diff --git a/.github_changelog_generator b/.github_changelog_generator
index 4b970df16..388e44f05 100644
--- a/.github_changelog_generator
+++ b/.github_changelog_generator
@@ -1,5 +1,5 @@
 bug-labels=bug,Bug,fix,Fix
 enhancement-labels=enhancement,Enhancement,feat,Feat
-between-tags=v0.1.38,v0.1.40
+somce=tag=v0.1.40
 unreleased-label=v0.1.41
 base=CHANGELOG.md
\ No newline at end of file
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 06cd01315..bbb98dc72 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,489 @@
 # Change Log
 
+## [v0.1.41](https://github.com/lynndylanhurley/devise_token_auth/tree/HEAD)
+
+[Full Changelog](https://github.com/lynndylanhurley/devise_token_auth/compare/v0.1.40...HEAD)
+
+**Implemented enhancements:**
+
+- Rails generator to update views [\#33](https://github.com/lynndylanhurley/devise_token_auth/issues/33)
+- Extract Omniauth attributes assignation into a method [\#31](https://github.com/lynndylanhurley/devise_token_auth/issues/31)
+
+**Fixed bugs:**
+
+- Generator doesn't work correctly with mongoid and/or rails-api [\#14](https://github.com/lynndylanhurley/devise_token_auth/issues/14)
+- Generator issues [\#13](https://github.com/lynndylanhurley/devise_token_auth/issues/13)
+
+**Closed issues:**
+
+- Can´t retrieve access token in login response headers [\#877](https://github.com/lynndylanhurley/devise_token_auth/issues/877)
+- how do I login a user after account signup? [\#866](https://github.com/lynndylanhurley/devise_token_auth/issues/866)
+- Can only register one account. [\#858](https://github.com/lynndylanhurley/devise_token_auth/issues/858)
+- No access-token in the header [\#855](https://github.com/lynndylanhurley/devise_token_auth/issues/855)
+- Headers not present in all requests [\#851](https://github.com/lynndylanhurley/devise_token_auth/issues/851)
+- uninitialized constant SECRET\_KEY\_BASE [\#845](https://github.com/lynndylanhurley/devise_token_auth/issues/845)
+- devise\_token\_auth: can't work with Rails subdomain. [\#831](https://github.com/lynndylanhurley/devise_token_auth/issues/831)
+- Question: email confirmation token URI with Rails API [\#824](https://github.com/lynndylanhurley/devise_token_auth/issues/824)
+- readme code for controller override needs a slight change [\#819](https://github.com/lynndylanhurley/devise_token_auth/issues/819)
+- Support for multiple providers during same session [\#815](https://github.com/lynndylanhurley/devise_token_auth/issues/815)
+- not supporting for angular1.6 [\#810](https://github.com/lynndylanhurley/devise_token_auth/issues/810)
+- Add has one/belongs to assotiation [\#807](https://github.com/lynndylanhurley/devise_token_auth/issues/807)
+- redirect\_url required but not permitted in strong parameters [\#805](https://github.com/lynndylanhurley/devise_token_auth/issues/805)
+- Data leak on create password reset [\#797](https://github.com/lynndylanhurley/devise_token_auth/issues/797)
+- Rails 5 API Mode Not Authorizing [\#796](https://github.com/lynndylanhurley/devise_token_auth/issues/796)
+- wrong constant name user [\#784](https://github.com/lynndylanhurley/devise_token_auth/issues/784)
+- current\_user returns nill [\#779](https://github.com/lynndylanhurley/devise_token_auth/issues/779)
+- ActionController::RoutingError - undefined method `helper\_method' [\#776](https://github.com/lynndylanhurley/devise_token_auth/issues/776)
+- Minimum Limits on a token? [\#764](https://github.com/lynndylanhurley/devise_token_auth/issues/764)
+- Octopus throwing error when deleting expired tokens [\#761](https://github.com/lynndylanhurley/devise_token_auth/issues/761)
+- Only one User model return the correct headers [\#757](https://github.com/lynndylanhurley/devise_token_auth/issues/757)
+- ArgumentError in Devise::RegistrationsController\#new [\#750](https://github.com/lynndylanhurley/devise_token_auth/issues/750)
+- OAuth \(GitHub\) redirects to callback url twice [\#749](https://github.com/lynndylanhurley/devise_token_auth/issues/749)
+- Rails 5 API deployed as microservices [\#741](https://github.com/lynndylanhurley/devise_token_auth/issues/741)
+- Query params left in url after facebook login cause authentication to fail on refresh [\#734](https://github.com/lynndylanhurley/devise_token_auth/issues/734)
+- Can't permit parameters in rails engine [\#731](https://github.com/lynndylanhurley/devise_token_auth/issues/731)
+- Cannot integrate with omniauth-facebook  [\#729](https://github.com/lynndylanhurley/devise_token_auth/issues/729)
+- Two models, one not working [\#726](https://github.com/lynndylanhurley/devise_token_auth/issues/726)
+- API response bodies are empty when using active\_model\_serializers [\#715](https://github.com/lynndylanhurley/devise_token_auth/issues/715)
+- /sign\_out route is returning 404 not found [\#713](https://github.com/lynndylanhurley/devise_token_auth/issues/713)
+- Why is `tokens` field a json type and how to create a query based on inside values? [\#707](https://github.com/lynndylanhurley/devise_token_auth/issues/707)
+- Deprecation Error Message on 5.0 [\#698](https://github.com/lynndylanhurley/devise_token_auth/issues/698)
+- "Covert Redirect" Vulnerability [\#696](https://github.com/lynndylanhurley/devise_token_auth/issues/696)
+- No route matches \[POST\] "/api/v1/auth" [\#694](https://github.com/lynndylanhurley/devise_token_auth/issues/694)
+- Got this error with ActiveAdmin "wrong number of arguments \(1 for 0\)" [\#692](https://github.com/lynndylanhurley/devise_token_auth/issues/692)
+- using devise\_token\_auth for API alongside standard devise gem for HTML view [\#689](https://github.com/lynndylanhurley/devise_token_auth/issues/689)
+- No Headers after sign\_in for new Users created by Admin [\#685](https://github.com/lynndylanhurley/devise_token_auth/issues/685)
+- NoMethodError \(undefined method `headers\_names' for DeviseTokenAuth:Module\) [\#684](https://github.com/lynndylanhurley/devise_token_auth/issues/684)
+- Fast page refresh problem [\#683](https://github.com/lynndylanhurley/devise_token_auth/issues/683)
+- IndexError: string not matched on User sign\_in [\#681](https://github.com/lynndylanhurley/devise_token_auth/issues/681)
+- skip\_confirmation\_notification! not working [\#679](https://github.com/lynndylanhurley/devise_token_auth/issues/679)
+- rails g devise\_token\_auth:install User auth hangs and does nothing [\#671](https://github.com/lynndylanhurley/devise_token_auth/issues/671)
+- Bump version to support devise 4.1.1 [\#659](https://github.com/lynndylanhurley/devise_token_auth/issues/659)
+- callback :set\_user\_by\_token has not been defined [\#649](https://github.com/lynndylanhurley/devise_token_auth/issues/649)
+- Issues with active\_model\_serializers [\#644](https://github.com/lynndylanhurley/devise_token_auth/issues/644)
+- Error with devise [\#643](https://github.com/lynndylanhurley/devise_token_auth/issues/643)
+- undefined method `token\_validation\_response' [\#635](https://github.com/lynndylanhurley/devise_token_auth/issues/635)
+- when password is reset from UI, all tokens must be removed if  remove\_tokens\_after\_password\_reset is true [\#634](https://github.com/lynndylanhurley/devise_token_auth/issues/634)
+- Relax devise dependency to allow 4.1 [\#631](https://github.com/lynndylanhurley/devise_token_auth/issues/631)
+- Rails 5 generator doesn't insert concern [\#627](https://github.com/lynndylanhurley/devise_token_auth/issues/627)
+- NoMethodError \(undefined method `find\_by\_uid'\) in production. [\#625](https://github.com/lynndylanhurley/devise_token_auth/issues/625)
+- Why is password confirmation required ? [\#624](https://github.com/lynndylanhurley/devise_token_auth/issues/624)
+- Curl not working for sign\_in but works on ng-token-angular [\#620](https://github.com/lynndylanhurley/devise_token_auth/issues/620)
+- After Sign-in success, The following requests on Angular side are unauthorized. [\#619](https://github.com/lynndylanhurley/devise_token_auth/issues/619)
+- Omniauth - Facebook app doesn't run callback url after successful Facebook authentication [\#615](https://github.com/lynndylanhurley/devise_token_auth/issues/615)
+- :authenticate\_user! wired behaviour [\#614](https://github.com/lynndylanhurley/devise_token_auth/issues/614)
+- current\_user is nil, request headers are all upcased and prefixed with HTML\_ [\#611](https://github.com/lynndylanhurley/devise_token_auth/issues/611)
+- Problem in generated routes [\#607](https://github.com/lynndylanhurley/devise_token_auth/issues/607)
+- Rails 5 API Mode - no headers in response [\#606](https://github.com/lynndylanhurley/devise_token_auth/issues/606)
+- Filter chain halted as :authenticate\_user! rendered or redirected [\#603](https://github.com/lynndylanhurley/devise_token_auth/issues/603)
+- 422 Unprocessable Entity when using local IP address [\#601](https://github.com/lynndylanhurley/devise_token_auth/issues/601)
+- not working with latest version of active\_model\_serializers [\#600](https://github.com/lynndylanhurley/devise_token_auth/issues/600)
+- overriding rendering methods in devise\_token\_auth [\#597](https://github.com/lynndylanhurley/devise_token_auth/issues/597)
+- redirect\_url is missing in email instructions sent to the user for password reset [\#588](https://github.com/lynndylanhurley/devise_token_auth/issues/588)
+- Unpermitted parameter: {"email":"mail@gmail.com","password":"abcdefgh","password\_confirmation":"abcdefgh"} [\#587](https://github.com/lynndylanhurley/devise_token_auth/issues/587)
+- can't authenticate user when opening a new download tab [\#582](https://github.com/lynndylanhurley/devise_token_auth/issues/582)
+- Mails are not being sent [\#581](https://github.com/lynndylanhurley/devise_token_auth/issues/581)
+- current\_user seems to be nil after doing requests from different tabs [\#579](https://github.com/lynndylanhurley/devise_token_auth/issues/579)
+- Do we have any rspec helpers to sign\_in an user? [\#577](https://github.com/lynndylanhurley/devise_token_auth/issues/577)
+- Cannot override json response of authenticate\_user! [\#575](https://github.com/lynndylanhurley/devise_token_auth/issues/575)
+- return custom json data after sign\_in [\#567](https://github.com/lynndylanhurley/devise_token_auth/issues/567)
+- /auth/validate\_token works but getting 401 unauthorized when sending request with auth headers [\#550](https://github.com/lynndylanhurley/devise_token_auth/issues/550)
+- Where is the access key of omniauth provider? [\#549](https://github.com/lynndylanhurley/devise_token_auth/issues/549)
+- How this gem is different from a JWT system? [\#543](https://github.com/lynndylanhurley/devise_token_auth/issues/543)
+- Improper formatting for JSON API error/success responses [\#536](https://github.com/lynndylanhurley/devise_token_auth/issues/536)
+- Is it a hybrid authentication system? [\#527](https://github.com/lynndylanhurley/devise_token_auth/issues/527)
+- check\_current\_password\_before\_update still requires password when resetting password [\#526](https://github.com/lynndylanhurley/devise_token_auth/issues/526)
+- Manually authenticate for testing [\#521](https://github.com/lynndylanhurley/devise_token_auth/issues/521)
+- Support for STI [\#517](https://github.com/lynndylanhurley/devise_token_auth/issues/517)
+- DEPRECATION WARNING: alias\_method\_chain is deprecated [\#514](https://github.com/lynndylanhurley/devise_token_auth/issues/514)
+- JSON responses don't fit JSON\_API requirements [\#512](https://github.com/lynndylanhurley/devise_token_auth/issues/512)
+- Not working with rails 5 and devise master [\#504](https://github.com/lynndylanhurley/devise_token_auth/issues/504)
+- Unpermitted parameters: confirm\_success\_url, config\_name, registration [\#501](https://github.com/lynndylanhurley/devise_token_auth/issues/501)
+- set\_user\_by\_token not defined in production for rails 5 [\#500](https://github.com/lynndylanhurley/devise_token_auth/issues/500)
+- Master branch no longer working with devise master branch \(version error\) [\#498](https://github.com/lynndylanhurley/devise_token_auth/issues/498)
+- uid is not getting set in git revision 996b9cf23a18 [\#497](https://github.com/lynndylanhurley/devise_token_auth/issues/497)
+- ve\_model\_serializer namespace [\#492](https://github.com/lynndylanhurley/devise_token_auth/issues/492)
+- User remains logged in when using devise and devise\_token\_auth in the same app [\#486](https://github.com/lynndylanhurley/devise_token_auth/issues/486)
+- DEPRECATION WARNING: alias\_method\_chain is deprecated. Rails 5 [\#482](https://github.com/lynndylanhurley/devise_token_auth/issues/482)
+- validate\_token - resource\_name - undefined method `name' for nil:NilClass [\#480](https://github.com/lynndylanhurley/devise_token_auth/issues/480)
+- Helpers being loaded for Rails API's [\#468](https://github.com/lynndylanhurley/devise_token_auth/issues/468)
+- Unable to call `rails g devise\_token\_auth:install` within rails engine [\#465](https://github.com/lynndylanhurley/devise_token_auth/issues/465)
+- locales `errors.messages.already\_in\_use` seems broken [\#463](https://github.com/lynndylanhurley/devise_token_auth/issues/463)
+- It shows "An error occurred" after omniauth callback [\#445](https://github.com/lynndylanhurley/devise_token_auth/issues/445)
+- - [\#444](https://github.com/lynndylanhurley/devise_token_auth/issues/444)
+- Put Access Token in body [\#442](https://github.com/lynndylanhurley/devise_token_auth/issues/442)
+- Unable to add a new param for sign up  [\#440](https://github.com/lynndylanhurley/devise_token_auth/issues/440)
+- Undefined method provider from devise\_toke\_auth concerns/user.rb [\#438](https://github.com/lynndylanhurley/devise_token_auth/issues/438)
+- Scoped DeviseToken but it still affects the original Omniauth redirects. [\#429](https://github.com/lynndylanhurley/devise_token_auth/issues/429)
+- Can't create user via api [\#422](https://github.com/lynndylanhurley/devise_token_auth/issues/422)
+- Password Reset question,  do I need my own form? [\#418](https://github.com/lynndylanhurley/devise_token_auth/issues/418)
+- Large Size on Disk [\#415](https://github.com/lynndylanhurley/devise_token_auth/issues/415)
+- The validate\_token function in the readme is missing a parameter [\#413](https://github.com/lynndylanhurley/devise_token_auth/issues/413)
+- Cannot migrate database: NoMethodError: undefined method `new' for DeviseTokenAuth:Module [\#406](https://github.com/lynndylanhurley/devise_token_auth/issues/406)
+- change\_headers\_on\_each\_request and batch requests [\#403](https://github.com/lynndylanhurley/devise_token_auth/issues/403)
+- Multiple users, returning\(and creating\) wrong model's auth token [\#399](https://github.com/lynndylanhurley/devise_token_auth/issues/399)
+- Can't verify CSRF token authenticity [\#398](https://github.com/lynndylanhurley/devise_token_auth/issues/398)
+- uninitialized constant DeviseTokenAuth::OmniauthCallbacksController::BCrypt [\#393](https://github.com/lynndylanhurley/devise_token_auth/issues/393)
+- Sign in not success. [\#388](https://github.com/lynndylanhurley/devise_token_auth/issues/388)
+- password length  [\#380](https://github.com/lynndylanhurley/devise_token_auth/issues/380)
+- Devise token auth not found routing error [\#379](https://github.com/lynndylanhurley/devise_token_auth/issues/379)
+- Defining a custom primary key [\#378](https://github.com/lynndylanhurley/devise_token_auth/issues/378)
+- seeing other users data after login/out with different users on ionic [\#375](https://github.com/lynndylanhurley/devise_token_auth/issues/375)
+- omniauth: when redirecting, user object should not be serialized into url [\#368](https://github.com/lynndylanhurley/devise_token_auth/issues/368)
+- getting ng-token-auth and devise\_token\_auth to work with OAuth in ionic InAppBrowser [\#367](https://github.com/lynndylanhurley/devise_token_auth/issues/367)
+- omniauth callback redirect not working properly when using namespace/scope [\#362](https://github.com/lynndylanhurley/devise_token_auth/issues/362)
+- invalid token in method set\_user\_by\_token on RegistrationsController\#update [\#357](https://github.com/lynndylanhurley/devise_token_auth/issues/357)
+- Allow devise patch version updates [\#351](https://github.com/lynndylanhurley/devise_token_auth/issues/351)
+- Error validating token [\#348](https://github.com/lynndylanhurley/devise_token_auth/issues/348)
+- Restricting access to controllers methods [\#340](https://github.com/lynndylanhurley/devise_token_auth/issues/340)
+- Allow for HTTP Basic Auth ? [\#337](https://github.com/lynndylanhurley/devise_token_auth/issues/337)
+- Allow Omniauth user reset password [\#335](https://github.com/lynndylanhurley/devise_token_auth/issues/335)
+- NameError \(uninitialized constant DeviseTokenAuth::Concerns::User::BCrypt\) [\#333](https://github.com/lynndylanhurley/devise_token_auth/issues/333)
+- Unpermitted parameters: format, session [\#328](https://github.com/lynndylanhurley/devise_token_auth/issues/328)
+- Concern causes app to connect to database when precompiling assets. [\#327](https://github.com/lynndylanhurley/devise_token_auth/issues/327)
+- devise token auth + Save Facebook auth\_hash info in database [\#326](https://github.com/lynndylanhurley/devise_token_auth/issues/326)
+- Error sending password reset email when not using confirmable \(reopened \#124\) [\#321](https://github.com/lynndylanhurley/devise_token_auth/issues/321)
+- Routing error / Preflight request / OPTIONS [\#320](https://github.com/lynndylanhurley/devise_token_auth/issues/320)
+- delete tokens after password change [\#318](https://github.com/lynndylanhurley/devise_token_auth/issues/318)
+- Can't authorize \(user\_signed\_in? always show false\) [\#315](https://github.com/lynndylanhurley/devise_token_auth/issues/315)
+- Warden::SessionSerializer - wrong number of arguments \(2 for 1\) [\#312](https://github.com/lynndylanhurley/devise_token_auth/issues/312)
+- The action 'twitter' could not be found for DeviseTokenAuth::OmniauthCallbacksController [\#309](https://github.com/lynndylanhurley/devise_token_auth/issues/309)
+- Having 401 Unauthorized only with mobile [\#305](https://github.com/lynndylanhurley/devise_token_auth/issues/305)
+- remove unused nickname, image from user object [\#304](https://github.com/lynndylanhurley/devise_token_auth/issues/304)
+- HI, This is more of a doubt since I could not finding anything related to this in your documentation. [\#300](https://github.com/lynndylanhurley/devise_token_auth/issues/300)
+- Getting 401's when making requests using iOS/Android clients [\#299](https://github.com/lynndylanhurley/devise_token_auth/issues/299)
+- undefined method `tokens' for \#\<Hash:0x000000063f0920\> [\#297](https://github.com/lynndylanhurley/devise_token_auth/issues/297)
+- Confirmation URL giving bad arguments [\#293](https://github.com/lynndylanhurley/devise_token_auth/issues/293)
+- set\_user\_by\_token not called in overriden controller [\#291](https://github.com/lynndylanhurley/devise_token_auth/issues/291)
+- Question:  Should we send password reset instructions to unconfirmed emails? [\#287](https://github.com/lynndylanhurley/devise_token_auth/issues/287)
+- NoMethodError \(undefined method `\[\]' for nil:NilClass\): [\#286](https://github.com/lynndylanhurley/devise_token_auth/issues/286)
+- Facebook omniauth redirection is missing url when testing on localhost [\#285](https://github.com/lynndylanhurley/devise_token_auth/issues/285)
+- No route matches \[GET\] "/users/facebook/callback" [\#280](https://github.com/lynndylanhurley/devise_token_auth/issues/280)
+- No route matches \[GET\] "/omniauth/:provider" [\#278](https://github.com/lynndylanhurley/devise_token_auth/issues/278)
+- How to refresh token/expiry? [\#275](https://github.com/lynndylanhurley/devise_token_auth/issues/275)
+- wrong number of arguments \(1 for 0\): in DeviseTokenAuth::RegistrationsController\#create  [\#274](https://github.com/lynndylanhurley/devise_token_auth/issues/274)
+- Can not save a user with nil tokens attribute [\#271](https://github.com/lynndylanhurley/devise_token_auth/issues/271)
+- Shouldn't validate\_token param be access-token, not auth\_token? [\#270](https://github.com/lynndylanhurley/devise_token_auth/issues/270)
+- include associations on login [\#269](https://github.com/lynndylanhurley/devise_token_auth/issues/269)
+- Failure route not handled [\#262](https://github.com/lynndylanhurley/devise_token_auth/issues/262)
+- Getting Unauthorized error even after sending the correct token, uid and client [\#261](https://github.com/lynndylanhurley/devise_token_auth/issues/261)
+- Weird error message [\#259](https://github.com/lynndylanhurley/devise_token_auth/issues/259)
+- undefined method `provider' for \#\<User:0x007f49fd5da2e8\> [\#257](https://github.com/lynndylanhurley/devise_token_auth/issues/257)
+- Custom Serializer like ActiveModel Serializer [\#249](https://github.com/lynndylanhurley/devise_token_auth/issues/249)
+- File download with query params [\#246](https://github.com/lynndylanhurley/devise_token_auth/issues/246)
+- Info: is devise\_token\_auth compatible with rails 3.2.19? [\#245](https://github.com/lynndylanhurley/devise_token_auth/issues/245)
+- Headers required for different methods [\#243](https://github.com/lynndylanhurley/devise_token_auth/issues/243)
+- Unpermitted parameters: format, session, lang [\#239](https://github.com/lynndylanhurley/devise_token_auth/issues/239)
+- On sign\_in, devise\_token\_auth expects the uid to be the same as the email [\#237](https://github.com/lynndylanhurley/devise_token_auth/issues/237)
+- Name conflict with inherited\_resources [\#236](https://github.com/lynndylanhurley/devise_token_auth/issues/236)
+- sign\_in will not fetch the token [\#234](https://github.com/lynndylanhurley/devise_token_auth/issues/234)
+- Remove \('\#'\) symbol when using html5mode in locationProvider [\#232](https://github.com/lynndylanhurley/devise_token_auth/issues/232)
+- Log in request 401 error [\#231](https://github.com/lynndylanhurley/devise_token_auth/issues/231)
+- User Registration - "email address already in use" when it is unique [\#230](https://github.com/lynndylanhurley/devise_token_auth/issues/230)
+- Devise email validation disabled...why? [\#229](https://github.com/lynndylanhurley/devise_token_auth/issues/229)
+- confirm\_success\_url error not working [\#226](https://github.com/lynndylanhurley/devise_token_auth/issues/226)
+- pending\_reconfirmation called when confirmable isn't used [\#224](https://github.com/lynndylanhurley/devise_token_auth/issues/224)
+- omniauth\_success.html.erb JSON bug [\#221](https://github.com/lynndylanhurley/devise_token_auth/issues/221)
+- Using devise\_token\_auth and ng\_token\_auth with angularJS in an Ionic Hybrid application [\#218](https://github.com/lynndylanhurley/devise_token_auth/issues/218)
+- Where can I got token? [\#217](https://github.com/lynndylanhurley/devise_token_auth/issues/217)
+- URI fragment prevent to send params in Confirmation URL [\#213](https://github.com/lynndylanhurley/devise_token_auth/issues/213)
+- Generating many client tokens [\#210](https://github.com/lynndylanhurley/devise_token_auth/issues/210)
+- Limit tokens hash? [\#208](https://github.com/lynndylanhurley/devise_token_auth/issues/208)
+- 500 error returned when no data is POSTed to registration controller [\#203](https://github.com/lynndylanhurley/devise_token_auth/issues/203)
+- undefined method `match' for nil:NilClass [\#201](https://github.com/lynndylanhurley/devise_token_auth/issues/201)
+- DELETE method becoming OPTIONS @ Heroku [\#197](https://github.com/lynndylanhurley/devise_token_auth/issues/197)
+- 40 Mb log file and 1 minute to have token with curl [\#195](https://github.com/lynndylanhurley/devise_token_auth/issues/195)
+- 401 unauthorized [\#193](https://github.com/lynndylanhurley/devise_token_auth/issues/193)
+- GET requests to sign\_in shouldn't raise an exception [\#190](https://github.com/lynndylanhurley/devise_token_auth/issues/190)
+- Api not locked by default [\#189](https://github.com/lynndylanhurley/devise_token_auth/issues/189)
+- Rails  4.1 [\#187](https://github.com/lynndylanhurley/devise_token_auth/issues/187)
+- Unable to override OmniauthCallbacksController\#redirect\_callbacks [\#186](https://github.com/lynndylanhurley/devise_token_auth/issues/186)
+- Devise and devise\_token\_auth omniauth callbacks [\#184](https://github.com/lynndylanhurley/devise_token_auth/issues/184)
+- Token based authentication with no sessions [\#183](https://github.com/lynndylanhurley/devise_token_auth/issues/183)
+- undefined method `authenticate\_user!' [\#182](https://github.com/lynndylanhurley/devise_token_auth/issues/182)
+- confirm\_success\_url shouldn't be a required param [\#176](https://github.com/lynndylanhurley/devise_token_auth/issues/176)
+- Provide an OAuth implementation for native apps [\#175](https://github.com/lynndylanhurley/devise_token_auth/issues/175)
+- getting an argument error when trying to use omniauth [\#174](https://github.com/lynndylanhurley/devise_token_auth/issues/174)
+- Sign in via username doesn't seem to work correctly. [\#173](https://github.com/lynndylanhurley/devise_token_auth/issues/173)
+- Cannot use + sign in email address. [\#171](https://github.com/lynndylanhurley/devise_token_auth/issues/171)
+- How can i authenticate using curl and get private entries ! [\#167](https://github.com/lynndylanhurley/devise_token_auth/issues/167)
+- Pessimistic Locking produces ArgumentError [\#165](https://github.com/lynndylanhurley/devise_token_auth/issues/165)
+- POTENTIAL SECURITY RISK: Setting confirm\_success\_url and redirect\_url via API [\#162](https://github.com/lynndylanhurley/devise_token_auth/issues/162)
+- Sign out just on client side ? [\#161](https://github.com/lynndylanhurley/devise_token_auth/issues/161)
+- Unpermitted parameter: redirect\_url [\#160](https://github.com/lynndylanhurley/devise_token_auth/issues/160)
+- Issues using devise and devise\_token\_auth [\#159](https://github.com/lynndylanhurley/devise_token_auth/issues/159)
+- Add role based authorization [\#158](https://github.com/lynndylanhurley/devise_token_auth/issues/158)
+- Not compatible with ActiveAdmin [\#156](https://github.com/lynndylanhurley/devise_token_auth/issues/156)
+- \[Duplicate\] is devise\_invitable supported? [\#154](https://github.com/lynndylanhurley/devise_token_auth/issues/154)
+- User can register with a "false" email [\#149](https://github.com/lynndylanhurley/devise_token_auth/issues/149)
+- /validate\_token [\#148](https://github.com/lynndylanhurley/devise_token_auth/issues/148)
+- Email confirmation link [\#147](https://github.com/lynndylanhurley/devise_token_auth/issues/147)
+- Tokens field on database [\#146](https://github.com/lynndylanhurley/devise_token_auth/issues/146)
+- Twitter OAuth always throughs CookieOverflow [\#145](https://github.com/lynndylanhurley/devise_token_auth/issues/145)
+- Is there a way to configure apiUrl for both dev and prod? [\#144](https://github.com/lynndylanhurley/devise_token_auth/issues/144)
+- Getting 401 unauthorized on login attempt [\#142](https://github.com/lynndylanhurley/devise_token_auth/issues/142)
+- Comparing with jwt [\#140](https://github.com/lynndylanhurley/devise_token_auth/issues/140)
+- Can't get omniauth to work \(error in redirect\_callbacks\) [\#139](https://github.com/lynndylanhurley/devise_token_auth/issues/139)
+- Change controller inheritance [\#138](https://github.com/lynndylanhurley/devise_token_auth/issues/138)
+- Reset Password call returns 400 for Not Found user [\#137](https://github.com/lynndylanhurley/devise_token_auth/issues/137)
+- The gem is too big. Please take care of it. [\#136](https://github.com/lynndylanhurley/devise_token_auth/issues/136)
+- Error when loging with facebook the second time without logout [\#135](https://github.com/lynndylanhurley/devise_token_auth/issues/135)
+- OmniAuth redirect doesn't work if using the generated mount\_devise\_token route [\#133](https://github.com/lynndylanhurley/devise_token_auth/issues/133)
+- Missing template /omniauth\_response  [\#132](https://github.com/lynndylanhurley/devise_token_auth/issues/132)
+- Unpermitted parameter: session [\#130](https://github.com/lynndylanhurley/devise_token_auth/issues/130)
+- OAuth error: We're sorry, but something went wrong [\#129](https://github.com/lynndylanhurley/devise_token_auth/issues/129)
+- Would it be useful to integrate login with username ? [\#127](https://github.com/lynndylanhurley/devise_token_auth/issues/127)
+- Sign in with login instead of email [\#126](https://github.com/lynndylanhurley/devise_token_auth/issues/126)
+- Error sending password reset email when not using confirmable [\#124](https://github.com/lynndylanhurley/devise_token_auth/issues/124)
+- Using expired token for parallel calls [\#123](https://github.com/lynndylanhurley/devise_token_auth/issues/123)
+- User tokens don't properly deserialize [\#121](https://github.com/lynndylanhurley/devise_token_auth/issues/121)
+- OmniauthCallbacksController\#omniauth\_success wrong number of arguments \(1 for 0\) [\#119](https://github.com/lynndylanhurley/devise_token_auth/issues/119)
+- Could not load 'omniauth' [\#118](https://github.com/lynndylanhurley/devise_token_auth/issues/118)
+- bad argument \(expected URI object or URI string\) [\#116](https://github.com/lynndylanhurley/devise_token_auth/issues/116)
+- devise\_token\_auth for public API, but devise for rest of app? [\#114](https://github.com/lynndylanhurley/devise_token_auth/issues/114)
+- Omniauthable deleted on UsersConcern : Why ? [\#111](https://github.com/lynndylanhurley/devise_token_auth/issues/111)
+- Unrequired route [\#110](https://github.com/lynndylanhurley/devise_token_auth/issues/110)
+- raises NoMethodError instead of displaying error when email is missing [\#108](https://github.com/lynndylanhurley/devise_token_auth/issues/108)
+- Error with RailsAdmin. "The action 'new' could not be found for DeviseTokenAuth::SessionsController" [\#107](https://github.com/lynndylanhurley/devise_token_auth/issues/107)
+- Circular dependency detected while autoloading constant Api [\#106](https://github.com/lynndylanhurley/devise_token_auth/issues/106)
+- Can't Authenticate via cURL [\#105](https://github.com/lynndylanhurley/devise_token_auth/issues/105)
+- Unpermitted parameters: user, registration [\#104](https://github.com/lynndylanhurley/devise_token_auth/issues/104)
+- BCrypt::Errors::InvalidSalt errors [\#103](https://github.com/lynndylanhurley/devise_token_auth/issues/103)
+- Active job token expiring integration [\#102](https://github.com/lynndylanhurley/devise_token_auth/issues/102)
+- The action 'new' could not be found for DeviseTokenAuth::RegistrationsController [\#100](https://github.com/lynndylanhurley/devise_token_auth/issues/100)
+- Disable confirmable [\#99](https://github.com/lynndylanhurley/devise_token_auth/issues/99)
+- responders - rails 4.2 [\#98](https://github.com/lynndylanhurley/devise_token_auth/issues/98)
+- forward skip to devise [\#97](https://github.com/lynndylanhurley/devise_token_auth/issues/97)
+- API versioning the devise scope of token validation and ominiauth controller path will wrap up [\#96](https://github.com/lynndylanhurley/devise_token_auth/issues/96)
+- Overwriting default "from" email address [\#94](https://github.com/lynndylanhurley/devise_token_auth/issues/94)
+- uninitialized constant DeviseTokenAuth [\#92](https://github.com/lynndylanhurley/devise_token_auth/issues/92)
+- change\_headers\_on\_each\_request not working expiry header empty [\#90](https://github.com/lynndylanhurley/devise_token_auth/issues/90)
+- Gem render consistency [\#87](https://github.com/lynndylanhurley/devise_token_auth/issues/87)
+- Sample Sessions Controller for logging in via Rails View. [\#86](https://github.com/lynndylanhurley/devise_token_auth/issues/86)
+- Change authorization key: Use phone\_number instead of email [\#84](https://github.com/lynndylanhurley/devise_token_auth/issues/84)
+- Conflict with active\_admin gem [\#83](https://github.com/lynndylanhurley/devise_token_auth/issues/83)
+- NoMethodError in DeviseTokenAuth::OmniauthCallbacksController\#redirect\_callbacks [\#82](https://github.com/lynndylanhurley/devise_token_auth/issues/82)
+- All the APIs are getting 'Authorized users only' [\#81](https://github.com/lynndylanhurley/devise_token_auth/issues/81)
+- Is Devise option Rememberable required ? [\#80](https://github.com/lynndylanhurley/devise_token_auth/issues/80)
+- Problem with skip\_confirmation! [\#78](https://github.com/lynndylanhurley/devise_token_auth/issues/78)
+- Cannot reset password if registered by omniauth [\#77](https://github.com/lynndylanhurley/devise_token_auth/issues/77)
+- NoMethodError at /omniauth/facebook/callback - undefined method `\[\]' for nil:NilClass [\#76](https://github.com/lynndylanhurley/devise_token_auth/issues/76)
+- Remove dependency on ActiveRecord [\#72](https://github.com/lynndylanhurley/devise_token_auth/issues/72)
+- Skipping Registrations Controller Altogether [\#70](https://github.com/lynndylanhurley/devise_token_auth/issues/70)
+- Problem in validate\_token if the model is in a namespace [\#69](https://github.com/lynndylanhurley/devise_token_auth/issues/69)
+- Cannot send confirmation email if there is no 'User' model [\#68](https://github.com/lynndylanhurley/devise_token_auth/issues/68)
+- Better guidelines for contributors [\#65](https://github.com/lynndylanhurley/devise_token_auth/issues/65)
+- admin namespace [\#63](https://github.com/lynndylanhurley/devise_token_auth/issues/63)
+- Devise trackable module not working [\#62](https://github.com/lynndylanhurley/devise_token_auth/issues/62)
+- Devise\_token\_auth without OmniAuth authentication [\#60](https://github.com/lynndylanhurley/devise_token_auth/issues/60)
+- Reset Password error [\#59](https://github.com/lynndylanhurley/devise_token_auth/issues/59)
+- Confirmable - unconfirmed email [\#58](https://github.com/lynndylanhurley/devise_token_auth/issues/58)
+- Email Column Isn't Used for Database Authentication [\#56](https://github.com/lynndylanhurley/devise_token_auth/issues/56)
+- Unique Key for Provider and UID Combination [\#55](https://github.com/lynndylanhurley/devise_token_auth/issues/55)
+- User Info in separate table or removed [\#53](https://github.com/lynndylanhurley/devise_token_auth/issues/53)
+- rename @user to @resource [\#48](https://github.com/lynndylanhurley/devise_token_auth/issues/48)
+- Active\_admin issue [\#47](https://github.com/lynndylanhurley/devise_token_auth/issues/47)
+- Possible Logout Issue [\#46](https://github.com/lynndylanhurley/devise_token_auth/issues/46)
+- Routes not appended to routes.rb [\#45](https://github.com/lynndylanhurley/devise_token_auth/issues/45)
+- Return resource.errors.full\_messages in addition to resource.errors [\#44](https://github.com/lynndylanhurley/devise_token_auth/issues/44)
+- Devise and Devise\_Token\_Auth in api namespace [\#43](https://github.com/lynndylanhurley/devise_token_auth/issues/43)
+- Trackable attributes are not being updated. [\#42](https://github.com/lynndylanhurley/devise_token_auth/issues/42)
+- Avoid using respond\_to in application controller [\#41](https://github.com/lynndylanhurley/devise_token_auth/issues/41)
+- devise\_token\_auth assumes you want the :confirmable functionality [\#40](https://github.com/lynndylanhurley/devise_token_auth/issues/40)
+- undefined method `match' for nil:NilClass [\#39](https://github.com/lynndylanhurley/devise_token_auth/issues/39)
+- Expired token aren't removed when session expires [\#38](https://github.com/lynndylanhurley/devise_token_auth/issues/38)
+- sign\_up helper  [\#37](https://github.com/lynndylanhurley/devise_token_auth/issues/37)
+- self.tokens\[client\_id\]\['token'\] != token [\#30](https://github.com/lynndylanhurley/devise_token_auth/issues/30)
+- How is the uid generated for non-omniauth users? [\#29](https://github.com/lynndylanhurley/devise_token_auth/issues/29)
+- Access to current\_user variable? [\#28](https://github.com/lynndylanhurley/devise_token_auth/issues/28)
+- Filter chain halted as :require\_no\_authentication  [\#27](https://github.com/lynndylanhurley/devise_token_auth/issues/27)
+- Allow additional parameters for registration [\#25](https://github.com/lynndylanhurley/devise_token_auth/issues/25)
+- Cannot add more parameters at sign\_up  [\#22](https://github.com/lynndylanhurley/devise_token_auth/issues/22)
+- Error on Registration [\#21](https://github.com/lynndylanhurley/devise_token_auth/issues/21)
+- Error with authentication [\#20](https://github.com/lynndylanhurley/devise_token_auth/issues/20)
+- Cascade of Issues with Omniauth\(?\) [\#18](https://github.com/lynndylanhurley/devise_token_auth/issues/18)
+- Batch Requests Respond with Original Auth Token [\#17](https://github.com/lynndylanhurley/devise_token_auth/issues/17)
+- Sign out with email provider error [\#16](https://github.com/lynndylanhurley/devise_token_auth/issues/16)
+- sessions\_controller.rb [\#12](https://github.com/lynndylanhurley/devise_token_auth/issues/12)
+- Github login in example is broken [\#10](https://github.com/lynndylanhurley/devise_token_auth/issues/10)
+- Facebook auth is broken [\#9](https://github.com/lynndylanhurley/devise_token_auth/issues/9)
+- Generator is not working [\#8](https://github.com/lynndylanhurley/devise_token_auth/issues/8)
+- Test ticket from Code Climate [\#6](https://github.com/lynndylanhurley/devise_token_auth/issues/6)
+- Test ticket from Code Climate [\#5](https://github.com/lynndylanhurley/devise_token_auth/issues/5)
+- extending the devise\_token\_auth user model [\#4](https://github.com/lynndylanhurley/devise_token_auth/issues/4)
+- A few ideas [\#3](https://github.com/lynndylanhurley/devise_token_auth/issues/3)
+- Google Oauth2 does not set cookies in production. [\#1](https://github.com/lynndylanhurley/devise_token_auth/issues/1)
+
+**Merged pull requests:**
+
+- Translate message: Authorized users only through devise [\#883](https://github.com/lynndylanhurley/devise_token_auth/pull/883) ([vincenzodev](https://github.com/vincenzodev))
+- Updated generator test code to work with rails 5 [\#872](https://github.com/lynndylanhurley/devise_token_auth/pull/872) ([jrhee17](https://github.com/jrhee17))
+- use URI::HTTPS to generate HTTPS redirects [\#864](https://github.com/lynndylanhurley/devise_token_auth/pull/864) ([cgc](https://github.com/cgc))
+- Rename find\_by methods [\#860](https://github.com/lynndylanhurley/devise_token_auth/pull/860) ([alex-lairan](https://github.com/alex-lairan))
+- Support for Devise 4.2.1 [\#852](https://github.com/lynndylanhurley/devise_token_auth/pull/852) ([ckho](https://github.com/ckho))
+- Add Albanian locale [\#842](https://github.com/lynndylanhurley/devise_token_auth/pull/842) ([fatosmorina](https://github.com/fatosmorina))
+- Update german translation. [\#816](https://github.com/lynndylanhurley/devise_token_auth/pull/816) ([gobijan](https://github.com/gobijan))
+- Prevent getting table info if not connected to db [\#814](https://github.com/lynndylanhurley/devise_token_auth/pull/814) ([cbliard](https://github.com/cbliard))
+- Add support for italian locale [\#811](https://github.com/lynndylanhurley/devise_token_auth/pull/811) ([Chosko](https://github.com/Chosko))
+- Fix privacy issue with password reset request [\#808](https://github.com/lynndylanhurley/devise_token_auth/pull/808) ([biomancer](https://github.com/biomancer))
+- Add missing parameter :redirect\_url, fixes \#805 [\#806](https://github.com/lynndylanhurley/devise_token_auth/pull/806) ([Rush](https://github.com/Rush))
+- Fix language errors in German locale [\#800](https://github.com/lynndylanhurley/devise_token_auth/pull/800) ([morgler](https://github.com/morgler))
+- Don't send extra data on request password reset [\#798](https://github.com/lynndylanhurley/devise_token_auth/pull/798) ([Mrjaco12](https://github.com/Mrjaco12))
+- Travis: use the code\_climate addon config [\#786](https://github.com/lynndylanhurley/devise_token_auth/pull/786) ([olleolleolle](https://github.com/olleolleolle))
+- Update link [\#782](https://github.com/lynndylanhurley/devise_token_auth/pull/782) ([dijonkitchen](https://github.com/dijonkitchen))
+- Add index for confirmation\_token [\#767](https://github.com/lynndylanhurley/devise_token_auth/pull/767) ([dijonkitchen](https://github.com/dijonkitchen))
+- Fixes constructing redirect\_route [\#765](https://github.com/lynndylanhurley/devise_token_auth/pull/765) ([piotrkaczmarek](https://github.com/piotrkaczmarek))
+- Use standart ActiveRecord error message for email uniqueness validation [\#746](https://github.com/lynndylanhurley/devise_token_auth/pull/746) ([mpugach](https://github.com/mpugach))
+- Add Romanian locale. [\#743](https://github.com/lynndylanhurley/devise_token_auth/pull/743) ([razvanmitre](https://github.com/razvanmitre))
+- Ruby syntax: replace and/not with &&/! [\#733](https://github.com/lynndylanhurley/devise_token_auth/pull/733) ([olleolleolle](https://github.com/olleolleolle))
+- Update indexes on template [\#724](https://github.com/lynndylanhurley/devise_token_auth/pull/724) ([dijonkitchen](https://github.com/dijonkitchen))
+- Add an extra line to the "contributing" list [\#720](https://github.com/lynndylanhurley/devise_token_auth/pull/720) ([jahammo2](https://github.com/jahammo2))
+- Fix grammar [\#712](https://github.com/lynndylanhurley/devise_token_auth/pull/712) ([dijonkitchen](https://github.com/dijonkitchen))
+- Added reference to Angular2-Token to README [\#710](https://github.com/lynndylanhurley/devise_token_auth/pull/710) ([neroniaky](https://github.com/neroniaky))
+- feat\(whitelist\): add wildcard support for redirect\_whitelist patterns [\#709](https://github.com/lynndylanhurley/devise_token_auth/pull/709) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- Fix Migration Deprecation Warning [\#700](https://github.com/lynndylanhurley/devise_token_auth/pull/700) ([juddey](https://github.com/juddey))
+- Apply `redirect\_whitelist` to OAuth redirect URI. [\#699](https://github.com/lynndylanhurley/devise_token_auth/pull/699) ([lynndylanhurley](https://github.com/lynndylanhurley))
+- add zh-CN.yml [\#697](https://github.com/lynndylanhurley/devise_token_auth/pull/697) ([halfray](https://github.com/halfray))
+- update README.md [\#693](https://github.com/lynndylanhurley/devise_token_auth/pull/693) ([nhattan](https://github.com/nhattan))
+- Fix for issue \#600 [\#674](https://github.com/lynndylanhurley/devise_token_auth/pull/674) ([milep](https://github.com/milep))
+- Use lockable devise option and unlock controller overwrite [\#669](https://github.com/lynndylanhurley/devise_token_auth/pull/669) ([genaromadrid](https://github.com/genaromadrid))
+- Fix setup config example in README [\#665](https://github.com/lynndylanhurley/devise_token_auth/pull/665) ([guich-wo](https://github.com/guich-wo))
+- added bypass\_sign\_in for next version of Devise [\#663](https://github.com/lynndylanhurley/devise_token_auth/pull/663) ([KendallPark](https://github.com/KendallPark))
+- fix method 'is\_json\_api' with active\_model\_serialier v 0.10.0 [\#651](https://github.com/lynndylanhurley/devise_token_auth/pull/651) ([woodcrust](https://github.com/woodcrust))
+- Tokens count overmuch fixed [\#650](https://github.com/lynndylanhurley/devise_token_auth/pull/650) ([JerryGreen](https://github.com/JerryGreen))
+- updates config wrapper to conform with newer idiom [\#648](https://github.com/lynndylanhurley/devise_token_auth/pull/648) ([bvandgrift](https://github.com/bvandgrift))
+- Adding support for devise 4.1.1 [\#642](https://github.com/lynndylanhurley/devise_token_auth/pull/642) ([iainmcg](https://github.com/iainmcg))
+- Updating Devise dependency to max 4.1.1 [\#641](https://github.com/lynndylanhurley/devise_token_auth/pull/641) ([TGRGIT](https://github.com/TGRGIT))
+- Fix yields from controller actions [\#638](https://github.com/lynndylanhurley/devise_token_auth/pull/638) ([tiagojsag](https://github.com/tiagojsag))
+- Fix generator to correctly inject content into the user model in rails 5 [\#636](https://github.com/lynndylanhurley/devise_token_auth/pull/636) ([ethangk](https://github.com/ethangk))
+- fix spelling in comment on token auth concern [\#632](https://github.com/lynndylanhurley/devise_token_auth/pull/632) ([dandlezzz](https://github.com/dandlezzz))
+- fixed devise deprecation warning for config.email\_regexp [\#618](https://github.com/lynndylanhurley/devise_token_auth/pull/618) ([lemuelbarango](https://github.com/lemuelbarango))
+- Revert "Update readme for headers names" [\#592](https://github.com/lynndylanhurley/devise_token_auth/pull/592) ([ash1day](https://github.com/ash1day))
+- Update readme for headers names [\#589](https://github.com/lynndylanhurley/devise_token_auth/pull/589) ([ash1day](https://github.com/ash1day))
+- Add info to README [\#585](https://github.com/lynndylanhurley/devise_token_auth/pull/585) ([ghost](https://github.com/ghost))
+- Fix typo and remove trailing spaces [\#578](https://github.com/lynndylanhurley/devise_token_auth/pull/578) ([ash1day](https://github.com/ash1day))
+- allowing authenticating using headers as well as a post request [\#576](https://github.com/lynndylanhurley/devise_token_auth/pull/576) ([ingolfured](https://github.com/ingolfured))
+- Whitespace: tabs removed [\#574](https://github.com/lynndylanhurley/devise_token_auth/pull/574) ([olleolleolle](https://github.com/olleolleolle))
+- Added dutch translations [\#571](https://github.com/lynndylanhurley/devise_token_auth/pull/571) ([nschmoller](https://github.com/nschmoller))
+- now possible to change headers names in the config file [\#569](https://github.com/lynndylanhurley/devise_token_auth/pull/569) ([ingolfured](https://github.com/ingolfured))
+- User concern: Ensure fallback is in place [\#564](https://github.com/lynndylanhurley/devise_token_auth/pull/564) ([olleolleolle](https://github.com/olleolleolle))
+- Return resource with top-level 'type' member. [\#562](https://github.com/lynndylanhurley/devise_token_auth/pull/562) ([ruimiguelsantos](https://github.com/ruimiguelsantos))
+- Fix devise mapping [\#540](https://github.com/lynndylanhurley/devise_token_auth/pull/540) ([merqlove](https://github.com/merqlove))
+- Make all json responses to be json\_api compliant [\#537](https://github.com/lynndylanhurley/devise_token_auth/pull/537) ([djsegal](https://github.com/djsegal))
+- Avoid sending auth headers if while processing used token is cleared [\#531](https://github.com/lynndylanhurley/devise_token_auth/pull/531) ([virginia-rodriguez](https://github.com/virginia-rodriguez))
+- Add Japanese locale and fix typo [\#530](https://github.com/lynndylanhurley/devise_token_auth/pull/530) ([metalunk](https://github.com/metalunk))
+- Added omniauth post route [\#528](https://github.com/lynndylanhurley/devise_token_auth/pull/528) ([v3rtx](https://github.com/v3rtx))
+- Extract model callbacks [\#525](https://github.com/lynndylanhurley/devise_token_auth/pull/525) ([merqlove](https://github.com/merqlove))
+- create token when no client\_id token [\#523](https://github.com/lynndylanhurley/devise_token_auth/pull/523) ([charlesdg](https://github.com/charlesdg))
+- Fix enable\_standard\_devise\_support in initializer [\#518](https://github.com/lynndylanhurley/devise_token_auth/pull/518) ([halilim](https://github.com/halilim))
+- Make render\_create\_success render valid json\_api [\#513](https://github.com/lynndylanhurley/devise_token_auth/pull/513) ([djsegal](https://github.com/djsegal))
+- Prevent raise of exception if set\_user\_by\_token not defined [\#511](https://github.com/lynndylanhurley/devise_token_auth/pull/511) ([jeryRazakarison](https://github.com/jeryRazakarison))
+- send\_on\_create\_confirmation\_instructions callback isn't defined \(rails 5\) [\#508](https://github.com/lynndylanhurley/devise_token_auth/pull/508) ([fivetwentysix](https://github.com/fivetwentysix))
+- \[REBASE\] Fix rails 5 deprecation and devise parameter sanitization [\#507](https://github.com/lynndylanhurley/devise_token_auth/pull/507) ([fivetwentysix](https://github.com/fivetwentysix))
+- remove deprecations from RegistrationsController [\#506](https://github.com/lynndylanhurley/devise_token_auth/pull/506) ([fivetwentysix](https://github.com/fivetwentysix))
+- Allow new devise version for rails 5 compatibility [\#499](https://github.com/lynndylanhurley/devise_token_auth/pull/499) ([djsegal](https://github.com/djsegal))
+- Spelling mistake [\#493](https://github.com/lynndylanhurley/devise_token_auth/pull/493) ([Tom-Tom](https://github.com/Tom-Tom))
+- Improve Brazilian Portuguese locale [\#491](https://github.com/lynndylanhurley/devise_token_auth/pull/491) ([ssouza](https://github.com/ssouza))
+- fix namespaced mapping name [\#484](https://github.com/lynndylanhurley/devise_token_auth/pull/484) ([paulosoares86](https://github.com/paulosoares86))
+- Locale file for both zh-TW and zh-HK [\#483](https://github.com/lynndylanhurley/devise_token_auth/pull/483) ([SunnyTam](https://github.com/SunnyTam))
+- Fixed typos and inconsistencies in ru.yml [\#478](https://github.com/lynndylanhurley/devise_token_auth/pull/478) ([fertingoff](https://github.com/fertingoff))
+- Fixes Issue \#362: Fixes for the omniauth redirection issue for namesp… [\#476](https://github.com/lynndylanhurley/devise_token_auth/pull/476) ([devilankur18](https://github.com/devilankur18))
+- removing old tokens when user changes passwords [\#474](https://github.com/lynndylanhurley/devise_token_auth/pull/474) ([paulosoares86](https://github.com/paulosoares86))
+- Move travis to container based configuration [\#470](https://github.com/lynndylanhurley/devise_token_auth/pull/470) ([ValentinTrinque](https://github.com/ValentinTrinque))
+- Prevent helpers being loaded for Rails API’s [\#469](https://github.com/lynndylanhurley/devise_token_auth/pull/469) ([djsegal](https://github.com/djsegal))
+- Reduce dependencies to allow Rails 5.0 [\#467](https://github.com/lynndylanhurley/devise_token_auth/pull/467) ([djsegal](https://github.com/djsegal))
+- Fix locales `errors.messages.already\_in\_use` + clean up [\#466](https://github.com/lynndylanhurley/devise_token_auth/pull/466) ([ValentinTrinque](https://github.com/ValentinTrinque))
+- Added 401 response to failed group authentication [\#446](https://github.com/lynndylanhurley/devise_token_auth/pull/446) ([rstrobl](https://github.com/rstrobl))
+- RU translations [\#441](https://github.com/lynndylanhurley/devise_token_auth/pull/441) ([yivo](https://github.com/yivo))
+- to keep coherent with devise. pt instead of pt-PT.yml [\#436](https://github.com/lynndylanhurley/devise_token_auth/pull/436) ([rmvenancio](https://github.com/rmvenancio))
+- limiting the number of concurrent devices [\#434](https://github.com/lynndylanhurley/devise_token_auth/pull/434) ([paulosoares86](https://github.com/paulosoares86))
+- Raise error in controller method [\#430](https://github.com/lynndylanhurley/devise_token_auth/pull/430) ([ArneZsng](https://github.com/ArneZsng))
+- feat\(enable-standard-devise\): allow configurable support of legacy Devise authentication [\#428](https://github.com/lynndylanhurley/devise_token_auth/pull/428) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- Support for i18n in mailers views  [\#427](https://github.com/lynndylanhurley/devise_token_auth/pull/427) ([ponyesteves](https://github.com/ponyesteves))
+- Fix omniauthredirection when under scopes [\#425](https://github.com/lynndylanhurley/devise_token_auth/pull/425) ([xjunior](https://github.com/xjunior))
+- Translation to German [\#423](https://github.com/lynndylanhurley/devise_token_auth/pull/423) ([haslinger](https://github.com/haslinger))
+- fix\(url\): preserve query parameters when building urls [\#421](https://github.com/lynndylanhurley/devise_token_auth/pull/421) ([nbrustein](https://github.com/nbrustein))
+- Change default message for already in use error and added to english … [\#417](https://github.com/lynndylanhurley/devise_token_auth/pull/417) ([ponyesteves](https://github.com/ponyesteves))
+- Issue \#413 [\#414](https://github.com/lynndylanhurley/devise_token_auth/pull/414) ([Carrigan](https://github.com/Carrigan))
+- Add .ruby-version entry to .gitignore [\#412](https://github.com/lynndylanhurley/devise_token_auth/pull/412) ([xymbol](https://github.com/xymbol))
+- 404 for invalid link with password reset token [\#411](https://github.com/lynndylanhurley/devise_token_auth/pull/411) ([rmvenancio](https://github.com/rmvenancio))
+- Portuguese Translation [\#409](https://github.com/lynndylanhurley/devise_token_auth/pull/409) ([rmvenancio](https://github.com/rmvenancio))
+- Added polish translation. [\#405](https://github.com/lynndylanhurley/devise_token_auth/pull/405) ([h3xed](https://github.com/h3xed))
+- Drop .ruby-version file [\#404](https://github.com/lynndylanhurley/devise_token_auth/pull/404) ([xymbol](https://github.com/xymbol))
+- Implement hook methods for customized json rendering [\#384](https://github.com/lynndylanhurley/devise_token_auth/pull/384) ([neutronz](https://github.com/neutronz))
+- Feature/password reset with check fix [\#374](https://github.com/lynndylanhurley/devise_token_auth/pull/374) ([jakubrohleder](https://github.com/jakubrohleder))
+- fix\(oauth\): fixes \#368: do not serialize the entire user object in the url when redirecting from oauth [\#371](https://github.com/lynndylanhurley/devise_token_auth/pull/371) ([nbrustein](https://github.com/nbrustein))
+- Fallback to ActiveModel translations in EmailValidator [\#369](https://github.com/lynndylanhurley/devise_token_auth/pull/369) ([yivo](https://github.com/yivo))
+- Add a Gitter chat badge to README.md [\#360](https://github.com/lynndylanhurley/devise_token_auth/pull/360) ([gitter-badger](https://github.com/gitter-badger))
+- Improvements to the docs. [\#358](https://github.com/lynndylanhurley/devise_token_auth/pull/358) ([aarongray](https://github.com/aarongray))
+- Add description to readme about the devise.rb initializer. [\#356](https://github.com/lynndylanhurley/devise_token_auth/pull/356) ([aarongray](https://github.com/aarongray))
+- Correct handling namespaced resources [\#355](https://github.com/lynndylanhurley/devise_token_auth/pull/355) ([yivo](https://github.com/yivo))
+- Fix concern not being inserted for rails-api apps. [\#350](https://github.com/lynndylanhurley/devise_token_auth/pull/350) ([aarongray](https://github.com/aarongray))
+- Add documentation to explain gotcha with rails-api. [\#349](https://github.com/lynndylanhurley/devise_token_auth/pull/349) ([aarongray](https://github.com/aarongray))
+- Fully support OmniauthCallbacksController action overrides. Fixes \#186. [\#347](https://github.com/lynndylanhurley/devise_token_auth/pull/347) ([tbloncar](https://github.com/tbloncar))
+- \#340 Restrict access to controllers methods [\#341](https://github.com/lynndylanhurley/devise_token_auth/pull/341) ([gkopylov](https://github.com/gkopylov))
+- fix\(omniauth\): fix error in setting text on redirect page [\#336](https://github.com/lynndylanhurley/devise_token_auth/pull/336) ([nbrustein](https://github.com/nbrustein))
+- add Brazilian Portuguese translation \(pt-BR\) [\#331](https://github.com/lynndylanhurley/devise_token_auth/pull/331) ([josiasds](https://github.com/josiasds))
+- Tests to ensure standard devise has greater priority than tokens [\#330](https://github.com/lynndylanhurley/devise_token_auth/pull/330) ([colavitam](https://github.com/colavitam))
+- Fixed error when using standard devise authentication [\#329](https://github.com/lynndylanhurley/devise_token_auth/pull/329) ([colavitam](https://github.com/colavitam))
+- feat\(improved-omniauth\): omniauth sameWindow and inAppBrowser flows [\#323](https://github.com/lynndylanhurley/devise_token_auth/pull/323) ([nbrustein](https://github.com/nbrustein))
+- Fix invalid omniauth redirect [\#322](https://github.com/lynndylanhurley/devise_token_auth/pull/322) ([troggy](https://github.com/troggy))
+- Old password check before password update [\#317](https://github.com/lynndylanhurley/devise_token_auth/pull/317) ([jakubrohleder](https://github.com/jakubrohleder))
+- Remove erroneous colon from before\_action callback [\#310](https://github.com/lynndylanhurley/devise_token_auth/pull/310) ([jmliu](https://github.com/jmliu))
+- Disabled serialization for JSON type columns [\#306](https://github.com/lynndylanhurley/devise_token_auth/pull/306) ([colavitam](https://github.com/colavitam))
+- Set default provider to "email" in migration [\#302](https://github.com/lynndylanhurley/devise_token_auth/pull/302) ([colavitam](https://github.com/colavitam))
+- Fix an issue for not :confirmable users [\#296](https://github.com/lynndylanhurley/devise_token_auth/pull/296) ([sebfie](https://github.com/sebfie))
+- Update README.md [\#295](https://github.com/lynndylanhurley/devise_token_auth/pull/295) ([adisos](https://github.com/adisos))
+- Fix  MOUNT\_PATH 'Read More' link [\#294](https://github.com/lynndylanhurley/devise_token_auth/pull/294) ([jmliu](https://github.com/jmliu))
+- Don't send password reset instructions to unconfirmed email [\#288](https://github.com/lynndylanhurley/devise_token_auth/pull/288) ([coryschires](https://github.com/coryschires))
+- Feature/i18n support [\#283](https://github.com/lynndylanhurley/devise_token_auth/pull/283) ([sebfie](https://github.com/sebfie))
+- Update documentation for validate\_token [\#277](https://github.com/lynndylanhurley/devise_token_auth/pull/277) ([adamgall](https://github.com/adamgall))
+- Added json support for tokens [\#276](https://github.com/lynndylanhurley/devise_token_auth/pull/276) ([shicholas](https://github.com/shicholas))
+- perf\(token\_is\_current?\): add simplistic cache to reduce overhead of redundant token checks during validation calls [\#272](https://github.com/lynndylanhurley/devise_token_auth/pull/272) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- perf\(update\_auth\_header\): only lock the resource if we are rotating tokens [\#267](https://github.com/lynndylanhurley/devise_token_auth/pull/267) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- fix\(email-validation\): Update in-use email validation message during registration to allow full\_message use [\#255](https://github.com/lynndylanhurley/devise_token_auth/pull/255) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- fix\(session\#new\): fix unhandled 500 when logging in with valid user and bad password [\#254](https://github.com/lynndylanhurley/devise_token_auth/pull/254) ([mathemagica](https://github.com/mathemagica))
+- feat\(ominauth\): support json-formatted values in omniauth callback.  [\#252](https://github.com/lynndylanhurley/devise_token_auth/pull/252) ([nbrustein](https://github.com/nbrustein))
+- fix\(sessions controller\): call reset\_session on destroy [\#251](https://github.com/lynndylanhurley/devise_token_auth/pull/251) ([nbrustein](https://github.com/nbrustein))
+- fix\(resource\_class\): support optional mapping property from set\_user\_by\_token [\#250](https://github.com/lynndylanhurley/devise_token_auth/pull/250) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- Allow current\_password to be supplied when updating profile. [\#240](https://github.com/lynndylanhurley/devise_token_auth/pull/240) ([jasonswett](https://github.com/jasonswett))
+- fixes password reset when not using confirmable [\#225](https://github.com/lynndylanhurley/devise_token_auth/pull/225) ([aesnyder](https://github.com/aesnyder))
+- Fix error when email missing from registration params [\#220](https://github.com/lynndylanhurley/devise_token_auth/pull/220) ([iangreenleaf](https://github.com/iangreenleaf))
+- URI fragment should appear at the end of URL [\#214](https://github.com/lynndylanhurley/devise_token_auth/pull/214) ([edymerchk](https://github.com/edymerchk))
+- Super block yield \(all controllers\) [\#209](https://github.com/lynndylanhurley/devise_token_auth/pull/209) ([sgwilym](https://github.com/sgwilym))
+- Super block yield [\#207](https://github.com/lynndylanhurley/devise_token_auth/pull/207) ([sgwilym](https://github.com/sgwilym))
+- Ability to localize error message [\#206](https://github.com/lynndylanhurley/devise_token_auth/pull/206) ([lda](https://github.com/lda))
+- remove fragment sign \("\#"\) from URLs without fragment [\#205](https://github.com/lynndylanhurley/devise_token_auth/pull/205) ([tomdov](https://github.com/tomdov))
+- Return 422 \(was 500\) when empty body for sign up and account update [\#204](https://github.com/lynndylanhurley/devise_token_auth/pull/204) ([mchavarriagam](https://github.com/mchavarriagam))
+- Users with allowed unconfirmed access can now log in successfully. [\#202](https://github.com/lynndylanhurley/devise_token_auth/pull/202) ([colavitam](https://github.com/colavitam))
+- Authenticating an existing Warden/Devise User [\#200](https://github.com/lynndylanhurley/devise_token_auth/pull/200) ([nickL](https://github.com/nickL))
+- GET sign\_in should direct people to use POST sign\_in rather than raising exception [\#191](https://github.com/lynndylanhurley/devise_token_auth/pull/191) ([milesmatthias](https://github.com/milesmatthias))
+- Ignore 'extra' in Twitter auth response to avoid CookieOverflow. Fixes \#145. [\#179](https://github.com/lynndylanhurley/devise_token_auth/pull/179) ([tbloncar](https://github.com/tbloncar))
+- Some missing as\_json ? [\#152](https://github.com/lynndylanhurley/devise_token_auth/pull/152) ([nicolas-besnard](https://github.com/nicolas-besnard))
+- Check email format on registration [\#150](https://github.com/lynndylanhurley/devise_token_auth/pull/150) ([nicolas-besnard](https://github.com/nicolas-besnard))
+- Actual header key uses dashes, not underscores. [\#143](https://github.com/lynndylanhurley/devise_token_auth/pull/143) ([ragaskar](https://github.com/ragaskar))
+- Username register login [\#128](https://github.com/lynndylanhurley/devise_token_auth/pull/128) ([nicolas-besnard](https://github.com/nicolas-besnard))
+- Check if confirmable is active before skipping confirmation [\#125](https://github.com/lynndylanhurley/devise_token_auth/pull/125) ([nicolas-besnard](https://github.com/nicolas-besnard))
+- Fix links to section about controller integration. [\#117](https://github.com/lynndylanhurley/devise_token_auth/pull/117) ([Le6ow5k1](https://github.com/Le6ow5k1))
+- document GET for /validate\_token [\#113](https://github.com/lynndylanhurley/devise_token_auth/pull/113) ([lukaselmer](https://github.com/lukaselmer))
+- Fix small error in documentation. [\#91](https://github.com/lynndylanhurley/devise_token_auth/pull/91) ([edgarhenriquez](https://github.com/edgarhenriquez))
+- Exclude devise modules [\#85](https://github.com/lynndylanhurley/devise_token_auth/pull/85) ([jartek](https://github.com/jartek))
+- fix\(registration and update\): Ensure UID is updated alongside Email, and case-sensitivity is honored [\#71](https://github.com/lynndylanhurley/devise_token_auth/pull/71) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- Add better guidelines for contributors. [\#67](https://github.com/lynndylanhurley/devise_token_auth/pull/67) ([edgarhenriquez](https://github.com/edgarhenriquez))
+- Use resource\_class to override email confirmation. [\#64](https://github.com/lynndylanhurley/devise_token_auth/pull/64) ([edgarhenriquez](https://github.com/edgarhenriquez))
+- fix\(case-sensitivity\): support devise case\_insensitive\_keys for session ... [\#57](https://github.com/lynndylanhurley/devise_token_auth/pull/57) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- fix\(contention\): fix write contention in update\_auth\_headers and always ... [\#52](https://github.com/lynndylanhurley/devise_token_auth/pull/52) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- Include resource.errors.full\_messages in error response. [\#50](https://github.com/lynndylanhurley/devise_token_auth/pull/50) ([jasonswett](https://github.com/jasonswett))
+- fix\(expiry\): fix an issue where token expiration checks were too permissive [\#49](https://github.com/lynndylanhurley/devise_token_auth/pull/49) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- Update README with Example Generator Command [\#35](https://github.com/lynndylanhurley/devise_token_auth/pull/35) ([wwilkins](https://github.com/wwilkins))
+- Remove OmniAuth dependency [\#26](https://github.com/lynndylanhurley/devise_token_auth/pull/26) ([hannahhoward](https://github.com/hannahhoward))
+- Update README.md [\#24](https://github.com/lynndylanhurley/devise_token_auth/pull/24) ([davidsavoya](https://github.com/davidsavoya))
+- guard against MissingAttributeError during common ActiveRecord operations [\#19](https://github.com/lynndylanhurley/devise_token_auth/pull/19) ([booleanbetrayal](https://github.com/booleanbetrayal))
+- Fix expiry data type [\#11](https://github.com/lynndylanhurley/devise_token_auth/pull/11) ([lonre](https://github.com/lonre))
+- README and travis config tweaks [\#7](https://github.com/lynndylanhurley/devise_token_auth/pull/7) ([guilhermesimoes](https://github.com/guilhermesimoes))
+
+# Change Log
+
 ## [v0.1.40](https://github.com/lynndylanhurley/devise_token_auth/tree/v0.1.40) (2017-01-20)
 [Full Changelog](https://github.com/lynndylanhurley/devise_token_auth/compare/v0.1.39...v0.1.40)
 
@@ -870,4 +1354,6 @@
 
 \* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
 
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+
 \* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
\ No newline at end of file
diff --git a/Gemfile.lock b/Gemfile.lock
index 3cd5d67e7..172be9c5e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -33,7 +33,7 @@ GIT
 PATH
   remote: .
   specs:
-    devise_token_auth (0.1.40)
+    devise_token_auth (0.1.41)
       devise (> 3.5.2, <= 4.2.1)
       rails (< 6)
 
@@ -86,7 +86,7 @@ GEM
       simplecov (>= 0.7.1, < 1.0.0)
     coderay (1.1.1)
     colorize (0.8.1)
-    concurrent-ruby (1.0.2)
+    concurrent-ruby (1.0.5)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
     devise (4.2.0)
diff --git a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb
index 3af49e082..cf13eefdf 100644
--- a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb
+++ b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb
@@ -58,7 +58,7 @@ def set_user_by_token(mapping=nil)
     return false unless @token
 
     # mitigate timing attacks by finding by uid instead of auth token
-    user = uid && rc.find_by_uid(uid)
+    user = uid && rc.find_by(uid: uid)
 
     if user && user.valid_token?(@token, @client_id)
       # sign_in with bypass: true will be deprecated in the next version of Devise
diff --git a/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb b/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb
index 0e1c16d25..ea06b59dc 100644
--- a/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb
+++ b/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb
@@ -14,7 +14,8 @@ def redirect_callbacks
       devise_mapping = [request.env['omniauth.params']['namespace_name'],
                         request.env['omniauth.params']['resource_class'].underscore.gsub('/', '_')].compact.join('_')
       path = "#{Devise.mappings[devise_mapping.to_sym].fullpath}/#{params[:provider]}/callback"
-      redirect_route = URI::HTTP.build(scheme: request.scheme, host: request.host, port: request.port, path: path).to_s
+      klass = request.scheme == 'https' ? URI::HTTPS : URI::HTTP
+      redirect_route = klass.build(host: request.host, port: request.port, path: path).to_s
 
       # preserve omniauth info for success route. ignore 'extra' in twitter
       # auth response to avoid CookieOverflow.
diff --git a/lib/devise_token_auth/controllers/helpers.rb b/lib/devise_token_auth/controllers/helpers.rb
index c10332e91..368b78aa8 100644
--- a/lib/devise_token_auth/controllers/helpers.rb
+++ b/lib/devise_token_auth/controllers/helpers.rb
@@ -39,7 +39,7 @@ def authenticate_#{group_name}!(favourite=nil, opts={})
 
                 unless current_#{group_name}
                   return render json: {
-                    errors: ["Authorized users only."]
+                    errors: [I18n.t('devise.failure.unauthenticated')]
                   }, status: 401
                 end
               end
@@ -110,7 +110,7 @@ def self.define_helpers(mapping) #:nodoc:
           def authenticate_#{mapping}!
             unless current_#{mapping}
               return render json: {
-                errors: ["Authorized users only."]
+                errors: [I18n.t('devise.failure.unauthenticated')]
               }, status: 401
             end
           end
diff --git a/lib/devise_token_auth/version.rb b/lib/devise_token_auth/version.rb
index 6d0189c83..452a74f83 100644
--- a/lib/devise_token_auth/version.rb
+++ b/lib/devise_token_auth/version.rb
@@ -1,3 +1,3 @@
 module DeviseTokenAuth
-  VERSION = "0.1.40"
+  VERSION = "0.1.41"
 end
diff --git a/test/dummy/app/controllers/overrides/sessions_controller.rb b/test/dummy/app/controllers/overrides/sessions_controller.rb
index 3be969c34..4526dfd5c 100644
--- a/test/dummy/app/controllers/overrides/sessions_controller.rb
+++ b/test/dummy/app/controllers/overrides/sessions_controller.rb
@@ -3,7 +3,7 @@ class SessionsController < DeviseTokenAuth::SessionsController
     OVERRIDE_PROOF = "(^^,)"
 
     def create
-      @resource = resource_class.find_by_email(resource_params[:email])
+      @resource = resource_class.find_by(email: resource_params[:email])
 
       if @resource and valid_params?(:email, resource_params[:email]) and @resource.valid_password?(resource_params[:password]) and @resource.confirmed?
         # create client id
diff --git a/test/dummy/config/application.rb b/test/dummy/config/application.rb
index f265029f6..ff7cd58d8 100644
--- a/test/dummy/config/application.rb
+++ b/test/dummy/config/application.rb
@@ -20,7 +20,5 @@ class Application < Rails::Application
     # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
     # config.i18n.default_locale = :de
     config.autoload_paths << Rails.root.join('lib')
-
-    config.active_record.raise_in_transactional_callbacks = true
   end
 end
diff --git a/test/dummy/config/environments/test.rb b/test/dummy/config/environments/test.rb
index e8df48bd3..4fd5b040b 100644
--- a/test/dummy/config/environments/test.rb
+++ b/test/dummy/config/environments/test.rb
@@ -13,8 +13,13 @@
   config.eager_load = false
 
   # Configure static asset server for tests with Cache-Control for performance.
-  config.serve_static_files  = true
-  config.static_cache_control = 'public, max-age=3600'
+  Rails::VERSION::MAJOR == 5 ?
+      (config.public_file_server.enabled = true) :
+      (config.serve_static_files  = true)
+
+  Rails::VERSION::MAJOR == 5 ?
+      (config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }) :
+      (config.static_cache_control = 'public, max-age=3600')
 
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true
diff --git a/test/lib/generators/devise_token_auth/install_generator_test.rb b/test/lib/generators/devise_token_auth/install_generator_test.rb
index 67e3193d1..06059b4de 100644
--- a/test/lib/generators/devise_token_auth/install_generator_test.rb
+++ b/test/lib/generators/devise_token_auth/install_generator_test.rb
@@ -29,7 +29,7 @@ class InstallGeneratorTest < Rails::Generators::TestCase
       end
 
       test 'migration file contains rails version' do
-        assert_migration 'db/migrate/devise_token_auth_create_users.rb', /4.2/
+        assert_migration 'db/migrate/devise_token_auth_create_users.rb', /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
       end
 
       test 'subsequent runs raise no errors' do
@@ -48,14 +48,17 @@ class InstallGeneratorTest < Rails::Generators::TestCase
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
 
+        # account for rails version 5
+        active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
+
         @f = File.open(@fname, 'w') {|f|
           f.write <<-RUBY
-class User < ActiveRecord::Base
+            class User < #{active_record_needle}
 
-  def whatever
-    puts 'whatever'
-  end
-end
+              def whatever
+                puts 'whatever'
+              end
+            end
           RUBY
         }
 
@@ -91,9 +94,9 @@ def whatever
 
         @f = File.open(@fname, 'w') {|f|
           f.write <<-RUBY
-Rails.application.routes.draw do
-  patch '/chong', to: 'bong#index'
-end
+            Rails.application.routes.draw do
+              patch '/chong', to: 'bong#index'
+            end
           RUBY
         }
 
@@ -151,11 +154,11 @@ def whatever
 
         @f = File.open(@fname, 'w') {|f|
           f.write <<-RUBY
-class ApplicationController < ActionController::Base
-  def whatever
-    'whatever'
-  end
-end
+            class ApplicationController < ActionController::Base
+              def whatever
+                'whatever'
+              end
+            end
           RUBY
         }
 
diff --git a/test/test_helper.rb b/test/test_helper.rb
index a37e30d30..48e1b1435 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -1,13 +1,11 @@
-require "codeclimate-test-reporter"
-#require 'simplecov'
+require 'simplecov'
 
 #SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
   #SimpleCov::Formatter::HTMLFormatter,
   #CodeClimate::TestReporter::Formatter
 #]
 
-#SimpleCov.start 'rails'
-CodeClimate::TestReporter.start
+SimpleCov.start 'rails'
 
 ENV["RAILS_ENV"] = "test"