Skip to content

Upgrading Clearance

Jump to bottom Edit New page
Derek Prior edited this page May 24, 2013 · 6 revisions

Upgrading to Clearance 1.0.x

As of the 1.0.x series of Clearance, the following things are true:

  • The module to include in your ApplicationController is Clearance::Controller, not Clearance::Authentication.
  • The return_to path can no longer be provided by request parameters. If you use this functionality, you should instead add a before_filter that sets session[:return_to]. You can grep your views for return_to to determine if you are affected by this change.
  • The default encryption strategy is BCrypt, not SHA1.

To continue using SHA1 in your project, change the config option to this:

Clearance.configure do |config|
  config.password_strategy = Clearance::PasswordStrategies::SHA1
end

To transition your users from SHA1 to BCrypt, change the config option to this:

Clearance.configure do |config|
  config.password_strategy = Clearance::PasswordStrategies::BCryptMigrationFromSHA1
end

Upgrading to Clearance 0.11.x

As of the 0.11.x series of Clearance, the following things are true:

  • The way to protect your controller actions is via before_filter :authorize, not before_filter :authenticate.
  • There is no email confirmation.
  • There is no password confirmation.
  • There is no dependency on dynamic_form.
  • Email addresses are forced to lower case.
  • The generators are namespaced by community convention: rails g clearance:install, rails g clearance:features, and rails g clearance:views.
  • There are no Formtastic or Haml view generators.
  • The email fields are all now of HTML5 type email.

So, if you upgrading to the latest version of Clearance from an older version of Clearance, you may want to take at least some, if not all, of the following steps:

  • Remove the password_confirmation attribute from your spec/factories.rb file.
  • Remove the password_confirmation field from your users/new view.
  • Change before_filter :authenticate everywhere to before_filter :authorize.
  • Remove form.error_messages in any of your generated users/new and passwords/edit views.
  • Re-generate the features: rails g clearance:features.
  • Change the email fields in any of your generated users/new, sessions/new, or passwords/new views. (necessary only to get features to pass)
  • require 'shoulda/macros' becomes require 'shoulda/testing'

Write a migration to downcase the existing emails in your users table:

class DowncaseEmails < ActiveRecord::Migration
  def up
    update 'UPDATE users SET email = LOWER(email)'
  end
end
Add a custom footer
Add a custom sidebar
Clone this wiki locally