 (djsegal)
Reduce dependencies to allow Rails 5.0 #467 (djsegal)
Fix locales errors.messages.already\_in\_use + clean up #466 (ValentinTrinque)
Added 401 response to failed group authentication #446 (rstrobl)
RU translations #441 (yivo)
to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
limiting the number of concurrent devices #434 (paulosoares86)
Raise error in controller method #430 (ArneZsng)
feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
Support for i18n in mailers views #427 (ponyesteves)
Fix omniauthredirection when under scopes #425 (xjunior)
Translation to German #423 (haslinger)
fix(url): preserve query parameters when building urls #421 (nbrustein)
Change default message for already in use error and added to english … #417 (ponyesteves)
Issue #413 #414 (Carrigan)
Add .ruby-version entry to .gitignore #412 (xymbol)
404 for invalid link with password reset token #411 (rmvenancio)
Portuguese Translation #409 (rmvenancio)
Added polish translation. #405 (h3xed)
Drop .ruby-version file #404 (xymbol)
Implement hook methods for customized json rendering #384 (neutronz)
Feature/password reset with check fix #374 (jakubrohleder)
fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
Fallback to ActiveModel translations in EmailValidator #369 (yivo)
Add a Gitter chat badge to README.md #360 (gitter-badger)
Improvements to the docs. #358 (aarongray)
Add description to readme about the devise.rb initializer. #356 (aarongray)
Correct handling namespaced resources #355 (yivo)
Fix concern not being inserted for rails-api apps. #350 (aarongray)
Add documentation to explain gotcha with rails-api. #349 (aarongray)
Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
#340 Restrict access to controllers methods #341 (gkopylov)
fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
Fixed error when using standard devise authentication #329 (colavitam)
feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
Fix invalid omniauth redirect #322 (troggy)
Old password check before password update #317 (jakubrohleder)
Remove erroneous colon from before_action callback #310 (jmliu)
Disabled serialization for JSON type columns #306 (colavitam)
Set default provider to "email" in migration #302 (colavitam)
Fix an issue for not :confirmable users #296 (sebfie)
Update README.md #295 (adisos)
Fix MOUNT_PATH 'Read More' link #294 (jmliu)
Don't send password reset instructions to unconfirmed email #288 (coryschires)
Feature/i18n support #283 (sebfie)
Update documentation for validate_token #277 (adamgall)
Added json support for tokens #276 (shicholas)
perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
fix(sessions controller): call reset_session on destroy #251 (nbrustein)
fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
Allow current_password to be supplied when updating profile. #240 (jasonswett)
fixes password reset when not using confirmable #225 (aesnyder)
Fix error when email missing from registration params #220 (iangreenleaf)
URI fragment should appear at the end of URL #214 (edymerchk)
Super block yield (all controllers) #209 (sgwilym)
Super block yield #207 (sgwilym)
Ability to localize error message #206 (lda)
remove fragment sign ("#") from URLs without fragment #205 (tomdov)
Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
Authenticating an existing Warden/Devise User #200 (nickL)
GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
Some missing as_json ? #152 (nicolas-besnard)
Check email format on registration #150 (nicolas-besnard)
Actual header key uses dashes, not underscores. #143 (ragaskar)
Username register login #128 (nicolas-besnard)
Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
Fix links to section about controller integration. #117 (Le6ow5k1)
document GET for /validate_token #113 (lukaselmer)
Fix small error in documentation. #91 (edgarhenriquez)
Exclude devise modules #85 (jartek)
fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
Add better guidelines for contributors. #67 (edgarhenriquez)
Use resource_class to override email confirmation. #64 (edgarhenriquez)
fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
Include resource.errors.full_messages in error response. #50 (jasonswett)
fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
Update README with Example Generator Command #35 (wwilkins)
Remove OmniAuth dependency #26 (hannahhoward)
Update README.md #24 (davidsavoya)
guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
Fix expiry data type #11 (lonre)
README and travis config tweaks #7 (guilhermesimoes)

Change Log

0.1.37 (2016-01-26)

Full Changelog

Closed issues:

Not working with rails 5 and devise master #504
Unpermitted parameters: confirm_success_url, config_name, registration #501
Master branch no longer working with devise master branch (version error) #498
uid is not getting set in git revision 996b9cf23a18 #497
ve_model_serializer namespace #492
User remains logged in when using devise and devise_token_auth in the same app #486
DEPRECATION WARNING: alias_method_chain is deprecated. Rails 5 #482
validate_token - resource_name - undefined method `name' for nil:NilClass #480
Helpers being loaded for Rails API's #468
locales errors.messages.already\_in\_use seems broken #463
omniauth callback redirect not working properly when using namespace/scope #362
delete tokens after password change #318

Merged pull requests:

send_on_create_confirmation_instructions callback isn't defined (rails 5) #508 (fivetwentysix)
[REBASE] Fix rails 5 deprecation and devise parameter sanitization #507 (fivetwentysix)
remove deprecations from RegistrationsController #506 (fivetwentysix)
Allow new devise version for rails 5 compatibility #499 (djsegal)
Spelling mistake #493 (Tom-Tom)
Improve Brazilian Portuguese locale #491 (ssouza)
fix namespaced mapping name #484 (paulosoares86)
Locale file for both zh-TW and zh-HK #483 (TravisTam)
Fixed typos and inconsistencies in ru.yml #478 (fertingoff)
Fixes Issue #362: Fixes for the omniauth redirection issue for namesp… #476 (devilankur18)
removing old tokens when user changes passwords #474 (paulosoares86)
Move travis to container based configuration #470 (ValentinTrinque)
Prevent helpers being loaded for Rails API’s #469 (djsegal)
Reduce dependencies to allow Rails 5.0 #467 (djsegal)
Fix locales errors.messages.already\_in\_use + clean up #466 (ValentinTrinque)
Fix omniauthredirection when under scopes #425 (xjunior)

v0.1.37.beta4 (2015-12-10)

Full Changelog

Closed issues:

It shows "An error occurred" after omniauth callback #445
- #444
Put Access Token in body #442
Unable to add a new param for sign up #440
Undefined method provider from devise_toke_auth concerns/user.rb #438
Scoped DeviseToken but it still affects the original Omniauth redirects. #429
Can't create user via api #422
change_headers_on_each_request and batch requests #403
password length #380
The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController #309
undefined method `tokens' for #<Hash:0x000000063f0920> #297
Generating many client tokens #210

Merged pull requests:

RU translations #441 (yivo)
to keep coherent with devise. pt instead of pt-PT.yml #436 (rmvenancio)
limiting the number of concurrent devices #434 (paulosoares86)
Raise error in controller method #430 (ArneZsng)
feat(enable-standard-devise): allow configurable support of legacy Devise authentication #428 (booleanbetrayal)
Support for i18n in mailers views #427 (ponyesteves)
Translation to German #423 (haslinger)
fix(url): preserve query parameters when building urls #421 (nbrustein)
Fallback to ActiveModel translations in EmailValidator #369 (yivo)

v0.1.37.beta3 (2015-10-27)

Full Changelog

Closed issues:

Password Reset question, do I need my own form? #418
seeing other users data after login/out with different users on ionic #375

v0.1.37.beta2 (2015-10-25)

Full Changelog

Closed issues:

The validate_token function in the readme is missing a parameter #413

Merged pull requests:

Change default message for already in use error and added to english … #417 (ponyesteves)
Issue #413 #414 (Carrigan)
404 for invalid link with password reset token #411 (rmvenancio)

v0.1.37.beta1 (2015-10-25)

Full Changelog

Closed issues:

Large Size on Disk #415
Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module #406
uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt #393
Devise token auth not found routing error #379
undefined method `match' for nil:NilClass #201

Merged pull requests:

Add .ruby-version entry to .gitignore #412 (xymbol)
Portuguese Translation #409 (rmvenancio)
Drop .ruby-version file #404 (xymbol)
Feature/password reset with check fix #374 (jakubrohleder)

v0.1.36 (2015-10-13)

Full Changelog

v0.1.35 (2015-10-13)

Full Changelog

Fixed bugs:

Generator doesn't work correctly with mongoid and/or rails-api #14

Closed issues:

Multiple users, returning(and creating) wrong model's auth token #399
Sign in not success. #388
Defining a custom primary key #378
omniauth: when redirecting, user object should not be serialized into url #368
getting ng-token-auth and devise_token_auth to work with OAuth in ionic InAppBrowser #367
invalid token in method set_user_by_token on RegistrationsController#update #357
Allow devise patch version updates #351
Error validating token #348
Allow for HTTP Basic Auth ? #337
Allow Omniauth user reset password #335
NameError (uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt) #333
Unpermitted parameters: format, session #328
devise token auth + Save Facebook auth_hash info in database #326
Error sending password reset email when not using confirmable (reopened #124) #321
Facebook omniauth redirection is missing url when testing on localhost #285
Failure route not handled #262
Unable to override OmniauthCallbacksController#redirect_callbacks #186

Merged pull requests:

Added polish translation. #405 (h3xed)
Implement hook methods for customized json rendering #384 (neutronz)
fix(oauth): fixes #368: do not serialize the entire user object in the url when redirecting from oauth #371 (nbrustein)
Add a Gitter chat badge to README.md #360 (gitter-badger)
Improvements to the docs. #358 (aarongray)
Add description to readme about the devise.rb initializer. #356 (aarongray)
Correct handling namespaced resources #355 (yivo)
Fix concern not being inserted for rails-api apps. #350 (aarongray)
Add documentation to explain gotcha with rails-api. #349 (aarongray)
Fully support OmniauthCallbacksController action overrides. Fixes #186. #347 (tbloncar)
#340 Restrict access to controllers methods #341 (gkopylov)
fix(omniauth): fix error in setting text on redirect page #336 (nbrustein)
Fix invalid omniauth redirect #322 (troggy)

v0.1.34 (2015-08-10)

Full Changelog

Implemented enhancements:

Rails generator to update views #33
Extract Omniauth attributes assignation into a method #31

Fixed bugs:

Generator issues #13

Closed issues:

Routing error / Preflight request / OPTIONS #320
Can't authorize (user_signed_in? always show false) #315
Warden::SessionSerializer - wrong number of arguments (2 for 1) #312
Having 401 Unauthorized only with mobile #305
remove unused nickname, image from user object #304
HI, This is more of a doubt since I could not finding anything related to this in your documentation. #300
Getting 401's when making requests using iOS/Android clients #299
Confirmation URL giving bad arguments #293
set_user_by_token not called in overriden controller #291
Question: Should we send password reset instructions to unconfirmed emails? #287
No route matches [GET] "/users/facebook/callback" #280
No route matches [GET] "/omniauth/:provider" #278
How to refresh token/expiry? #275
wrong number of arguments (1 for 0): in DeviseTokenAuth::RegistrationsController#create #274
Can not save a user with nil tokens attribute #271
Shouldn't validate_token param be access-token, not auth_token? #270
include associations on login #269
Getting Unauthorized error even after sending the correct token, uid and client #261
Weird error message #259
undefined method `provider' for #<User:0x007f49fd5da2e8> #257
File download with query params #246
Info: is devise_token_auth compatible with rails 3.2.19? #245
Headers required for different methods #243
Unpermitted parameters: format, session, lang #239
On sign_in, devise_token_auth expects the uid to be the same as the email #237
Name conflict with inherited_resources #236
sign_in will not fetch the token #234
Log in request 401 error #231
User Registration - "email address already in use" when it is unique #230
Devise email validation disabled...why? #229
confirm_success_url error not working #226
pending_reconfirmation called when confirmable isn't used #224
omniauth_success.html.erb JSON bug #221
Using devise_token_auth and ng_token_auth with angularJS in an Ionic Hybrid application #218
Where can I got token? #217
URI fragment prevent to send params in Confirmation URL #213
Limit tokens hash? #208
500 error returned when no data is POSTed to registration controller #203
DELETE method becoming OPTIONS @ Heroku #197
40 Mb log file and 1 minute to have token with curl #195
401 unauthorized #193
GET requests to sign_in shouldn't raise an exception #190
Api not locked by default #189
Rails 4.1 #187
Token based authentication with no sessions #183
undefined method `authenticate_user!' #182
confirm_success_url shouldn't be a required param #176
Provide an OAuth implementation for native apps #175
getting an argument error when trying to use omniauth #174
Sign in via username doesn't seem to work correctly. #173
Cannot use + sign in email address. #171
How can i authenticate using curl and get private entries ! #167
Pessimistic Locking produces ArgumentError #165
POTENTIAL SECURITY RISK: Setting confirm_success_url and redirect_url via API #162
Sign out just on client side ? #161
Unpermitted parameter: redirect_url #160
Issues using devise and devise_token_auth #159
Add role based authorization #158
Not compatible with ActiveAdmin #156
[Duplicate] is devise_invitable supported? #154
User can register with a "false" email #149
/validate_token #148
Email confirmation link #147
Tokens field on database #146
Twitter OAuth always throughs CookieOverflow #145
Is there a way to configure apiUrl for both dev and prod? #144
Getting 401 unauthorized on login attempt #142
Comparing with jwt #140
Can't get omniauth to work (error in redirect_callbacks) #139
Change controller inheritance #138
Reset Password call returns 400 for Not Found user #137
The gem is too big. Please take care of it. #136
Error when loging with facebook the second time without logout #135
OmniAuth redirect doesn't work if using the generated mount_devise_token route #133
Missing template /omniauth_response #132
Unpermitted parameter: session #130
OAuth error: We're sorry, but something went wrong #129
Would it be useful to integrate login with username ? #127
Sign in with login instead of email #126
Error sending password reset email when not using confirmable #124
Using expired token for parallel calls #123
User tokens don't properly deserialize #121
Could not load 'omniauth' #118
bad argument (expected URI object or URI string) #116
devise_token_auth for public API, but devise for rest of app? #114
Omniauthable deleted on UsersConcern : Why ? #111
Unrequired route #110
raises NoMethodError instead of displaying error when email is missing #108
Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" #107
Circular dependency detected while autoloading constant Api #106
Can't Authenticate via cURL #105
Unpermitted parameters: user, registration #104
BCrypt::Errors::InvalidSalt errors #103
Active job token expiring integration #102
The action 'new' could not be found for DeviseTokenAuth::RegistrationsController #100
Disable confirmable #99
responders - rails 4.2 #98
forward skip to devise #97
API versioning the devise scope of token validation and ominiauth controller path will wrap up #96
Overwriting default "from" email address #94
uninitialized constant DeviseTokenAuth #92
change_headers_on_each_request not working expiry header empty #90
Gem render consistency #87
Sample Sessions Controller for logging in via Rails View. #86
Change authorization key: Use phone_number instead of email #84
Conflict with active_admin gem #83
NoMethodError in DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks #82
All the APIs are getting 'Authorized users only' #81
Is Devise option Rememberable required ? #80
Problem with skip_confirmation! #78
Cannot reset password if registered by omniauth #77
NoMethodError at /omniauth/facebook/callback - undefined method `[]' for nil:NilClass #76
Skipping Registrations Controller Altogether #70
Problem in validate_token if the model is in a namespace #69
Cannot send confirmation email if there is no 'User' model #68
Better guidelines for contributors #65
admin namespace #63
Devise trackable module not working #62
Devise_token_auth without OmniAuth authentication #60
Reset Password error #59
Confirmable - unconfirmed email #58
Email Column Isn't Used for Database Authentication #56
Unique Key for Provider and UID Combination #55
User Info in separate table or removed #53
rename @user to @resource #48
Active_admin issue #47
Possible Logout Issue #46
Routes not appended to routes.rb #45
Return resource.errors.full_messages in addition to resource.errors #44
Devise and Devise_Token_Auth in api namespace #43
Trackable attributes are not being updated. #42
Avoid using respond_to in application controller #41
devise_token_auth assumes you want the :confirmable functionality #40
undefined method `match' for nil:NilClass #39
Expired token aren't removed when session expires #38
sign_up helper #37
self.tokens[client_id]['token'] != token #30
How is the uid generated for non-omniauth users? #29
Access to current_user variable? #28
Filter chain halted as :require_no_authentication #27
Allow additional parameters for registration #25
Cannot add more parameters at sign_up #22
Error on Registration #21
Error with authentication #20
Cascade of Issues with Omniauth(?) #18
Batch Requests Respond with Original Auth Token #17
Sign out with email provider error #16
sessions_controller.rb #12
Github login in example is broken #10
Facebook auth is broken #9
Generator is not working #8
Test ticket from Code Climate #6
Test ticket from Code Climate #5
extending the devise_token_auth user model #4
A few ideas #3
Google Oauth2 does not set cookies in production. #1

Merged pull requests:

add Brazilian Portuguese translation (pt-BR) #331 (josiasds)
Tests to ensure standard devise has greater priority than tokens #330 (colavitam)
Fixed error when using standard devise authentication #329 (colavitam)
feat(improved-omniauth): omniauth sameWindow and inAppBrowser flows #323 (nbrustein)
Old password check before password update #317 (jakubrohleder)
Remove erroneous colon from before_action callback #310 (jmliu)
Disabled serialization for JSON type columns #306 (colavitam)
Set default provider to "email" in migration #302 (colavitam)
Fix an issue for not :confirmable users #296 (sebfie)
Update README.md #295 (adisos)
Fix MOUNT_PATH 'Read More' link #294 (jmliu)
Don't send password reset instructions to unconfirmed email #288 (coryschires)
Feature/i18n support #283 (sebfie)
Update documentation for validate_token #277 (adamgall)
Added json support for tokens #276 (shicholas)
perf(token_is_current?): add simplistic cache to reduce overhead of redundant token checks during validation calls #272 (booleanbetrayal)
perf(update_auth_header): only lock the resource if we are rotating tokens #267 (booleanbetrayal)
fix(email-validation): Update in-use email validation message during registration to allow full_message use #255 (booleanbetrayal)
fix(session#new): fix unhandled 500 when logging in with valid user and bad password #254 (mathemagica)
feat(ominauth): support json-formatted values in omniauth callback. #252 (nbrustein)
fix(sessions controller): call reset_session on destroy #251 (nbrustein)
fix(resource_class): support optional mapping property from set_user_by_token #250 (booleanbetrayal)
Allow current_password to be supplied when updating profile. #240 (jasonswett)
fixes password reset when not using confirmable #225 (aesnyder)
Fix error when email missing from registration params #220 (iangreenleaf)
URI fragment should appear at the end of URL #214 (edymerchk)
Super block yield (all controllers) #209 (sgwilym)
Super block yield #207 (sgwilym)
Ability to localize error message #206 (lda)
remove fragment sign ("#") from URLs without fragment #205 (tomdov)
Return 422 (was 500) when empty body for sign up and account update #204 (mchavarriagam)
Users with allowed unconfirmed access can now log in successfully. #202 (colavitam)
Authenticating an existing Warden/Devise User #200 (nickL)
GET sign_in should direct people to use POST sign_in rather than raising exception #191 (milesmatthias)
Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes #145. #179 (tbloncar)
Some missing as_json ? #152 (nicolas-besnard)
Check email format on registration #150 (nicolas-besnard)
Actual header key uses dashes, not underscores. #143 (ragaskar)
Username register login #128 (nicolas-besnard)
Check if confirmable is active before skipping confirmation #125 (nicolas-besnard)
Fix links to section about controller integration. #117 (Le6ow5k1)
document GET for /validate_token #113 (lukaselmer)
Fix small error in documentation. #91 (edgarhenriquez)
Exclude devise modules #85 (jartek)
fix(registration and update): Ensure UID is updated alongside Email, and case-sensitivity is honored #71 (booleanbetrayal)
Add better guidelines for contributors. #67 (edgarhenriquez)
Use resource_class to override email confirmation. #64 (edgarhenriquez)
fix(case-sensitivity): support devise case_insensitive_keys for session ... #57 (booleanbetrayal)
fix(contention): fix write contention in update_auth_headers and always ... #52 (booleanbetrayal)
Include resource.errors.full_messages in error response. #50 (jasonswett)
fix(expiry): fix an issue where token expiration checks were too permissive #49 (booleanbetrayal)
Update README with Example Generator Command #35 (wwilkins)
Remove OmniAuth dependency #26 (hannahhoward)
Update README.md #24 (davidsavoya)
guard against MissingAttributeError during common ActiveRecord operations #19 (booleanbetrayal)
Fix expiry data type #11 (lonre)
README and travis config tweaks #7 (guilhermesimoes)

* This Change Log was automatically generated by github_changelog_generator

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CHANGELOG.md

CHANGELOG.md

Change Log

v0.1.43

Change Log

v0.1.42 (2017-05-17)

Change Log

v0.1.41

Change Log

v0.1.40 (2017-01-20)

Change Log

v0.1.39 (2016-08-16)

0.1.38

Change Log

0.1.37 (2016-01-26)

v0.1.37.beta4 (2015-12-10)

v0.1.37.beta3 (2015-10-27)

v0.1.37.beta2 (2015-10-25)

v0.1.37.beta1 (2015-10-25)

v0.1.36 (2015-10-13)

v0.1.35 (2015-10-13)

v0.1.34 (2015-08-10)

Files

CHANGELOG.md

Latest commit

History

CHANGELOG.md

File metadata and controls

Change Log

v0.1.43

Change Log

v0.1.42 (2017-05-17)

Change Log

v0.1.41

Change Log

v0.1.40 (2017-01-20)

Change Log

v0.1.39 (2016-08-16)

0.1.38

Change Log

0.1.37 (2016-01-26)

v0.1.37.beta4 (2015-12-10)

v0.1.37.beta3 (2015-10-27)

v0.1.37.beta2 (2015-10-25)

v0.1.37.beta1 (2015-10-25)

v0.1.36 (2015-10-13)

v0.1.35 (2015-10-13)

v0.1.34 (2015-08-10)