lib/devise/controllers/helpers.rb in loyal_devise-2.1.2 vs lib/devise/controllers/helpers.rb in loyal_devise-2.1.3

@@ -1,6 +1,5 @@
-# -*- encoding : utf-8 -*-
 module Devise
   module Controllers
     # Those helpers are convenience methods added to ApplicationController.
     module Helpers
       extend ActiveSupport::Concern
@@ -79,10 +78,21 @@
       #   before_filter :my_filter, :unless => :devise_controller?
       def devise_controller?
         is_a?(DeviseController)
       end
 
+      # Setup a param sanitizer to filter parameters using strong_parameters. See
+      # lib/devise/parameter_sanitizer.rb for more info. Override this
+      # method in your application controller to use your own parameter sanitizer.
+      def devise_parameter_sanitizer
+        @devise_parameter_sanitizer ||= if defined?(ActionController::StrongParameters)
+          Devise::ParameterSanitizer.new(resource_class, resource_name, params)
+        else
+          Devise::BaseSanitizer.new(resource_class, resource_name, params)
+        end
+      end
+
       # Tell warden that params authentication is allowed for that specific page.
       def allow_params_authentication!
         request.env["devise.allow_params_authentication"] = true
       end
 
@@ -161,20 +171,25 @@
         warden.lock! if lock
 
         users.any?
       end
 
-      # Returns and delete the url stored in the session for the given scope. Useful
-      # for giving redirect backs after sign up:
+      # Returns and delete (if it's navigational format) the url stored in the session for
+      # the given scope. Useful for giving redirect backs after sign up:
       #
       # Example:
       #
       #   redirect_to stored_location_for(:user) || root_path
       #
       def stored_location_for(resource_or_scope)
         scope = Devise::Mapping.find_scope!(resource_or_scope)
-        session.delete("#{scope}_return_to")
+
+        if is_navigational_format?
+          session.delete("#{scope}_return_to")
+        else
+          session["#{scope}_return_to"]
+        end
       end
 
       # The scope root url to be used when he's signed in. By default, it first
       # tries to find a resource_root_path, otherwise it uses the root_path.
       def signed_in_root_path(resource_or_scope)
@@ -255,13 +270,24 @@
       end
 
       # Overwrite Rails' handle unverified request to sign out all scopes,
       # clear run strategies and remove cached variables.
       def handle_unverified_request
-        sign_out_all_scopes(false)
-        request.env["devise.skip_storage"] = true
-        expire_devise_cached_variables!
+        if sign_in?
+          sign_out_all_scopes(false)
+          request.env["devise.skip_storage"] = true
+          expire_devise_cached_variables!
+        end
+
         super # call the default behaviour which resets the session
+      end
+
+      def request_format
+        @request_format ||= request.format.try(:ref)
+      end
+
+      def is_navigational_format?
+        Devise.navigational_formats.include?(request_format)
       end
 
       private
 
       def expire_devise_cached_variables!