diff --git a/Gemfile b/Gemfile
index 760ca1d..effbe87 100644
--- a/Gemfile
+++ b/Gemfile
@@ -14,7 +14,7 @@ group :test do
     gem "sqlite3"
   end
 
-  gem "rails", "~> 4.0.0"
+  gem "rails", "~> 5.0.0"
 
   gem "capybara"
   gem 'shoulda'
@@ -22,4 +22,4 @@ group :test do
 
   gem 'minitest-reporters', '>= 0.5.0'
 
-end
\ No newline at end of file
+end
diff --git a/README.md b/README.md
index 26c70f5..8dc1460 100644
--- a/README.md
+++ b/README.md
@@ -58,9 +58,9 @@ Setup the User or Admin model
 
     rails g devise MODEL
 
-Configure your app for authorisation, edit your Controller and add this before_filter:
+Configure your app for authorisation, edit your Controller and add this before_action:
 
-    before_filter :authenticate_user!
+    before_action :authenticate_user!
 
 Make sure your "root" route is configured in config/routes.rb
 
diff --git a/app/controllers/devise_otp/credentials_controller.rb b/app/controllers/devise_otp/credentials_controller.rb
index c5a7299..b412b08 100644
--- a/app/controllers/devise_otp/credentials_controller.rb
+++ b/app/controllers/devise_otp/credentials_controller.rb
@@ -1,8 +1,8 @@
 class DeviseOtp::CredentialsController < DeviseController
   helper_method :new_session_path
 
-  prepend_before_filter :authenticate_scope!, :only => [:get_refresh, :set_refresh]
-  prepend_before_filter :require_no_authentication, :only => [ :show, :update ]
+  prepend_before_action :authenticate_scope!, :only => [:get_refresh, :set_refresh]
+  prepend_before_action :require_no_authentication, :only => [ :show, :update ]
 
   #
   # show a request for the OTP token
@@ -103,4 +103,4 @@ def failed_refresh
     render :refresh
   end
 
-end
\ No newline at end of file
+end
diff --git a/app/controllers/devise_otp/tokens_controller.rb b/app/controllers/devise_otp/tokens_controller.rb
index 8ea6434..f0f2a6d 100644
--- a/app/controllers/devise_otp/tokens_controller.rb
+++ b/app/controllers/devise_otp/tokens_controller.rb
@@ -1,8 +1,8 @@
 class DeviseOtp::TokensController < DeviseController
   include Devise::Controllers::Helpers
 
-  prepend_before_filter :ensure_credentials_refresh
-  prepend_before_filter :authenticate_scope!
+  prepend_before_action :ensure_credentials_refresh
+  prepend_before_action :authenticate_scope!
 
   protect_from_forgery :except => [:clear_persistence, :delete_persistence]
 
diff --git a/devise-otp.gemspec b/devise-otp.gemspec
index 50d3c96..5a3d28e 100644
--- a/devise-otp.gemspec
+++ b/devise-otp.gemspec
@@ -17,8 +17,8 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
 
-  gem.add_runtime_dependency 'rails',  '>= 3.2.6', '< 5'
-  gem.add_runtime_dependency 'devise', '>= 3.1.0', '< 4.0.0'
+  gem.add_runtime_dependency 'rails',  '>= 3.2.6', '< 5.1'
+  gem.add_runtime_dependency 'devise', '>= 3.1.0', '< 4.3.0'
   gem.add_runtime_dependency 'rotp',   '>= 2.0.0'
 
   gem.add_development_dependency "sqlite3"
diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb
index ae953a2..05eb81c 100644
--- a/test/dummy/app/controllers/application_controller.rb
+++ b/test/dummy/app/controllers/application_controller.rb
@@ -1,4 +1,4 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
-  before_filter :authenticate_user!
+  before_action :authenticate_user!
 end
diff --git a/test/dummy/config/application.rb b/test/dummy/config/application.rb
index 37536ad..1181d72 100644
--- a/test/dummy/config/application.rb
+++ b/test/dummy/config/application.rb
@@ -65,4 +65,3 @@ class Application < Rails::Application
     config.assets.version = '1.0'
   end
 end
-
diff --git a/test/dummy/config/database.yml b/test/dummy/config/database.yml
index f400776..b9dc040 100644
--- a/test/dummy/config/database.yml
+++ b/test/dummy/config/database.yml
@@ -14,7 +14,7 @@ development:
 # Do not set this db to the same as development or production.
 test:
   adapter: sqlite3
-  database: ":memory:"
+  database: db/test.sqlite3
   pool: 5
   timeout: 5000
 
diff --git a/test/dummy/config/environments/development.rb b/test/dummy/config/environments/development.rb
index 0271fd7..472f1db 100644
--- a/test/dummy/config/environments/development.rb
+++ b/test/dummy/config/environments/development.rb
@@ -22,13 +22,6 @@
   # Only use best-standards-support built into browsers
   config.action_dispatch.best_standards_support = :builtin
 
-  # Raise exception on mass assignment protection for Active Record models
-  config.active_record.mass_assignment_sanitizer = :strict
-
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  config.active_record.auto_explain_threshold_in_seconds = 0.5
-
   # Do not compress assets
   config.assets.compress = false
 
diff --git a/test/dummy/config/environments/production.rb b/test/dummy/config/environments/production.rb
index 39944a8..e784689 100644
--- a/test/dummy/config/environments/production.rb
+++ b/test/dummy/config/environments/production.rb
@@ -66,8 +66,4 @@
 
   # Send deprecation notices to registered listeners
   config.active_support.deprecation = :notify
-
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  # config.active_record.auto_explain_threshold_in_seconds = 0.5
 end
diff --git a/test/dummy/db/migrate/20130125101430_create_users.rb b/test/dummy/db/migrate/20130125101430_create_users.rb
index 37ce317..9b622cd 100644
--- a/test/dummy/db/migrate/20130125101430_create_users.rb
+++ b/test/dummy/db/migrate/20130125101430_create_users.rb
@@ -1,4 +1,4 @@
-class CreateUsers < ActiveRecord::Migration
+class CreateUsers < ActiveRecord::Migration[5.0]
   def change
     create_table :users do |t|
       t.string :name
diff --git a/test/dummy/db/migrate/20130131092406_add_devise_to_users.rb b/test/dummy/db/migrate/20130131092406_add_devise_to_users.rb
index a80aec6..ddc41fd 100644
--- a/test/dummy/db/migrate/20130131092406_add_devise_to_users.rb
+++ b/test/dummy/db/migrate/20130131092406_add_devise_to_users.rb
@@ -1,4 +1,4 @@
-class AddDeviseToUsers < ActiveRecord::Migration
+class AddDeviseToUsers < ActiveRecord::Migration[5.0]
   def self.up
     change_table(:users) do |t|
       ## Database authenticatable
diff --git a/test/dummy/db/migrate/20130131142320_create_posts.rb b/test/dummy/db/migrate/20130131142320_create_posts.rb
index 3545716..bc17bc7 100644
--- a/test/dummy/db/migrate/20130131142320_create_posts.rb
+++ b/test/dummy/db/migrate/20130131142320_create_posts.rb
@@ -1,4 +1,4 @@
-class CreatePosts < ActiveRecord::Migration
+class CreatePosts < ActiveRecord::Migration[5.0]
   def change
     create_table :posts do |t|
       t.string :title
diff --git a/test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb b/test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb
index 8c9a83a..fdb1cdc 100644
--- a/test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb
+++ b/test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb
@@ -1,4 +1,4 @@
-class DeviseOtpAddToUsers < ActiveRecord::Migration
+class DeviseOtpAddToUsers < ActiveRecord::Migration[5.0]
   def self.up
     change_table :users do |t|
       t.string    :otp_auth_secret
@@ -18,7 +18,7 @@ def self.up
     add_index :users, :otp_session_challenge,  :unique => true
     add_index :users, :otp_challenge_expires
   end
-  
+
   def self.down
     change_table :users do |t|
       t.remove :otp_auth_secret, :otp_recovery_secret, :otp_enabled, :otp_mandatory, :otp_enabled_on, :otp_session_challenge,