devise-security 0.12.0 → 0.16.0

data/test/test_secure_validatable.rb

@@ -1,22 +1,22 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 require 'rails_email_validator'
 
 class TestSecureValidatable < ActiveSupport::TestCase
-  class User < ActiveRecord::Base
+  class User < ApplicationRecord
     devise :database_authenticatable, :password_archivable,
            :paranoid_verification, :password_expirable, :secure_validatable
-  end
-
-  setup do
-    Devise.password_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/
+    include ::Mongoid::Mappings if DEVISE_ORM == :mongoid
   end
 
   test 'email cannot be blank' do
     msg = "Email can't be blank"
     user = User.create password: 'passWord1', password_confirmation: 'passWord1'
+
     assert_equal(false, user.valid?)
     assert_equal([msg], user.errors.full_messages)
-    assert_raises(ActiveRecord::RecordInvalid) do
+    assert_raises(ORMInvalidRecordException) do
       user.save!
     end
   end
@@ -26,49 +26,49 @@ class TestSecureValidatable < ActiveSupport::TestCase
     user = User.create email: 'bob', password: 'passWord1', password_confirmation: 'passWord1'
     assert_equal(false, user.valid?)
     assert_equal([msg], user.errors.full_messages)
-    assert_raises(ActiveRecord::RecordInvalid) do
+    assert_raises(ORMInvalidRecordException) do
       user.save!
     end
   end
 
-  test 'valid both email and password' do
-    msgs = ['Email is invalid', 'Password must contain big, small letters and digits']
-    user = User.create email: 'bob@foo.tv', password: 'password1', password_confirmation: 'password1'
+  test 'validate both email and password' do
+    msgs = ['Email is invalid', 'Password must contain at least one upper-case letter']
+    user = User.create email: 'bob@@foo.tv', password: 'password1', password_confirmation: 'password1'
     assert_equal(false, user.valid?)
     assert_equal(msgs, user.errors.full_messages)
-    assert_raises(ActiveRecord::RecordInvalid) { user.save! }
+    assert_raises(ORMInvalidRecordException) { user.save! }
   end
 
   test 'password must have capital letter' do
-    msgs = ['Email is invalid', 'Password must contain big, small letters and digits']
-    user = User.create email: 'bob@example.org', password: 'password1', password_confirmation: 'password1'
+    msgs = ['Password must contain at least one upper-case letter']
+    user = User.create email: 'bob@microsoft.com', password: 'password1', password_confirmation: 'password1'
     assert_equal(false, user.valid?)
     assert_equal(msgs, user.errors.full_messages)
-    assert_raises(ActiveRecord::RecordInvalid) { user.save! }
+    assert_raises(ORMInvalidRecordException) { user.save! }
   end
 
   test 'password must have lowercase letter' do
-    msg = 'Password must contain big, small letters and digits'
+    msg = 'Password must contain at least one lower-case letter'
     user = User.create email: 'bob@microsoft.com', password: 'PASSWORD1', password_confirmation: 'PASSWORD1'
     assert_equal(false, user.valid?)
     assert_equal([msg], user.errors.full_messages)
-    assert_raises(ActiveRecord::RecordInvalid) { user.save! }
+    assert_raises(ORMInvalidRecordException) { user.save! }
   end
 
   test 'password must have number' do
-    msg = 'Password must contain big, small letters and digits'
+    msg = 'Password must contain at least one digit'
     user = User.create email: 'bob@microsoft.com', password: 'PASSword', password_confirmation: 'PASSword'
     assert_equal(false, user.valid?)
     assert_equal([msg], user.errors.full_messages)
-    assert_raises(ActiveRecord::RecordInvalid) { user.save! }
+    assert_raises(ORMInvalidRecordException) { user.save! }
   end
 
   test 'password must have minimum length' do
-    msg = 'Password is too short (minimum is 6 characters)'
+    msg = 'Password is too short (minimum is 7 characters)'
     user = User.create email: 'bob@microsoft.com', password: 'Pa3zZ', password_confirmation: 'Pa3zZ'
     assert_equal(false, user.valid?)
     assert_equal([msg], user.errors.full_messages)
-    assert_raises(ActiveRecord::RecordInvalid) { user.save! }
+    assert_raises(ORMInvalidRecordException) { user.save! }
   end
 
   test 'duplicate email validation message is added only once' do
@@ -80,6 +80,82 @@ class TestSecureValidatable < ActiveSupport::TestCase
     SecureUser.create!(options)
     user = SecureUser.new(options)
     refute user.valid?
-    assert_equal ['Email has already been taken'], user.errors.full_messages
+    assert_equal DEVISE_ORM == :active_record ? ['Email has already been taken'] : ['Email is already taken'], user.errors.full_messages
+  end
+
+  test 'password can not equal email for new user' do
+    msg = 'Password must be different than the email.'
+    user = User.create email: 'bob@microsoft.com', password: 'bob@microsoft.com', password_confirmation: 'bob@microsoft.com'
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
+  end
+
+  test 'password can not equal case sensitive version of email for new user' do
+    msg = 'Password must be different than the email.'
+    user = User.create email: 'bob@microsoft.com', password: 'BoB@microsoft.com', password_confirmation: 'BoB@microsoft.com'
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
+  end
+
+  test 'password can not equal email with spaces for new user' do
+    msg = 'Password must be different than the email.'
+    user = User.create email: 'bob@microsoft.com', password: 'bob@microsoft.com    ', password_confirmation: 'bob@microsoft.com    '
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
+  end
+
+  test 'password can not equal case sensitive version of email with spaces for new user' do
+    msg = 'Password must be different than the email.'
+    user = User.create email: 'bob@microsoft.com', password: '  BoB@microsoft.com   ', password_confirmation: '  BoB@microsoft.com   '
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
+  end
+
+  test 'password can not equal email for existing user' do
+    user = User.create email: 'bob@microsoft.com', password: 'pAs5W0rd!Is5e6Ure', password_confirmation: 'pAs5W0rd!Is5e6Ure'
+
+    msg = 'Password must be different than the email.'
+    user.password = 'bob@microsoft.com'
+    user.password_confirmation = 'bob@microsoft.com'
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
+  end
+
+  test 'password can not equal case sensitive version of email for existing user' do
+    user = User.create email: 'bob@microsoft.com', password: 'pAs5W0rd!Is5e6Ure', password_confirmation: 'pAs5W0rd!Is5e6Ure'
+
+    msg = 'Password must be different than the email.'
+    user.password = 'BoB@microsoft.com'
+    user.password_confirmation = 'BoB@microsoft.com'
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
+  end
+
+  test 'password can not equal email with spaces for existing user' do
+    user = User.create email: 'bob@microsoft.com', password: 'pAs5W0rd!Is5e6Ure', password_confirmation: 'pAs5W0rd!Is5e6Ure'
+
+    msg = 'Password must be different than the email.'
+    user.password = 'bob@microsoft.com     '
+    user.password_confirmation = 'bob@microsoft.com     '
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
+  end
+
+  test 'password can not equal case sensitive version of email with spaces for existing user' do
+    user = User.create email: 'bob@microsoft.com', password: 'pAs5W0rd!Is5e6Ure', password_confirmation: 'pAs5W0rd!Is5e6Ure'
+
+    msg = 'Password must be different than the email.'
+    user.password = ' BoB@microsoft.com      '
+    user.password_confirmation = ' BoB@microsoft.com      '
+    refute user.valid?
+    assert_includes(user.errors.full_messages, msg)
+    assert_raises(ORMInvalidRecordException) { user.save! }
   end
 end

data/test/test_session_limitable.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class TestSessionLimitable < ActiveSupport::TestCase
+  class ModifiedUser < User
+    def skip_session_limitable?
+      true
+    end
+  end
+
+  test 'check is not skipped by default' do
+    user = User.create email: 'bob@microsoft.com', password: 'password1', password_confirmation: 'password1'
+    assert_equal(false, user.skip_session_limitable?)
+  end
+
+  test 'default check can be overridden by record instance' do
+    modified_user = ModifiedUser.create email: 'bob2@microsoft.com', password: 'password1', password_confirmation: 'password1'
+    assert_equal(true, modified_user.skip_session_limitable?)
+  end
+    
+  class SessionLimitableUser < User
+    devise :session_limitable
+    include ::Mongoid::Mappings if DEVISE_ORM == :mongoid
+  end
+
+  test 'includes Devise::Models::Compatibility' do
+    assert_kind_of(Devise::Models::Compatibility, SessionLimitableUser.new)
+  end
+
+  test '#update_unique_session_id!(value) updates valid record' do
+    user = User.create! password: 'passWord1', password_confirmation: 'passWord1', email: 'bob@microsoft.com'
+    assert user.persisted?
+    assert_nil user.unique_session_id
+    user.update_unique_session_id!('unique_value')
+    user.reload
+    assert_equal user.unique_session_id, 'unique_value'
+  end
+
+  test '#update_unique_session_id!(value) updates invalid record atomically' do
+    user = User.create! password: 'passWord1', password_confirmation: 'passWord1', email: 'bob@microsoft.com'
+    assert user.persisted?
+    user.email = ''
+    assert user.invalid?
+    assert_nil user.unique_session_id
+    user.update_unique_session_id!('unique_value')
+    user.reload
+    assert_equal user.email, 'bob@microsoft.com'
+    assert_equal user.unique_session_id, 'unique_value'
+  end
+
+  test '#update_unique_session_id!(value) raises an exception on an unpersisted record' do
+    user = User.create
+    assert !user.persisted?
+    assert_raises(Devise::Models::Compatibility::NotPersistedError) { user.update_unique_session_id!('unique_value') }
+  end
+end

data/{lib/generators/templates → test/tmp/config/initializers}/devise-security.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 Devise.setup do |config|
   # ==> Security Extension
   # Configure security extension for devise
@@ -6,16 +8,20 @@ Devise.setup do |config|
   # config.expire_password_after = false
 
   # Need 1 char of A-Z, a-z and 0-9
-  # config.password_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/
+  # config.password_complexity = { digit: 1, lower: 1, symbol: 1, upper: 1 }
 
   # How many passwords to keep in archive
   # config.password_archiving_count = 5
 
-  # Deny old password (true, false, count)
+  # Deny old passwords (true, false, number_of_old_passwords_to_check)
+  # Examples:
+  # config.deny_old_passwords = false # allow old passwords
+  # config.deny_old_passwords = true # will deny all the old passwords
+  # config.deny_old_passwords = 3 # will deny new passwords that matches with the last 3 passwords
   # config.deny_old_passwords = true
 
   # enable email validation for :secure_validatable. (true, false, validation_options)
-  # dependency: need an email validator like rails_email_validator
+  # dependency: see https://github.com/devise-security/devise-security/blob/master/README.md#e-mail-validation
   # config.email_validation = true
 
   # captcha integration for recover form
@@ -35,4 +41,7 @@ Devise.setup do |config|
 
   # Time period for account expiry from last_activity_at
   # config.expire_after = 90.days
+
+  # Allow password to equal the email
+  # config.allow_passwords_equal_to_email = false
 end

data/test/tmp/config/locales/devise.security_extension.by.yml

@@ -0,0 +1,49 @@
+by:
+  errors:
+    messages:
+      taken_in_past: 'ужо раней выкарыстоўваўся.'
+      equal_to_current_password: 'павінен адрознівацца ад сучаснага пароля.'
+      equal_to_email: 'павінна адрознівацца ад электроннай пошты.'
+      password_complexity:
+        digit:
+          one: 'павінен утрымліваць хоць адну лічбу'
+          few: 'павінен утрымліваць хоць %{count} лічбы'
+          many: 'павінен утрымліваць хоць %{count} лічбы'
+          other: 'павінен утрымліваць хоць %{count} лічбы'
+        lower:
+          one: 'павінен утрымліваць хоць адну маленькую літару'
+          few: 'павінен утрымліваць хоць %{count} малыx літары'
+          many: 'павінен утрымліваць хоць %{count} малыx літары'
+          other: 'павінен утрымліваць хоць %{count} малыx літары'
+        symbol:
+          one: 'павінен утрымліваць хоць адзін знак пунктуацыі або сімвал'
+          few: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
+          many: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
+          other: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
+        upper:
+          one: 'павінен утрымліваць хоць адну вялікую літару'
+          few: 'павінен утрымліваць хоць %{count} вялікіx літары'
+          many: 'павінен утрымліваць хоць %{count} вялікіx літары'
+          other: 'павінен утрымліваць хоць %{count} вялікіx літары'
+  devise:
+    invalid_captcha: 'Уведзены няправільны код капчы.'
+    invalid_security_question: 'Адказ на сакрэтнае пытанне быў няправільны.'
+    paranoid_verify:
+      code_required: 'Калі ласка, увядзіце код, атрыманы ад нашай каманды падтрымкі'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: 'Увод кода пацверджання'
+        verification_code: 'Код пацверджання'
+        submit: 'Адправіць'
+    password_expired:
+      updated: 'Ваш новы пароль захаваны.'
+      change_required: 'Ваш пароль састарэў. Калі ласка, усталюйце новы.'
+      show:
+        renew_your_password: 'Змена пароля'
+        current_password: 'Сучасны пароль'
+        new_password: 'Новы пароль'
+        new_password_confirmation: 'Пацвердзіце новы пароль'
+        change_my_password: 'Змяніць пароль'
+    failure:
+      session_limited: 'Вашы параметры ўваходу выкарыстоўваюцца ў іншым браўзэры. Калі ласка, аўтарызуйцеся зноў, каб працягнуць у гэтым браўзэры.'
+      expired: 'Ваш уліковы запіс састарэў з-за неактыўнасці. Калі ласка, звяжыцеся з адміністратарам.'

data/test/tmp/config/locales/devise.security_extension.cs.yml

@@ -0,0 +1,41 @@
+cs:
+  errors:
+    messages:
+      taken_in_past: bylo již použito v minulosti.
+      equal_to_current_password: se musí lišit od aktuálního hesla.
+      equal_to_email: musí být jiný než e-mail.
+      password_complexity:
+        digit:
+          one: musí obsahovat alespoň jednu číslici
+          other: musí obsahovat alespoň %{count} číslice
+        lower:
+          one: musí obsahovat alespoň jedno malé písmeno
+          other: musí obsahovat alespoň %{count} malé písmena
+        symbol:
+          one: musí obsahovat alespoň jedno interpunkční znaménko nebo symbol
+          other: musí obsahovat alespoň %{count} interpunkční znaménka nebo symboly
+        upper:
+          one: musí obsahovat alespoň jedno velké písmeno
+          other: musí obsahovat alespoň %{count} velké písmena
+  devise:
+    invalid_captcha: Chybná captcha.
+    invalid_security_question: Chybná odpověď na bezpečnostní otázku.
+    paranoid_verify:
+      code_required: Zadejte kód, který poskytla naše podpora
+    paranoid_verification_code:
+      show:
+        submit_verification_code: Odeslat ověřovací kód
+        verification_code: Ověřovací kód
+        submit: Odeslat
+    password_expired:
+      updated: Vaše nové heslo bylo uloženo.
+      change_required: Platnost Vašeho hesla vypršela. Prosím, obnovte si jej.
+      show:
+        renew_your_password: Obnovit heslo
+        current_password: Současné heslo
+        new_password: Nové heslo
+        new_password_confirmation: Potvrďte nové heslo
+        change_my_password: Změnit moje heslo
+    failure:
+      session_limited: Vaše přihlašovací údaje byly použity v jiném prohlížeči. Chcete-li pokračovat v tomto prohlížeči, znovu se přihlaste.
+      expired: Platnost Vašeho účtu vypršela z důvodu nečinnosti. Obraťte se na správce webu.

data/test/tmp/config/locales/devise.security_extension.de.yml

@@ -0,0 +1,39 @@
+de:
+  errors:
+    messages:
+      taken_in_past: 'wurde bereits in der Vergangenheit verwendet.'
+      equal_to_current_password: 'darf nicht dem aktuellen Passwort entsprechen.'
+      equal_to_email: 'darf nicht dem E-mail entsprechen.'
+      password_complexity:
+        digit:
+          one: muss mindestens eine Ziffer enthalten
+          other: muss mindestens %{count} Ziffern enthalten
+        lower:
+          one: muss mindestens einen Kleinbuchstaben enthalten
+          other: muss mindestens %{count} Kleinbuchstaben enthalten
+        symbol:
+          one: muss mindestens ein Sonderzeichen enthalten
+          other: muss mindestens %{count} Sonderzeichen enthalten
+        upper:
+          one: muss mindestens einen Großbuchstaben enthalten
+          other: muss mindestens %{count} Großbuchstaben enthalten
+  devise:
+    invalid_captcha: 'Die Captcha-Eingabe ist nicht gültig.'
+    paranoid_verify:
+      code_required: 'Bitte geben Sie den Code ein, den unser Support-Team zur Verfügung gestellt hat.'
+      show:
+        submit_verification_code: Bestätigungscode eingeben
+        verification_code: Bestätigungscode
+        submit: Bestätigen
+    password_expired:
+      updated: 'Das neue Passwort wurde übernommen.'
+      change_required: 'Ihr Passwort ist abgelaufen. Bitte vergeben Sie ein neues Passwort.'
+      show:
+        renew_your_password: Vergeben Sie ein neues Passwort
+        current_password: Aktuelles Passwort
+        new_password: Neues Passwort
+        new_password_confirmation: Passwort bestätigen
+        change_my_password: Passwort ändern
+    failure:
+      session_limited: 'Ihre Anmeldedaten wurden in einem anderen Browser genutzt. Bitte melden Sie sich erneut an, um in diesem Browser fortzufahren.'
+      expired: 'Ihr Account ist aufgrund zu langer Inaktivität abgelaufen. Bitte kontaktieren Sie den Administrator.'

data/test/tmp/config/locales/devise.security_extension.en.yml

@@ -0,0 +1,41 @@
+en:
+  errors:
+    messages:
+      taken_in_past: 'was used previously.'
+      equal_to_current_password: 'must be different than the current password.'
+      equal_to_email: 'must be different than the email.'
+      password_complexity:
+        digit:
+          one: must contain at least one digit
+          other: must contain at least %{count} numerals
+        lower:
+          one: must contain at least one lower-case letter
+          other: must contain at least %{count} lower-case letters
+        symbol:
+          one: must contain at least one punctuation mark or symbol
+          other: must contain at least %{count} punctuation marks or symbols
+        upper:
+          one: must contain at least one upper-case letter
+          other: must contain at least %{count} upper-case letters
+  devise:
+    invalid_captcha: 'The captcha input was invalid.'
+    invalid_security_question: 'The security question answer was invalid.'
+    paranoid_verify:
+      code_required: 'Please enter the code our support team provided'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: Submit verification code
+        verification_code: Verification code
+        submit: Submit
+    password_expired:
+      updated: 'Your new password is saved.'
+      change_required: 'Your password is expired. Please renew your password.'
+      show:
+        renew_your_password: Renew your password
+        current_password: Current password
+        new_password: New password
+        new_password_confirmation: Confirm new password
+        change_my_password: Change my password
+    failure:
+      session_limited: 'Your login credentials were used in another browser. Please sign in again to continue in this browser.'
+      expired: 'Your account has expired due to inactivity. Please contact the site administrator.'

data/test/tmp/config/locales/devise.security_extension.es.yml

@@ -0,0 +1,30 @@
+es:
+  errors:
+    messages:
+      taken_in_past: 'la contraseña fue usada previamente, por favor elige otra.'
+      equal_to_current_password: 'tiene que ser diferente a la contraseña actual.'
+      equal_to_email: 'tiene que ser diferente al email'
+      password_complexity:
+        digit:
+          one: tiene que contener al menos un dígito
+          other: tiene que contener al menos %{count} dígitos
+        lower:
+          one: tiene que contener al menos una minúscula
+          other: tiene que contener al menos %{count} minúsculas
+        symbol:
+          one: tiene que contener al menos un signo de puntuación
+          other: tiene que contener al menos %{count} signos de puntuación
+        upper:
+          one: tiene que contener al menos una mayúscula
+          other: tiene que contener al menos %{count} mayúsculas
+  devise:
+    invalid_captcha: 'El captcha ingresado es inválido.'
+    invalid_security_question: 'La respuesta a la pregunta de seguridad fue incorrecta.'
+    paranoid_verify:
+      code_required: 'Por favor ingrese el código provisto por nuestro equipo de soporte'
+    password_expired:
+      updated: 'Su nueva contraseña ha sido guardada.'
+      change_required: 'Su contraseña ha expirado. Por favor renueve su contraseña.'
+    failure:
+      session_limited: 'Sus credenciales de inicio de sesión fueron usadas en otro navegador. Por favor inicie sesión nuevamente para continuar en este navegador.'
+      expired: 'Su cuenta ha expirado debido a inactividad. Por favor contacte al administrador de la aplicación.'

data/test/tmp/config/locales/devise.security_extension.fa.yml

@@ -0,0 +1,41 @@
+fa:
+  errors:
+    messages:
+      taken_in_past: 'قبلا استفاده شده است'
+      equal_to_current_password: 'باید متفاوت با رمز عبور فعلی باشد'
+      equal_to_email: 'باید متفاوت از ایمیل باشد'
+      password_complexity:
+        digit:
+          one: باید حداقل یک رقم داشته باشد
+          other: باید حداقل %{count} عدد داشته باشد
+        lower:
+          one: باید حداقل شامل یک حرف کوچک باشد
+          other: باید حداقل %{count} حروف کوچک داشته باشد
+        symbol:
+          one: باید حداقل دارای یک علامت یا کارکتر خاص باشد
+          other: باید حداقل دارای %{count} علائم یا کارکتر های خاص باشد
+        upper:
+          one: باید حداقل یک حرف بزرگ داشته باشد
+          other: باید حداقل %{count} حروف بزرگ داشته باشد
+  devise:
+    invalid_captcha: 'اطلاعات وارد شده در کپچا نامعتبر بود'
+    invalid_security_question: 'پاسخ سوال امنیتی نامعتبر بود'
+    paranoid_verify:
+      code_required: 'لطفاً کدی را که تیم پشتیبانی ما ارائه کرده است وارد کنید'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: ارسال کد تاییدیه
+        verification_code: کد تاییدیه
+        submit: ارسال
+    password_expired:
+      updated: 'رمز جدید شما ذخیره شده است'
+      change_required: 'رمز عبور شما منقضی شده است ،لطفاً رمز خود را تمدید کنید'
+      show:
+        renew_your_password: ساختن رمز عبور جدید
+        current_password: رمز عبور جاری
+        new_password: رمز عبور جدید
+        new_password_confirmation: تکرار رمز جدید
+        change_my_password: تغییر رمز عبور
+    failure:
+      session_limited: 'از اطلاعات ورود شما در مرورگر دیگری استفاده شده است، برای ادامه در این مرورگر لطفاً دوباره وارد سیستم شوید'
+      expired: 'حساب شما به دلیل عدم فعالیت منقضی شده است، لطفاً با مدیر سایت تماس بگیرید.'

data/test/tmp/config/locales/devise.security_extension.fr.yml

@@ -0,0 +1,30 @@
+fr:
+  errors:
+    messages:
+      taken_in_past: a été utilisé trop récemment. Veuillez en choisir un autre
+      equal_to_current_password: doit être différent de l'actuel
+      equal_to_email: doit être différent de l'e-mail
+      password_complexity:
+        digit:
+          one: doit contenir au moins un chiffre
+          other: doit contenir au moins %{count} chiffres
+        lower:
+          one: doit contenir au moins une lettre miniscule
+          other: doit contenir au moins %{count} lettres miniscules
+        symbol:
+          one: doit contenir au moins un signe de ponctuation
+          other: doit contenir au moins %{count} signes de ponctuation
+        upper:
+          one: doit contenir au moins une lettre majuscule
+          other: doit contenir au moins %{count} lettres majuscules
+  devise:
+    invalid_captcha: Le captcha n'est pas valide
+    invalid_security_question: La réponse à la question de sécurité est invalide
+    paranoid_verify:
+      code_required: Veuillez entrer le code fourni par notre équipe de support
+    password_expired:
+      updated: Votre nouveau mot de passe est enregistré
+      change_required: Votre mot de passe a expiré. Veuillez en choisir un autre
+    failure:
+      session_limited: Vos identifiants de connexion ont été utilisés dans un autre navigateur. Veuillez vous reconnecter pour continuer dans ce navigateur
+      expired: Votre compte a expiré pour cause d'inactivité. Veuillez contacter l'administrateur du site

data/test/tmp/config/locales/devise.security_extension.hi.yml

@@ -0,0 +1,42 @@
+
+hi:
+  errors:
+    messages:
+      taken_in_past: यह पासवर्ड, आपके द्वारा पूर्व मे प्रयोग किया जा चुका है  
+      equal_to_current_password: नया पासवर्ड, वर्तमान पासवर्ड से भिन्न होना चाहिए 
+      equal_to_email: ईमेल से अलग होना चाहिए
+      password_complexity:
+        digit:
+          one: एक अंक होना चाहिए 
+          other: कम से कम %{count} अंक होने चाहिए  
+        lower:
+          one: एक लोअर-केस अक्षर होना चाहिए 
+          other: कम से कम %{count} अक्षर होने चाहिए  
+        symbol:
+          one: एक चिन्ह होना चाहिए 
+          other: कम से कम %{count} चिन्ह होने चाहिए  
+        upper:
+          one: एक अपर-केस अक्षर होना चाहिए 
+          other: कम से कम %{count} अपर-केस अक्षर होने चाहिए  
+  devise:
+    invalid_captcha: अमान्य कॅप्टचा
+    invalid_security_question: अमान्य सुरक्षा उत्तर
+    paranoid_verify:
+      code_required: सपोर्ट टीम द्वारा दिया गया कोड डाले 
+    paranoid_verification_code:
+      show:
+        submit_verification_code: वेरिफिकेशन कोड डाले 
+        verification_code: वेरिफिकेशन कोड 
+        submit: सबमिट 
+    password_expired:
+      updated: पासवर्ड अद्यतन किया गया
+      change_required: पासवर्ड अमान्य हो चुका, पासवर्ड बदले 
+      show:
+        renew_your_password: पासवर्ड बदले 
+        current_password: वर्तमान पासवर्ड
+        new_password: नया पासवर्ड 
+        new_password_confirmation: नए पासवर्ड की पुष्टि करें 
+        change_my_password: पासवर्ड बदले 
+    failure:
+      session_limited: जानकारी, दूसरे ब्राउज़र में उपयोग की गयी थी जारी रखने फिर से साइन-इन करे 
+      expired: कोई गतिविधि न होने के कारण खाता बंद हो गया, सिस्टम व्यवस्थापक से संपर्क करें

data/test/tmp/config/locales/devise.security_extension.it.yml

@@ -0,0 +1,41 @@
+it:
+  errors:
+    messages:
+      taken_in_past: "è stata gia' utilizzata in passato!"
+      equal_to_current_password: " deve essere differente dalla password corrente!"
+      equal_to_email: "deve essere differente dall'email"
+      password_complexity:
+        digit:
+          one: deve contenere almeno una cifra
+          other: deve contenere almeno %{count} cifre
+        lower:
+          one: deve contenere almeno una lettera minuscola
+          other: deve contenere almeno %{count} lettere minuscole
+        symbol:
+          one: deve contenere almeno un simbolo di punteggiatura o un simbolo speciale
+          other: deve contenere almeno %{count} tra simboli di punteggiatura e simboli speciali
+        upper:
+          one: deve contenere almeno una lettera maiuscola
+          other: deve contenere almeno %{count} lettere maiuscole
+  devise:
+    invalid_captcha: "Il captcha inserito non è valido!"
+    invalid_security_question: 'La risposta alla domanda di sicurezza non è valida.'
+    paranoid_verify:
+      code_required: 'Inserisci il codice fornito dal nostro team di supporto'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: Invia codice di verifica
+        verification_code: Codice di verifica
+        submit: Invia
+    password_expired:
+      updated: "La tua nuova password è stata salvata."
+      change_required: "La tua password è scaduta. Si prega di rinnovarla!"
+      show:
+        renew_your_password: Rinnova la tua password
+        current_password: Password attuale
+        new_password: Nuova password
+        new_password_confirmation: Conferma nuova password
+        change_my_password: Cambia la mia password
+    failure:
+      session_limited: "Hai effettuato l accesso in un altro browser. Fai nuovamente l accesso per connetterti in questo."
+      expired: 'Il tuo account è stato bloccato per inattività. Contatta l amministratore del sito.'