NEWS.rdoc
== 1.1.0
* `Oath.config.sign_in_notice` should now be a callable object in order for I18n to work correctly
* [DEPRECATED] you should no longer set `Oath.config.sign_in_notice` to a string value
== 1.0.1
* Wrap helper_method calls in respond_to?(:helper_method)
* param_transformations now correctly use string keys
== 1.0.0
* Do not perform lookup if no params are passed to lookup
* Add param transformer for sanitizing and normalizing
== 0.3.1
* Extend private interface for services
== 0.3.0
* Warden serialization is now configurable
== 0.2.1
* Updated documentation for test helpers
* Updated documentation for using oath in console
* Fixed bug with failure app now allowing actual http auth to occur
== 0.2.0
* `sign_in` test helper now returns the user
* `authenticate_session` arguments are coerced to Hash
* Oath::BackDoor can be configured with a block
* Document validation suggestions
* Document locale suggestions
* Deprecate usage of Oath.user_class in favor of Oath.config.user_class
* Make warden strategy configurable via Oath.config.authentication_strategy
* Extract warden setup into the WardenSetup class
* Document layout suggestions
== 0.1.1
* Link to Rubydoc in documentation
* Fix header in documentation
* Fix no_login_redirect to default to a properly named controller
* Fix documentation reference to sign_up to mention user_params instead of user
== 0.1.0
* Fix PasswordStrategy to use configuration options
* Documentation
* Renamed encryption to hashing
* Renamed encrypted to digested
* Renamed unencrypted to undigested
* A configuration for `no_login_redirect` was added. This accepts anything that
can be passed to `redirect_to` and is used when `require_login` is called with
no logged in user.
* A configuration for `no_login_handler` was added. This allows developers to
completely customize the response when `require_login` is called with no
logged in user.
== 0.0.15
* Delegate user_class correctly so that config returns class
* Fixed issue authenticate session not allowing for multiple fields
* Do not hardcode User class
* Add signed out routing constraint
* Backfill NEWS.md
== 0.0.14
* Encryption of empty string is empty string.
* Remove last trace of generators.
== 0.0.13
* Oath requires Rails 4+.
* Move generators to the oath-generators gem.
== 0.0.12
* Ensure forms can't be tampered with by providing no username.
* Prevent hashing of empty string passwords.
* Memoize the configuration.
== 0.0.11
* Add `Oath::Backdoor` for easier tests.
== 0.0.10
* Add Oath::Test::ControllerHelpers for controller specs.
* Depend on the bcrypt gem, not the bcrypt-ruby gem.
== 0.0.9
* Make user creation method configurable.
* Redirect to SessionsController#new, ignoring namespace.
* Add `Oath.config.creation_method`.
== 0.0.8
* Now configurable via `Oath.configure`:
* sign in service
* sign up service
* authentication service
* user_token_store_field
* user_token_field
* Add PasswordReset service.
* Rename controller_helpers to services.
* Allos blocks to be passed into sign_in and sign_up.
* Fix error on trying to respond with HTTP 401.
* Oath does not generate a User model for you.
* Add `Oath.test_mode!` and `Oath.test_reset!`.
* Add a lot of tests.
== 0.0.7
* Check for Rails 4 or the strong_parameters gem, not just the strong_parameters gem
== 0.0.6
* [FIX] require_login should use controller and action for routing.
== 0.0.5
* [FIX] Scaffolded SessionsController should have respond_to.
* [FIX] SignUp should get the value instead of slicing.
== 0.0.4
* Cleaned up generated controllers.
* Use find_by_id instead of find so invalid sessions don't cause apps to crash.
* Hashes passed in are no longer mutated via delete.
== 0.0.3
* Fixed bug where password wasn't deleted from session params which would cause lookup to fail.