-
Notifications
You must be signed in to change notification settings - Fork 5.5k
How To: Upgrade to Devise 2.0
Devise 2.0 is actually a small release aimed mainly to clean up Devise source code. With time, Devise added new behaviors but, since we had to maintain backwards compatibility, we could not deprecate the old behaviors. Devise 2.0 finally deprecates such old behaviors.
The difficulty to migrate to Devise 2.0 will depend on when you started developing your application. If you started a long time ago, you will probably need to add or remove columns from your database schema. If recently, you will just need to rename a few configuration options.
Before upgrading to Devise 2.0, be sure that your application is fine running on Devise 1.5.x and that you are running on at least Rails 3.1
Devise 2.0 provides two main features:
- Support for e-mail reconfirmation when it changes. You can benefit from this change by setting
Devise.reconfirmable
to true and adding anunconfirmed_email
column to your Devise models; - Deprecation of Devise's migration methods. All applications migrating to Devise 2.0 will have to upgrade their original Devise migrations. This page describes exactly how to do it;
Besides, a few configuration options were renamed or removed:
-
Devise.remember_across_browsers
is no longer effective. You can simply remove it; -
Devise.confirm_within
was renamed toDevise.allow_unconfirmed_access_for
; -
Devise.stateless_token
was removed. If you want to have stateless tokens, simply doconfig.skip_session_storage << :token_auth
in your initializer;
The locale information also changed, specifically:
en:
devise:
registrations:
inactive_signed_up: 'You have signed up successfully. However, we could not sign you in because your account is %{reason}.'
reasons:
inactive: 'inactive'
unconfirmed: 'unconfirmed'
locked: 'locked'
Should now be:
en:
devise:
registrations:
signed_up_but_unconfirmed: 'A message with a confirmation link has been sent to your email address. Please open the link to activate your account.'
signed_up_but_inactive: 'You have signed up successfully. However, we could not sign you in because your account is not yet activated.'
signed_up_but_locked: 'You have signed up successfully. However, we could not sign you in because your account is locked.'
Finally, in case you started using Devise in your app some time ago, your schema may be out of date and you need to update it:
- Devise now always uses the password salt as basis for the remember token. You can remove the
remember_token
column from your models and setDevise.use_salt_as_remember_token
to true; - Devise now requires you to have a
reset_password_sent_at
column. Please add it to your Devise models and setDevise.reset_password_within
to an interval (like 6 hours);
Luckily, those are all changes you need to do to have your app successfully running on Devise 2.0. Welcome aboard!