devise-security 0.11.0 → 0.11.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.rubocop.yml +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +3 -4
- data/README.md +6 -6
- data/devise-security.gemspec +12 -8
- data/lib/devise-security/controllers/helpers.rb +17 -5
- data/lib/devise-security/models/password_archivable.rb +3 -3
- data/lib/devise-security/models/password_expirable.rb +2 -2
- data/lib/devise-security/models/secure_validatable.rb +2 -2
- data/lib/devise-security/patches/confirmations_controller_captcha.rb +1 -1
- data/lib/devise-security/patches/confirmations_controller_security_question.rb +1 -2
- data/lib/devise-security/patches/controller_captcha.rb +2 -1
- data/lib/devise-security/patches/controller_security_question.rb +1 -1
- data/lib/devise-security/patches/passwords_controller_captcha.rb +1 -1
- data/lib/devise-security/patches/passwords_controller_security_question.rb +1 -2
- data/lib/devise-security/patches/registrations_controller_captcha.rb +2 -2
- data/lib/devise-security/patches/sessions_controller_captcha.rb +2 -2
- data/lib/devise-security/patches/unlocks_controller_captcha.rb +1 -1
- data/lib/devise-security/patches/unlocks_controller_security_question.rb +1 -2
- data/lib/devise-security/version.rb +1 -1
- data/lib/generators/{devise-security → devise_security}/install_generator.rb +0 -0
- data/test/test_install_generator.rb +1 -1
- data/test/test_password_expired_controller.rb +1 -1
- metadata +37 -22
- data/Gemfile.lock +0 -199
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 34e1123d37456a09b6554cde544c4e49c796447f
|
4
|
+
data.tar.gz: d3cc451de684f054e4404e9ce3d8a7a47ccc9b46
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8f5c352c7234af43ab916d1b741799460289e96c843f9d90696f7bd8c2cc7b709009fbaf35ff61e99886c646941e2c186db43988f3ed64915ea7e80e491738a9
|
7
|
+
data.tar.gz: bcfff1037167e404e0998a225115713443675adfff7c3c13fa77a75611106286c1b33654ee3ec69280db693cbc4d234fa9b209377a8d1b38bd0441888ab98df3
|
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
2.2.8
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
@@ -22,7 +22,7 @@ Configuration and database schema for each module below.
|
|
22
22
|
|
23
23
|
## Getting started
|
24
24
|
|
25
|
-
Devise Security
|
25
|
+
Devise Security works with Devise on Rails 3.2 onwards. You can add it to your Gemfile after you successfully set up Devise (see [Devise documentation](https://github.com/plataformatec/devise)) with:
|
26
26
|
|
27
27
|
```ruby
|
28
28
|
gem 'devise-security'
|
@@ -30,14 +30,14 @@ gem 'devise-security'
|
|
30
30
|
|
31
31
|
Run the bundle command to install it.
|
32
32
|
|
33
|
-
After you installed Devise Security
|
33
|
+
After you installed Devise Security you need to run the generator:
|
34
34
|
|
35
35
|
```console
|
36
|
-
rails generate
|
36
|
+
rails generate devise_security:install
|
37
37
|
```
|
38
38
|
|
39
|
-
The generator adds optional configurations to `config/initializers/devise.rb`. Enable
|
40
|
-
the modules you wish to use in the initializer you are ready to add Devise Security
|
39
|
+
The generator adds optional configurations to `config/initializers/devise-security.rb`. Enable
|
40
|
+
the modules you wish to use in the initializer you are ready to add Devise Security modules on top of Devise modules to any of your Devise models:
|
41
41
|
|
42
42
|
```ruby
|
43
43
|
devise :password_expirable, :secure_validatable, :password_archivable, :session_limitable, :expirable
|
@@ -111,7 +111,7 @@ gem 'easy_captcha'
|
|
111
111
|
```ruby
|
112
112
|
rails generate easy_captcha:install
|
113
113
|
```
|
114
|
-
3. Enable captcha - see "Configuration" of Devise Security
|
114
|
+
3. Enable captcha - see "Configuration" of Devise Security above.
|
115
115
|
4. Add the captcha in the generated devise views for each controller you have activated
|
116
116
|
```erb
|
117
117
|
<p><%= captcha_tag %></p>
|
data/devise-security.gemspec
CHANGED
@@ -3,7 +3,7 @@ $LOAD_PATH.unshift(File.expand_path('../lib', __FILE__))
|
|
3
3
|
require 'devise-security/version'
|
4
4
|
|
5
5
|
Gem::Specification.new do |s|
|
6
|
-
s.name
|
6
|
+
s.name = 'devise-security'
|
7
7
|
s.version = DeviseSecurity::VERSION.dup
|
8
8
|
s.platform = Gem::Platform::RUBY
|
9
9
|
s.licenses = ['MIT']
|
@@ -11,24 +11,28 @@ Gem::Specification.new do |s|
|
|
11
11
|
s.email = 'natebird@gmail.com'
|
12
12
|
s.homepage = 'https://github.com/devise-security/devise-security'
|
13
13
|
s.description = 'An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.'
|
14
|
-
s.authors = [
|
14
|
+
s.authors = [
|
15
|
+
'Marco Scholl', 'Alexander Dreher', 'Nate Bird', 'Dillon Welch'
|
16
|
+
]
|
15
17
|
|
16
18
|
s.files = `git ls-files`.split("\n")
|
17
19
|
s.test_files = `git ls-files -- test/*`.split("\n")
|
18
20
|
s.require_paths = ['lib']
|
19
|
-
s.required_ruby_version = '>= 2.
|
21
|
+
s.required_ruby_version = '>= 2.2.2'
|
20
22
|
|
21
23
|
if RUBY_VERSION >= '2.4'
|
22
24
|
s.add_runtime_dependency 'rails', '>= 4.2.8', '< 6.0'
|
23
25
|
else
|
24
26
|
s.add_runtime_dependency 'railties', '>= 3.2.6', '< 6.0'
|
25
27
|
end
|
26
|
-
s.add_runtime_dependency 'devise', '>=
|
28
|
+
s.add_runtime_dependency 'devise', '>= 4.2.0', '< 5.0'
|
29
|
+
|
27
30
|
s.add_development_dependency 'bundler', '>= 1.3.0', '< 2.0'
|
28
|
-
s.add_development_dependency '
|
29
|
-
s.add_development_dependency 'rubocop', '~> 0'
|
30
|
-
s.add_development_dependency 'minitest', '~> 5.0'
|
31
|
+
s.add_development_dependency 'coveralls', '~> 0.8'
|
31
32
|
s.add_development_dependency 'easy_captcha', '~> 0'
|
33
|
+
s.add_development_dependency 'm'
|
34
|
+
s.add_development_dependency 'minitest', '~> 5.0'
|
32
35
|
s.add_development_dependency 'rails_email_validator', '~> 0'
|
33
|
-
s.add_development_dependency '
|
36
|
+
s.add_development_dependency 'rubocop', '~> 0'
|
37
|
+
s.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.10'
|
34
38
|
end
|
@@ -21,6 +21,21 @@ module DeviseSecurity
|
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
24
|
+
def valid_captcha_or_security_question?(resource, params)
|
25
|
+
valid_captcha_if_defined?(params[:captcha]) ||
|
26
|
+
valid_security_question_answer?(resource, params[:security_question_answer])
|
27
|
+
end
|
28
|
+
|
29
|
+
def valid_captcha_if_defined?(captcha)
|
30
|
+
defined?(verify_recaptcha) && verify_recaptcha ||
|
31
|
+
defined?(valid_captcha?) && valid_captcha?(captcha)
|
32
|
+
end
|
33
|
+
|
34
|
+
def valid_security_question_answer?(resource, answer)
|
35
|
+
resource.security_question_answer.present? &&
|
36
|
+
resource.security_question_answer == answer
|
37
|
+
end
|
38
|
+
|
24
39
|
# controller instance methods
|
25
40
|
|
26
41
|
private
|
@@ -29,9 +44,9 @@ module DeviseSecurity
|
|
29
44
|
def handle_password_change
|
30
45
|
return if warden.nil?
|
31
46
|
|
32
|
-
if
|
47
|
+
if !devise_controller? && !ignore_password_expire? && !request.format.nil? && request.format.html?
|
33
48
|
Devise.mappings.keys.flatten.any? do |scope|
|
34
|
-
if signed_in?(scope)
|
49
|
+
if signed_in?(scope) && warden.session(scope)['password_expired']
|
35
50
|
# re-check to avoid infinite loop if date changed after login attempt
|
36
51
|
if send(:"current_#{scope}").try(:need_change_password?)
|
37
52
|
store_location_for(scope, request.original_fullpath) if request.get?
|
@@ -88,9 +103,6 @@ module DeviseSecurity
|
|
88
103
|
def ignore_password_expire?
|
89
104
|
false
|
90
105
|
end
|
91
|
-
|
92
|
-
|
93
106
|
end
|
94
107
|
end
|
95
|
-
|
96
108
|
end
|
@@ -11,20 +11,20 @@ module Devise
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def validate_password_archive
|
14
|
-
errors.add(:password, :taken_in_past) if encrypted_password_changed?
|
14
|
+
errors.add(:password, :taken_in_past) if encrypted_password_changed? && password_archive_included?
|
15
15
|
end
|
16
16
|
|
17
17
|
# validate is the password used in the past
|
18
18
|
def password_archive_included?
|
19
19
|
unless deny_old_passwords.is_a? 1.class
|
20
|
-
if deny_old_passwords.is_a?
|
20
|
+
if deny_old_passwords.is_a?(TrueClass) && archive_count > 0
|
21
21
|
self.deny_old_passwords = archive_count
|
22
22
|
else
|
23
23
|
self.deny_old_passwords = 0
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
27
|
-
if self.class.deny_old_passwords > 0
|
27
|
+
if self.class.deny_old_passwords > 0 && !self.password.nil?
|
28
28
|
old_passwords_including_cur_change = self.old_passwords.order(:id).reverse_order.limit(self.class.deny_old_passwords).to_a
|
29
29
|
old_passwords_including_cur_change << OldPassword.new(old_password_params) # include most recent change in list, but don't save it yet!
|
30
30
|
old_passwords_including_cur_change.each do |old_password|
|
@@ -14,7 +14,7 @@ module Devise
|
|
14
14
|
# is an password change required?
|
15
15
|
def need_change_password?
|
16
16
|
if expired_password_after_numeric?
|
17
|
-
self.password_changed_at.nil?
|
17
|
+
self.password_changed_at.nil? || self.password_changed_at < self.expire_password_after.seconds.ago
|
18
18
|
else
|
19
19
|
false
|
20
20
|
end
|
@@ -48,7 +48,7 @@ module Devise
|
|
48
48
|
|
49
49
|
# is password changed then update password_cahanged_at
|
50
50
|
def update_password_changed
|
51
|
-
self.password_changed_at = Time.now if (self.new_record?
|
51
|
+
self.password_changed_at = Time.now if (self.new_record? || self.encrypted_password_changed?) && !self.password_changed_at_changed?
|
52
52
|
end
|
53
53
|
|
54
54
|
def expired_password_after_numeric?
|
@@ -55,10 +55,10 @@ module Devise
|
|
55
55
|
end
|
56
56
|
|
57
57
|
def current_equal_password_validation
|
58
|
-
if
|
58
|
+
if !self.new_record? && !self.encrypted_password_change.nil?
|
59
59
|
dummy = self.class.new
|
60
60
|
dummy.encrypted_password = self.encrypted_password_change.first
|
61
|
-
dummy.password_salt = self.password_salt_change.first if self.respond_to?
|
61
|
+
dummy.password_salt = self.password_salt_change.first if self.respond_to?(:password_salt_change) && !self.password_salt_change.nil?
|
62
62
|
self.errors.add(:password, :equal_to_current_password) if dummy.valid_password?(self.password)
|
63
63
|
end
|
64
64
|
end
|
@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
|
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
included do
|
5
5
|
define_method :create do
|
6
|
-
if
|
6
|
+
if valid_captcha_if_defined?(params[:captcha])
|
7
7
|
self.resource = resource_class.send_confirmation_instructions(params[resource_name])
|
8
8
|
|
9
9
|
if successfully_sent?(resource)
|
@@ -6,8 +6,7 @@ module DeviseSecurity::Patches
|
|
6
6
|
# only find via email, not login
|
7
7
|
resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
|
8
8
|
|
9
|
-
if
|
10
|
-
(resource.security_question_answer.present? and resource.security_question_answer == params[:security_question_answer])
|
9
|
+
if valid_captcha_or_security_question?(resource, params)
|
11
10
|
self.resource = resource_class.send_confirmation_instructions(params[resource_name])
|
12
11
|
|
13
12
|
if successfully_sent?(resource)
|
@@ -7,8 +7,9 @@ module DeviseSecurity::Patches
|
|
7
7
|
end
|
8
8
|
|
9
9
|
private
|
10
|
+
|
10
11
|
def check_captcha
|
11
|
-
return if
|
12
|
+
return if valid_captcha_if_defined?(params[:captcha])
|
12
13
|
|
13
14
|
flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
|
14
15
|
respond_with({}, location: url_for(action: :new))
|
@@ -10,7 +10,7 @@ module DeviseSecurity::Patches
|
|
10
10
|
def check_security_question
|
11
11
|
# only find via email, not login
|
12
12
|
resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
|
13
|
-
return if (resource
|
13
|
+
return if valid_security_question_answer?(resource, params[:security_question_answer])
|
14
14
|
|
15
15
|
flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
|
16
16
|
respond_with({}, location: url_for(action: :new))
|
@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
|
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
included do
|
5
5
|
define_method :create do
|
6
|
-
if
|
6
|
+
if valid_captcha_if_defined?(params[:captcha])
|
7
7
|
self.resource = resource_class.send_reset_password_instructions(params[resource_name])
|
8
8
|
if successfully_sent?(resource)
|
9
9
|
respond_with({}, :location => new_session_path(resource_name))
|
@@ -6,8 +6,7 @@ module DeviseSecurity::Patches
|
|
6
6
|
# only find via email, not login
|
7
7
|
resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
|
8
8
|
|
9
|
-
if
|
10
|
-
(resource.security_question_answer.present? and resource.security_question_answer == params[:security_question_answer])
|
9
|
+
if valid_captcha_or_security_question?(resource, params)
|
11
10
|
self.resource = resource_class.send_reset_password_instructions(params[resource_name])
|
12
11
|
if successfully_sent?(resource)
|
13
12
|
respond_with({}, :location => new_session_path(resource_name))
|
@@ -5,7 +5,7 @@ module DeviseSecurity::Patches
|
|
5
5
|
define_method :create do |&block|
|
6
6
|
build_resource(sign_up_params)
|
7
7
|
|
8
|
-
if
|
8
|
+
if valid_captcha_if_defined?(params[:captcha])
|
9
9
|
if resource.save
|
10
10
|
block.call(resource) if block
|
11
11
|
if resource.active_for_authentication?
|
@@ -21,7 +21,7 @@ module DeviseSecurity::Patches
|
|
21
21
|
clean_up_passwords resource
|
22
22
|
respond_with resource
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
else
|
26
26
|
resource.errors.add :base, t('devise.invalid_captcha')
|
27
27
|
clean_up_passwords resource
|
@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
|
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
included do
|
5
5
|
define_method :create do |&block|
|
6
|
-
if
|
6
|
+
if valid_captcha_if_defined?(params[:captcha])
|
7
7
|
self.resource = warden.authenticate!(auth_options)
|
8
8
|
set_flash_message(:notice, :signed_in) if is_flashing_format?
|
9
9
|
sign_in(resource_name, resource)
|
@@ -14,7 +14,7 @@ module DeviseSecurity::Patches
|
|
14
14
|
respond_with({}, :location => new_session_path(resource_name))
|
15
15
|
end
|
16
16
|
end
|
17
|
-
|
17
|
+
|
18
18
|
# for bad protected use in controller
|
19
19
|
define_method :auth_options do
|
20
20
|
{ :scope => resource_name, :recall => "#{controller_path}#new" }
|
@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
|
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
included do
|
5
5
|
define_method :create do
|
6
|
-
if
|
6
|
+
if valid_captcha_if_defined?(params[:captcha])
|
7
7
|
self.resource = resource_class.send_unlock_instructions(params[resource_name])
|
8
8
|
if successfully_sent?(resource)
|
9
9
|
respond_with({}, :location => new_session_path(resource_name))
|
@@ -6,8 +6,7 @@ module DeviseSecurity::Patches
|
|
6
6
|
# only find via email, not login
|
7
7
|
resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
|
8
8
|
|
9
|
-
if
|
10
|
-
(resource.security_question_answer.present? and resource.security_question_answer == params[:security_question_answer])
|
9
|
+
if valid_captcha_or_security_question?(resource, params)
|
11
10
|
self.resource = resource_class.send_unlock_instructions(params[resource_name])
|
12
11
|
if successfully_sent?(resource)
|
13
12
|
respond_with({}, :location => new_session_path(resource_name))
|
File without changes
|
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
require 'rails/generators/test_case'
|
3
|
-
require 'generators/
|
3
|
+
require 'generators/devise_security/install_generator'
|
4
4
|
|
5
5
|
class TestInstallGenerator < Rails::Generators::TestCase
|
6
6
|
tests DeviseSecurity::Generators::InstallGenerator
|
@@ -6,7 +6,7 @@ class Devise::PasswordExpiredControllerTest < ActionController::TestCase
|
|
6
6
|
setup do
|
7
7
|
@request.env["devise.mapping"] = Devise.mappings[:user]
|
8
8
|
@user = User.create(username: 'hello', email: 'hello@path.travel',
|
9
|
-
password: '1234', password_changed_at:
|
9
|
+
password: '1234', password_changed_at: 4.months.ago)
|
10
10
|
|
11
11
|
sign_in(@user)
|
12
12
|
end
|
metadata
CHANGED
@@ -1,16 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise-security
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.11.
|
4
|
+
version: 0.11.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Marco Scholl
|
8
8
|
- Alexander Dreher
|
9
9
|
- Nate Bird
|
10
|
+
- Dillon Welch
|
10
11
|
autorequire:
|
11
12
|
bindir: bin
|
12
13
|
cert_chain: []
|
13
|
-
date:
|
14
|
+
date: 2018-01-30 00:00:00.000000000 Z
|
14
15
|
dependencies:
|
15
16
|
- !ruby/object:Gem::Dependency
|
16
17
|
name: railties
|
@@ -38,7 +39,7 @@ dependencies:
|
|
38
39
|
requirements:
|
39
40
|
- - ">="
|
40
41
|
- !ruby/object:Gem::Version
|
41
|
-
version:
|
42
|
+
version: 4.2.0
|
42
43
|
- - "<"
|
43
44
|
- !ruby/object:Gem::Version
|
44
45
|
version: '5.0'
|
@@ -48,7 +49,7 @@ dependencies:
|
|
48
49
|
requirements:
|
49
50
|
- - ">="
|
50
51
|
- !ruby/object:Gem::Version
|
51
|
-
version:
|
52
|
+
version: 4.2.0
|
52
53
|
- - "<"
|
53
54
|
- !ruby/object:Gem::Version
|
54
55
|
version: '5.0'
|
@@ -73,27 +74,21 @@ dependencies:
|
|
73
74
|
- !ruby/object:Gem::Version
|
74
75
|
version: '2.0'
|
75
76
|
- !ruby/object:Gem::Dependency
|
76
|
-
name:
|
77
|
+
name: coveralls
|
77
78
|
requirement: !ruby/object:Gem::Requirement
|
78
79
|
requirements:
|
79
80
|
- - "~>"
|
80
81
|
- !ruby/object:Gem::Version
|
81
|
-
version: '
|
82
|
-
- - ">="
|
83
|
-
- !ruby/object:Gem::Version
|
84
|
-
version: 1.3.10
|
82
|
+
version: '0.8'
|
85
83
|
type: :development
|
86
84
|
prerelease: false
|
87
85
|
version_requirements: !ruby/object:Gem::Requirement
|
88
86
|
requirements:
|
89
87
|
- - "~>"
|
90
88
|
- !ruby/object:Gem::Version
|
91
|
-
version: '
|
92
|
-
- - ">="
|
93
|
-
- !ruby/object:Gem::Version
|
94
|
-
version: 1.3.10
|
89
|
+
version: '0.8'
|
95
90
|
- !ruby/object:Gem::Dependency
|
96
|
-
name:
|
91
|
+
name: easy_captcha
|
97
92
|
requirement: !ruby/object:Gem::Requirement
|
98
93
|
requirements:
|
99
94
|
- - "~>"
|
@@ -106,6 +101,20 @@ dependencies:
|
|
106
101
|
- - "~>"
|
107
102
|
- !ruby/object:Gem::Version
|
108
103
|
version: '0'
|
104
|
+
- !ruby/object:Gem::Dependency
|
105
|
+
name: m
|
106
|
+
requirement: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
type: :development
|
112
|
+
prerelease: false
|
113
|
+
version_requirements: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - ">="
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0'
|
109
118
|
- !ruby/object:Gem::Dependency
|
110
119
|
name: minitest
|
111
120
|
requirement: !ruby/object:Gem::Requirement
|
@@ -121,7 +130,7 @@ dependencies:
|
|
121
130
|
- !ruby/object:Gem::Version
|
122
131
|
version: '5.0'
|
123
132
|
- !ruby/object:Gem::Dependency
|
124
|
-
name:
|
133
|
+
name: rails_email_validator
|
125
134
|
requirement: !ruby/object:Gem::Requirement
|
126
135
|
requirements:
|
127
136
|
- - "~>"
|
@@ -135,7 +144,7 @@ dependencies:
|
|
135
144
|
- !ruby/object:Gem::Version
|
136
145
|
version: '0'
|
137
146
|
- !ruby/object:Gem::Dependency
|
138
|
-
name:
|
147
|
+
name: rubocop
|
139
148
|
requirement: !ruby/object:Gem::Requirement
|
140
149
|
requirements:
|
141
150
|
- - "~>"
|
@@ -149,19 +158,25 @@ dependencies:
|
|
149
158
|
- !ruby/object:Gem::Version
|
150
159
|
version: '0'
|
151
160
|
- !ruby/object:Gem::Dependency
|
152
|
-
name:
|
161
|
+
name: sqlite3
|
153
162
|
requirement: !ruby/object:Gem::Requirement
|
154
163
|
requirements:
|
155
164
|
- - "~>"
|
156
165
|
- !ruby/object:Gem::Version
|
157
|
-
version: '
|
166
|
+
version: '1.3'
|
167
|
+
- - ">="
|
168
|
+
- !ruby/object:Gem::Version
|
169
|
+
version: 1.3.10
|
158
170
|
type: :development
|
159
171
|
prerelease: false
|
160
172
|
version_requirements: !ruby/object:Gem::Requirement
|
161
173
|
requirements:
|
162
174
|
- - "~>"
|
163
175
|
- !ruby/object:Gem::Version
|
164
|
-
version: '
|
176
|
+
version: '1.3'
|
177
|
+
- - ">="
|
178
|
+
- !ruby/object:Gem::Version
|
179
|
+
version: 1.3.10
|
165
180
|
description: An enterprise security extension for devise, trying to meet industrial
|
166
181
|
standard security demands for web applications.
|
167
182
|
email: natebird@gmail.com
|
@@ -172,9 +187,9 @@ files:
|
|
172
187
|
- ".document"
|
173
188
|
- ".gitignore"
|
174
189
|
- ".rubocop.yml"
|
190
|
+
- ".ruby-version"
|
175
191
|
- ".travis.yml"
|
176
192
|
- Gemfile
|
177
|
-
- Gemfile.lock
|
178
193
|
- LICENSE.txt
|
179
194
|
- README.md
|
180
195
|
- Rakefile
|
@@ -218,7 +233,7 @@ files:
|
|
218
233
|
- lib/devise-security/routes.rb
|
219
234
|
- lib/devise-security/schema.rb
|
220
235
|
- lib/devise-security/version.rb
|
221
|
-
- lib/generators/
|
236
|
+
- lib/generators/devise_security/install_generator.rb
|
222
237
|
- lib/generators/templates/devise-security.rb
|
223
238
|
- test/dummy/Rakefile
|
224
239
|
- test/dummy/app/controllers/application_controller.rb
|
@@ -266,7 +281,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
266
281
|
requirements:
|
267
282
|
- - ">="
|
268
283
|
- !ruby/object:Gem::Version
|
269
|
-
version: 2.
|
284
|
+
version: 2.2.2
|
270
285
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
271
286
|
requirements:
|
272
287
|
- - ">="
|
data/Gemfile.lock
DELETED
@@ -1,199 +0,0 @@
|
|
1
|
-
PATH
|
2
|
-
remote: .
|
3
|
-
specs:
|
4
|
-
devise-security (0.11.0)
|
5
|
-
devise (>= 3.0.0, < 5.0)
|
6
|
-
railties (>= 3.2.6, < 6.0)
|
7
|
-
|
8
|
-
GEM
|
9
|
-
remote: https://rubygems.org/
|
10
|
-
specs:
|
11
|
-
actioncable (5.1.3)
|
12
|
-
actionpack (= 5.1.3)
|
13
|
-
nio4r (~> 2.0)
|
14
|
-
websocket-driver (~> 0.6.1)
|
15
|
-
actionmailer (5.1.3)
|
16
|
-
actionpack (= 5.1.3)
|
17
|
-
actionview (= 5.1.3)
|
18
|
-
activejob (= 5.1.3)
|
19
|
-
mail (~> 2.5, >= 2.5.4)
|
20
|
-
rails-dom-testing (~> 2.0)
|
21
|
-
actionpack (5.1.3)
|
22
|
-
actionview (= 5.1.3)
|
23
|
-
activesupport (= 5.1.3)
|
24
|
-
rack (~> 2.0)
|
25
|
-
rack-test (~> 0.6.3)
|
26
|
-
rails-dom-testing (~> 2.0)
|
27
|
-
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
28
|
-
actionview (5.1.3)
|
29
|
-
activesupport (= 5.1.3)
|
30
|
-
builder (~> 3.1)
|
31
|
-
erubi (~> 1.4)
|
32
|
-
rails-dom-testing (~> 2.0)
|
33
|
-
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
34
|
-
activejob (5.1.3)
|
35
|
-
activesupport (= 5.1.3)
|
36
|
-
globalid (>= 0.3.6)
|
37
|
-
activemodel (5.1.3)
|
38
|
-
activesupport (= 5.1.3)
|
39
|
-
activerecord (5.1.3)
|
40
|
-
activemodel (= 5.1.3)
|
41
|
-
activesupport (= 5.1.3)
|
42
|
-
arel (~> 8.0)
|
43
|
-
activesupport (5.1.3)
|
44
|
-
concurrent-ruby (~> 1.0, >= 1.0.2)
|
45
|
-
i18n (~> 0.7)
|
46
|
-
minitest (~> 5.1)
|
47
|
-
tzinfo (~> 1.1)
|
48
|
-
arel (8.0.0)
|
49
|
-
ast (2.3.0)
|
50
|
-
bcrypt (3.1.11)
|
51
|
-
builder (3.2.3)
|
52
|
-
concurrent-ruby (1.0.5)
|
53
|
-
coveralls (0.8.21)
|
54
|
-
json (>= 1.8, < 3)
|
55
|
-
simplecov (~> 0.14.1)
|
56
|
-
term-ansicolor (~> 1.3)
|
57
|
-
thor (~> 0.19.4)
|
58
|
-
tins (~> 1.6)
|
59
|
-
devise (4.3.0)
|
60
|
-
bcrypt (~> 3.0)
|
61
|
-
orm_adapter (~> 0.1)
|
62
|
-
railties (>= 4.1.0, < 5.2)
|
63
|
-
responders
|
64
|
-
warden (~> 1.2.3)
|
65
|
-
diff-lcs (1.3)
|
66
|
-
docile (1.1.5)
|
67
|
-
easy_captcha (0.6.5)
|
68
|
-
bundler (>= 1.1.0)
|
69
|
-
rails (>= 3.0.0)
|
70
|
-
rmagick (>= 2.13.1)
|
71
|
-
rspec-rails (>= 2.8.1)
|
72
|
-
simplecov (>= 0.3.8)
|
73
|
-
yard (>= 0.7.0)
|
74
|
-
erubi (1.6.1)
|
75
|
-
globalid (0.4.0)
|
76
|
-
activesupport (>= 4.2.0)
|
77
|
-
i18n (0.8.6)
|
78
|
-
json (2.1.0)
|
79
|
-
loofah (2.0.3)
|
80
|
-
nokogiri (>= 1.5.9)
|
81
|
-
mail (2.6.6)
|
82
|
-
mime-types (>= 1.16, < 4)
|
83
|
-
method_source (0.8.2)
|
84
|
-
mime-types (3.1)
|
85
|
-
mime-types-data (~> 3.2015)
|
86
|
-
mime-types-data (3.2016.0521)
|
87
|
-
mini_portile2 (2.2.0)
|
88
|
-
minitest (5.10.3)
|
89
|
-
nio4r (2.1.0)
|
90
|
-
nokogiri (1.8.0)
|
91
|
-
mini_portile2 (~> 2.2.0)
|
92
|
-
orm_adapter (0.5.0)
|
93
|
-
parallel (1.12.0)
|
94
|
-
parser (2.4.0.0)
|
95
|
-
ast (~> 2.2)
|
96
|
-
powerpack (0.1.1)
|
97
|
-
rack (2.0.3)
|
98
|
-
rack-test (0.6.3)
|
99
|
-
rack (>= 1.0)
|
100
|
-
rails (5.1.3)
|
101
|
-
actioncable (= 5.1.3)
|
102
|
-
actionmailer (= 5.1.3)
|
103
|
-
actionpack (= 5.1.3)
|
104
|
-
actionview (= 5.1.3)
|
105
|
-
activejob (= 5.1.3)
|
106
|
-
activemodel (= 5.1.3)
|
107
|
-
activerecord (= 5.1.3)
|
108
|
-
activesupport (= 5.1.3)
|
109
|
-
bundler (>= 1.3.0)
|
110
|
-
railties (= 5.1.3)
|
111
|
-
sprockets-rails (>= 2.0.0)
|
112
|
-
rails-dom-testing (2.0.3)
|
113
|
-
activesupport (>= 4.2.0)
|
114
|
-
nokogiri (>= 1.6)
|
115
|
-
rails-html-sanitizer (1.0.3)
|
116
|
-
loofah (~> 2.0)
|
117
|
-
rails_email_validator (0.1.4)
|
118
|
-
activemodel (>= 3.0.0)
|
119
|
-
railties (5.1.3)
|
120
|
-
actionpack (= 5.1.3)
|
121
|
-
activesupport (= 5.1.3)
|
122
|
-
method_source
|
123
|
-
rake (>= 0.8.7)
|
124
|
-
thor (>= 0.18.1, < 2.0)
|
125
|
-
rainbow (2.2.2)
|
126
|
-
rake
|
127
|
-
rake (12.0.0)
|
128
|
-
responders (2.4.0)
|
129
|
-
actionpack (>= 4.2.0, < 5.3)
|
130
|
-
railties (>= 4.2.0, < 5.3)
|
131
|
-
rmagick (2.16.0)
|
132
|
-
rspec-core (3.6.0)
|
133
|
-
rspec-support (~> 3.6.0)
|
134
|
-
rspec-expectations (3.6.0)
|
135
|
-
diff-lcs (>= 1.2.0, < 2.0)
|
136
|
-
rspec-support (~> 3.6.0)
|
137
|
-
rspec-mocks (3.6.0)
|
138
|
-
diff-lcs (>= 1.2.0, < 2.0)
|
139
|
-
rspec-support (~> 3.6.0)
|
140
|
-
rspec-rails (3.6.1)
|
141
|
-
actionpack (>= 3.0)
|
142
|
-
activesupport (>= 3.0)
|
143
|
-
railties (>= 3.0)
|
144
|
-
rspec-core (~> 3.6.0)
|
145
|
-
rspec-expectations (~> 3.6.0)
|
146
|
-
rspec-mocks (~> 3.6.0)
|
147
|
-
rspec-support (~> 3.6.0)
|
148
|
-
rspec-support (3.6.0)
|
149
|
-
rubocop (0.49.1)
|
150
|
-
parallel (~> 1.10)
|
151
|
-
parser (>= 2.3.3.1, < 3.0)
|
152
|
-
powerpack (~> 0.1)
|
153
|
-
rainbow (>= 1.99.1, < 3.0)
|
154
|
-
ruby-progressbar (~> 1.7)
|
155
|
-
unicode-display_width (~> 1.0, >= 1.0.1)
|
156
|
-
ruby-progressbar (1.8.1)
|
157
|
-
simplecov (0.14.1)
|
158
|
-
docile (~> 1.1.0)
|
159
|
-
json (>= 1.8, < 3)
|
160
|
-
simplecov-html (~> 0.10.0)
|
161
|
-
simplecov-html (0.10.2)
|
162
|
-
sprockets (3.7.1)
|
163
|
-
concurrent-ruby (~> 1.0)
|
164
|
-
rack (> 1, < 3)
|
165
|
-
sprockets-rails (3.2.0)
|
166
|
-
actionpack (>= 4.0)
|
167
|
-
activesupport (>= 4.0)
|
168
|
-
sprockets (>= 3.0.0)
|
169
|
-
sqlite3 (1.3.13)
|
170
|
-
term-ansicolor (1.6.0)
|
171
|
-
tins (~> 1.0)
|
172
|
-
thor (0.19.4)
|
173
|
-
thread_safe (0.3.6)
|
174
|
-
tins (1.15.0)
|
175
|
-
tzinfo (1.2.3)
|
176
|
-
thread_safe (~> 0.1)
|
177
|
-
unicode-display_width (1.3.0)
|
178
|
-
warden (1.2.7)
|
179
|
-
rack (>= 1.0)
|
180
|
-
websocket-driver (0.6.5)
|
181
|
-
websocket-extensions (>= 0.1.0)
|
182
|
-
websocket-extensions (0.1.2)
|
183
|
-
yard (0.9.9)
|
184
|
-
|
185
|
-
PLATFORMS
|
186
|
-
ruby
|
187
|
-
|
188
|
-
DEPENDENCIES
|
189
|
-
bundler (>= 1.3.0, < 2.0)
|
190
|
-
coveralls (~> 0.8)
|
191
|
-
devise-security!
|
192
|
-
easy_captcha (~> 0)
|
193
|
-
minitest (~> 5.0)
|
194
|
-
rails_email_validator (~> 0)
|
195
|
-
rubocop (~> 0)
|
196
|
-
sqlite3 (~> 1.3, >= 1.3.10)
|
197
|
-
|
198
|
-
BUNDLED WITH
|
199
|
-
1.15.3
|