Contents

(this is in order of highest priority first)

# force email confirmation by default
# sessions controller test is missing some tests
# mailers should not hardcode example.com as from address
# check to make sure attr_accessible doesn't override and w/ attr_protected
# helpers and tests shouldn't depend on login/logout routes
# move shoulda macros in test_helper to shoulda_macros folder
# add shoulda and factory girl dependencies to gemspec
# refactor Mailer default_url_options[:host] to something cleaner

ideas stolen from merb-auth:

# store current_user on the session, not controller
# respond with 401 Unauthorized when request requires authentication 
# respond with 405 Method Not Allowed when action requested isn’t allowed
# email confirmation is a strategy
# forgot password is a strategy
# salted password is a strategy
# 401 and 405 need to be in Exceptions controller

http://adam.speaksoutofturn.com/articles/entication_vs_orization.html

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
thoughtbot-clearance-0.2.3	TODO.textile