devise-pwned_password 0.1.5 → 0.1.6

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +5 -5
  2. data/lib/devise/pwned_password/model.rb +8 -1
  3. data/lib/devise/pwned_password/version.rb +1 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: a5cc8c72047671f8be965dcc4e94322e9292fbcc
4
- data.tar.gz: 4ae9d2cd36c87f8fd9ab2f344fcd17bc7045828a
2
+ SHA256:
3
+ metadata.gz: 312151610ff6e4356a09f6221bb5006c8f8bdc50b10af1528441dc4c669f3ab1
4
+ data.tar.gz: 20000f8294c2b771cb593879462298cf86f56dcaef048e118efb90d1969fbef8
5
5
  SHA512:
6
- metadata.gz: 9114747a1908818faa62153ba123eed62dfdbc9b013934b921558ce9ed529d5a2e998fdced6d5622d3b60926b7745bbac7c3c38b11902c5379a4e03a63c0fc36
7
- data.tar.gz: 11fcd7b49313b6688ca3da6c73a51ffe2fc8a5e87115ad70f894e63c11684b7c029ddd6a022f593b02efa2f8e8e51e62f3ad0d8ddf5fe935653bfc47c6722274
6
+ metadata.gz: a1489bdd8a923bf5d249869b0ac84e950174b409c1e265721aee3101c9cba2eb690a921d4891f885d2aba9ab542a91a0069797eaff86cc2ac2c7d5bcd0bae693
7
+ data.tar.gz: b9dd8b2c3dd4342f6a228b56ed1f83738beb61b93cf66f21e09fad54a37ba1673e45c6c89e74b4cbbaa3b445466a4ff6bc3a3ee5ec53fa17d8618206047f68ad
data/lib/devise/pwned_password/model.rb CHANGED
@@ -27,10 +27,16 @@ module Devise
27
27
  @pwned ||= false
28
28
  end
29
29
 
30
+ def pwned_count
31
+ @pwned_count ||= 0
32
+ end
33
+
30
34
  # Returns true if password is present in the PwnedPasswords dataset
31
35
  # Implement retry behaviour described here https://haveibeenpwned.com/API/v2#RateLimiting
32
36
  def password_pwned?(password)
33
37
  @pwned = false
38
+ @pwned_count = 0
39
+
34
40
  options = {
35
41
  "User-Agent" => "devise_pwned_password",
36
42
  read_timeout: self.class.pwned_password_read_timeout,
@@ -38,7 +44,8 @@ module Devise
38
44
  }
39
45
  pwned_password = Pwned::Password.new(password.to_s, options)
40
46
  begin
41
- @pwned = pwned_password.pwned_count >= self.class.min_password_matches
47
+ @pwned_count = pwned_password.pwned_count
48
+ @pwned = @pwned_count >= self.class.min_password_matches
42
49
  return @pwned
43
50
  rescue Pwned::Error
44
51
  return false
data/lib/devise/pwned_password/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Devise
4
4
  module PwnedPassword
5
- VERSION = "0.1.5"
5
+ VERSION = "0.1.6"
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-pwned_password
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.5
4
+ version: 0.1.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Michael Banfield
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-03-25 00:00:00.000000000 Z
11
+ date: 2018-07-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -117,7 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
117
117
  version: '0'
118
118
  requirements: []
119
119
  rubyforge_project:
120
- rubygems_version: 2.5.2
120
+ rubygems_version: 2.7.6
121
121
  signing_key:
122
122
  specification_version: 4
123
123
  summary: Devise extension that checks user passwords against the PwnedPasswords dataset.