devise-secure_password 1.0.5 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Changelog.md +43 -4
- data/Dockerfile +1 -1
- data/Dockerfile.prev +3 -3
- data/Gemfile +1 -0
- data/Gemfile.lock +215 -205
- data/README.md +33 -10
- data/app/controllers/devise/passwords_with_policy_controller.rb +55 -14
- data/app/views/devise/passwords_with_policy/edit.html.erb +5 -1
- data/config/locales/en.yml +50 -0
- data/devise-secure_password.gemspec +22 -23
- data/gemfiles/rails_6_0.gemfile +57 -0
- data/gemfiles/rails_6_0.gemfile.lock +347 -0
- data/gemfiles/rails_6_1.gemfile +57 -0
- data/gemfiles/rails_6_1.gemfile.lock +352 -0
- data/lib/devise/secure_password.rb +4 -9
- data/lib/devise/secure_password/controllers/devise_helpers.rb +4 -50
- data/lib/devise/secure_password/controllers/helpers.rb +58 -0
- data/lib/devise/secure_password/grammar.rb +13 -0
- data/lib/devise/secure_password/models/password_disallows_frequent_changes.rb +4 -2
- data/lib/devise/secure_password/models/password_disallows_frequent_reuse.rb +1 -0
- data/lib/devise/secure_password/models/password_has_required_content.rb +53 -15
- data/lib/devise/secure_password/models/password_requires_regular_updates.rb +1 -3
- data/lib/devise/secure_password/version.rb +1 -1
- data/lib/support/string/character_counter.rb +3 -1
- data/pkg/devise-secure_password-2.0.0.gem +0 -0
- metadata +66 -168
- data/coverage/assets/0.10.2/application.css +0 -799
- data/coverage/assets/0.10.2/application.js +0 -1707
- data/coverage/assets/0.10.2/colorbox/border.png +0 -0
- data/coverage/assets/0.10.2/colorbox/controls.png +0 -0
- data/coverage/assets/0.10.2/colorbox/loading.gif +0 -0
- data/coverage/assets/0.10.2/colorbox/loading_background.png +0 -0
- data/coverage/assets/0.10.2/favicon_green.png +0 -0
- data/coverage/assets/0.10.2/favicon_red.png +0 -0
- data/coverage/assets/0.10.2/favicon_yellow.png +0 -0
- data/coverage/assets/0.10.2/loading.gif +0 -0
- data/coverage/assets/0.10.2/magnify.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_flat_0_aaaaaa_40x100.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_flat_75_ffffff_40x100.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_glass_55_fbf9ee_1x400.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_glass_65_ffffff_1x400.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_glass_75_dadada_1x400.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_glass_75_e6e6e6_1x400.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_glass_95_fef1ec_1x400.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-bg_highlight-soft_75_cccccc_1x100.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-icons_222222_256x240.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-icons_2e83ff_256x240.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-icons_454545_256x240.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-icons_888888_256x240.png +0 -0
- data/coverage/assets/0.10.2/smoothness/images/ui-icons_cd0a0a_256x240.png +0 -0
- data/coverage/index.html +0 -4115
- data/devise-secure_password-1.0.0.gem +0 -0
- data/gemfiles/rails-5_0_6.gemfile +0 -17
- data/gemfiles/rails-5_0_6.gemfile.lock +0 -286
- data/gemfiles/rails-5_1_4.gemfile +0 -16
- data/gemfiles/rails-5_1_4.gemfile.lock +0 -282
- data/lib/devise/secure_password/controllers/active_helpers.rb +0 -45
- data/lib/devise/secure_password/hooks/password_requires_regular_updates.rb +0 -5
- data/pkg/devise-secure_password-1.0.3.gem +0 -0
- data/pkg/devise-secure_password-1.0.4.gem +0 -0
@@ -1,45 +0,0 @@
|
|
1
|
-
module Devise
|
2
|
-
module SecurePassword
|
3
|
-
module Controllers
|
4
|
-
module ActiveHelpers
|
5
|
-
extend ActiveSupport::Concern
|
6
|
-
|
7
|
-
included do
|
8
|
-
before_action :pending_password_expired_redirect!, except: [:destroy]
|
9
|
-
end
|
10
|
-
|
11
|
-
# Redirect to password change page if password needs to be changed.
|
12
|
-
def pending_password_expired_redirect!
|
13
|
-
return unless skip_current_controller? && redirected_in_session? && warden.session && warden.session['secure_password_expired']
|
14
|
-
redirect_to edit_user_password_with_policy_url, alert: "#{error_string_for_password_expired}."
|
15
|
-
end
|
16
|
-
|
17
|
-
def redirected_in_session?
|
18
|
-
warden.authenticated? && warden.session['secure_password_last_controller'] == 'Devise::SessionsController'
|
19
|
-
end
|
20
|
-
|
21
|
-
# Prevent infinite loops and allow specified controllers to bypass.
|
22
|
-
# @NOTE: The ability to extend this list may be made public, in the
|
23
|
-
# future if that functionality is needed.
|
24
|
-
def skip_current_controller?
|
25
|
-
exclusion_list = [
|
26
|
-
'Devise::SessionsController',
|
27
|
-
'Devise::PasswordsWithPolicyController#edit',
|
28
|
-
'Devise::PasswordsWithPolicyController#update',
|
29
|
-
'DeviseInvitable::RegistrationsController#edit',
|
30
|
-
'DeviseInvitable::RegistrationsController#update'
|
31
|
-
]
|
32
|
-
!(exclusion_list.include?("#{self.class.name}#" + action_name) || (exclusion_list & self.class.ancestors.map(&:to_s)).any?)
|
33
|
-
end
|
34
|
-
|
35
|
-
def error_string_for_password_expired
|
36
|
-
return 'password expired' unless warden.user.class.respond_to?(:password_maximum_age)
|
37
|
-
I18n.t(
|
38
|
-
'secure_password.password_requires_regular_updates.errors.messages.password_expired',
|
39
|
-
timeframe: distance_of_time_in_words(warden.user.class.password_maximum_age)
|
40
|
-
)
|
41
|
-
end
|
42
|
-
end
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
Binary file
|
Binary file
|