devise-security 0.12.0 → 0.16.0

data/.rubocop.yml

@@ -1,63 +0,0 @@
-AllCops:
-  TargetRubyVersion: 2.3
-  Include:
-    - '**/Rakefile'
-    - '**/config.ru'
-    - 'lib/tasks/**/*'
-  Exclude:
-    - Gemfile*
-    - 'db/**/*'
-    - 'config/**/*'
-    - 'bin/**/*'
-    - 'vendor/bundle/**/*'
-    - 'spec/support/**/*' # rspec support helpers have a strange api
-
-Rails:
-  Enabled: true
-
-# We don't care about method length, since we check method cyclomatic
-# complexity.
-Metrics/MethodLength:
-  Enabled: false
-
-Metrics/LineLength:
-  Max: 100
-
-Naming/FileName:
-  Exclude: ["devise-security.gemspec"]
-
-Style/ClassAndModuleChildren:
-  EnforcedStyle: compact
-  SupportedStyles:
-    - nested
-    - compact
-
-Style/HashSyntax:
-  EnforcedStyle: ruby19
-
-Style/SymbolArray:
-  EnforcedStyle: brackets
-
-# Trailing commas make for clearer diffs because the last line won't appear
-# to have been changed, as it would if it lacked a comma and had one added.
-Style/TrailingCommaInArrayLiteral:
-  EnforcedStyleForMultiline: comma
-Style/TrailingCommaInHashLiteral:
-  EnforcedStyleForMultiline: comma
-Style/TrailingCommaInArguments:
-  EnforcedStyleForMultiline: comma
-
-# Cop supports --auto-correct.
-# Configuration parameters: PreferredDelimiters.
-Style/PercentLiteralDelimiters:
-  PreferredDelimiters:
-    # Using `[]` for string arrays instead of `()`, since normal arrays are
-    # indicated with `[]` not `()`.
-    '%w': '[]'
-    '%W': '[]'
-
-Style/AndOr:
-  # Whether `and` and `or` are banned only in conditionals (conditionals)
-  # or completely (always).
-  # They read better, more like normal English.
-  Enabled: false

data/.ruby-version

@@ -1 +0,0 @@
-2.2.9

data/.travis.yml

@@ -1,25 +0,0 @@
-language: ruby
-before_install: gem install bundler && bundler -v
-install: bundle install --jobs=3 --retry=3
-before_script: bundle install
-script: bundle exec rake
-rvm:
-  - 2.2.9
-  - 2.3.6
-  - 2.4.3
-  - 2.5.0
-  - ruby-head
-matrix:
-  allow_failures:
-    - rvm: ruby-head
-    - gemfile: gemfiles/rails_5.2_rc1.gemfile
-    - rvm: 2.4.3
-      gemfile: gemfiles/rails_4.1_stable.gemfile
-    - rvm: 2.5.0
-      gemfile: gemfiles/rails_4.1_stable.gemfile
-gemfile:
-  - gemfiles/rails_4.1_stable.gemfile
-  - gemfiles/rails_4.2_stable.gemfile
-  - gemfiles/rails_5.0_stable.gemfile
-  - gemfiles/rails_5.1_stable.gemfile
-  - gemfiles/rails_5.2_rc1.gemfile

data/Appraisals

@@ -1,19 +0,0 @@
-appraise 'rails-4.1-stable' do
-  gem 'rails', '~> 4.1.0'
-end
-
-appraise 'rails-4.2-stable' do
-  gem 'rails', '~> 4.2.0'
-end
-
-appraise 'rails-5.0-stable' do
-  gem 'rails', '~> 5.0.0'
-end
-
-appraise 'rails-5.1-stable' do
-  gem 'rails', '~> 5.1.0'
-end
-
-appraise 'rails-5.2-rc1' do
-  gem 'rails', '~> 5.2.0.rc1'
-end

data/Gemfile

@@ -1,3 +0,0 @@
-source "https://rubygems.org"
-gemspec
-gem 'omniauth'

data/Rakefile

@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-
-$LOAD_PATH.unshift File.join(File.dirname(__FILE__), 'lib')
-require 'rubygems'
-require 'bundler'
-require 'rake/testtask'
-require 'rdoc/task'
-require 'devise-security/version'
-
-desc 'Default: Run DeviseSecurity unit tests'
-task default: :test
-
-Rake::TestTask.new(:test) do |t|
-  t.libs << 'lib'
-  t.libs << 'test'
-  t.test_files = FileList['test/*test*.rb']
-  t.verbose = true
-  t.warning = false
-end
-
-Rake::RDocTask.new do |rdoc|
-  version = DeviseSecurity::VERSION.dup
-
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "devise-security #{version}"
-  rdoc.rdoc_files.include('README*')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end

data/devise-security.gemspec

@@ -1,44 +0,0 @@
-# -*- encoding: utf-8 -*-
-# frozen_string_literal: true
-
-$LOAD_PATH.push File.expand_path('../lib', __FILE__)
-require 'devise-security/version'
-
-Gem::Specification.new do |s|
-  s.name        = 'devise-security'
-  s.version     = DeviseSecurity::VERSION.dup
-  s.platform    = Gem::Platform::RUBY
-  s.licenses    = ['MIT']
-  s.summary     = 'Security extension for devise'
-  s.email       = 'natebird@gmail.com'
-  s.homepage    = 'https://github.com/devise-security/devise-security'
-  s.description = 'An enterprise security extension for devise.'
-  s.authors     = [
-    'Marco Scholl', 'Alexander Dreher', 'Nate Bird', 'Dillon Welch'
-  ]
-
-  s.files         = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- test/*`.split("\n")
-  s.require_paths = ['lib']
-  s.required_ruby_version = '>= 2.2.9'
-
-  if RUBY_VERSION >= '2.4'
-    s.add_runtime_dependency 'rails', '>= 4.1.0', '< 6.0'
-  else
-    s.add_runtime_dependency 'railties', '>= 4.1.0', '< 6.0'
-  end
-  s.add_runtime_dependency 'devise', '>= 4.2.0', '< 5.0'
-
-  s.add_development_dependency 'appraisal'
-  s.add_development_dependency 'bundler', '>= 1.3.0', '< 2.0'
-  s.add_development_dependency 'coveralls', '~> 0.8'
-  s.add_development_dependency 'easy_captcha', '~> 0'
-  s.add_development_dependency 'm'
-  s.add_development_dependency 'minitest', '5.10.3' # see https://github.com/seattlerb/minitest/issues/730
-  s.add_development_dependency 'pry-byebug'
-  s.add_development_dependency 'pry-rescue'
-  s.add_development_dependency 'pry'
-  s.add_development_dependency 'rails_email_validator', '~> 0'
-  s.add_development_dependency 'rubocop', '~> 0'
-  s.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.10'
-end

data/gemfiles/rails_4.1_stable.gemfile

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "omniauth"
-gem "rails", "~> 4.1.0"
-
-gemspec path: "../"

data/gemfiles/rails_4.2_stable.gemfile

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "omniauth"
-gem "rails", "~> 4.2.0"
-
-gemspec path: "../"

data/gemfiles/rails_5.0_stable.gemfile

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "omniauth"
-gem "rails", "~> 5.0.0"
-
-gemspec path: "../"

data/gemfiles/rails_5.1_stable.gemfile

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "omniauth"
-gem "rails", "~> 5.1.0"
-
-gemspec path: "../"

data/gemfiles/rails_5.2_rc1.gemfile

@@ -1,8 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gem "omniauth"
-gem "rails", "~> 5.2.0.rc1"
-
-gemspec path: "../"

data/lib/devise-security/models/old_password.rb

@@ -1,4 +0,0 @@
-require 'active_record'
-class OldPassword < ActiveRecord::Base
-  belongs_to :password_archivable, polymorphic: true
-end

data/lib/devise-security/orm/active_record.rb

@@ -1,18 +0,0 @@
-module DeviseSecurity
-  module Orm
-    # This module contains some helpers and handle schema (migrations):
-    #
-    #   create_table :accounts do |t|
-    #     t.password_expirable
-    #   end
-    #
-    module ActiveRecord
-      module Schema
-        include DeviseSecurity::Schema
-      end
-    end
-  end
-end
-
-ActiveRecord::ConnectionAdapters::Table.send :include, DeviseSecurity::Orm::ActiveRecord::Schema
-ActiveRecord::ConnectionAdapters::TableDefinition.send :include, DeviseSecurity::Orm::ActiveRecord::Schema

data/lib/devise-security/schema.rb

@@ -1,64 +0,0 @@
-module DeviseSecurity
-  # add schema helper for migrations
-  module Schema
-    # Add password_changed_at columns in the resource's database table.
-    #
-    # Examples
-    #
-    # # For a new resource migration:
-    # create_table :the_resources do |t|
-    #   t.password_expirable
-    # ...
-    # end
-    #
-    # # or if the resource's table already exists, define a migration and put this in:
-    # change_table :the_resources do |t|
-    #   t.datetime :password_changed_at
-    # end
-    #
-    def password_expirable
-      apply_devise_schema :password_changed_at, DateTime
-    end
-
-    # Add password_archivable columns
-    #
-    # Examples
-    #
-    # create_table :old_passwords do
-    #   t.password_archivable
-    # end
-    # add_index :old_passwords, [:password_archivable_type, :password_archivable_id], name: :index_password_archivable
-    #
-    def password_archivable
-      apply_devise_schema :encrypted_password, String, limit: 128, null: false
-      apply_devise_schema :password_salt, String
-      apply_devise_schema :password_archivable_id, Integer, null: false
-      apply_devise_schema :password_archivable_type, String, null: false
-      apply_devise_schema :created_at, DateTime
-    end
-
-    # Add session_limitable columns in the resource's database table.
-    #
-    # Examples
-    #
-    # # For a new resource migration:
-    # create_table :the_resources do |t|
-    #   t.session_limitable
-    # ...
-    # end
-    #
-    # # or if the resource's table already exists, define a migration and put this in:
-    # change_table :the_resources do |t|
-    #   t.string :unique_session_id, limit: 20
-    # end
-    #
-    def session_limitable
-      apply_devise_schema :unique_session_id, String, limit: 20
-    end
-
-    def expirable
-      apply_devise_schema :expired_at, DateTime
-      apply_devise_schema :last_activity_at, DateTime
-    end
-  end
-end

data/test/test_password_expired_controller.rb

@@ -1,44 +0,0 @@
-require 'test_helper'
-
-class Devise::PasswordExpiredControllerTest < ActionController::TestCase
-  include Devise::Test::ControllerHelpers
-
-  setup do
-    @request.env["devise.mapping"] = Devise.mappings[:user]
-    @user = User.create!(
-      username: 'hello',
-      email: 'hello@path.travel',
-      password: 'Password4',
-      password_changed_at: 4.months.ago,
-      confirmed_at: 5.months.ago
-    )
-    assert @user.valid?
-    sign_in(@user)
-  end
-
-  test 'should render show' do
-    get :show
-    assert_includes @response.body, 'Renew your password'
-  end
-
-  test 'should update password' do
-    if Rails.version < "5"
-      put :update, {
-        user: {
-          current_password: 'Password4',
-          password: 'Password5',
-          password_confirmation: 'Password5'
-        }
-      }
-    else
-      put :update, params: {
-        user: {
-          current_password: 'Password4',
-          password: 'Password5',
-          password_confirmation: 'Password5'
-        }
-      }
-    end
-    assert_redirected_to root_path
-  end
-end

data/test/test_security_question_controller.rb

@@ -1,84 +0,0 @@
-require 'test_helper'
-
-class TestWithSecurityQuestion < ActionController::TestCase
-  include Devise::Test::ControllerHelpers
-  tests SecurityQuestion::UnlocksController
-
-  setup do
-    @user = User.create(username: 'hello', email: 'hello@path.travel',
-                        password: '1234', security_question_answer: 'Right Answer')
-    @user.lock_access!
-
-    @request.env['devise.mapping'] = Devise.mappings[:security_question_user]
-  end
-
-  test 'When security question is enabled, it is inserted correctly' do
-    if Rails.version < "5"
-      post :create, {
-        security_question_user: {
-          email: @user.email
-        }, security_question_answer: "wrong answer"
-      }
-    else
-      post :create, params: {
-        security_question_user: {
-          email: @user.email
-        }, security_question_answer: "wrong answer"
-      }
-    end
-
-    assert_equal 'The security question answer was invalid.', flash[:alert]
-    assert_redirected_to new_security_question_user_unlock_path
-  end
-
-  test 'When security_question is valid, it runs as normal' do
-    if Rails.version < "5"
-      post :create, {
-        security_question_user: {
-          email: @user.email
-        }, security_question_answer: @user.security_question_answer
-      }
-    else
-      post :create, params: {
-        security_question_user: {
-          email: @user.email
-        }, security_question_answer: @user.security_question_answer
-      }
-    end
-
-    assert_equal 'You will receive an email with instructions for how to unlock your account in a few minutes.', flash[:notice]
-    assert_redirected_to new_security_question_user_session_path
-  end
-end
-
-class TestWithoutSecurityQuestion < ActionController::TestCase
-  include Devise::Test::ControllerHelpers
-  tests Devise::UnlocksController
-
-  setup do
-    @user = User.create(username: 'hello', email: 'hello@path.travel',
-                        password: '1234', security_question_answer: 'Right Answer')
-    @user.lock_access!
-
-    @request.env['devise.mapping'] = Devise.mappings[:user]
-  end
-
-  test 'When security question is not enabled it is not inserted' do
-    if Rails.version < "5"
-      post :create, {
-        user: {
-          email: @user.email
-        }
-      }
-    else
-      post :create, params: {
-        user: {
-          email: @user.email
-        }
-      }
-    end
-
-    assert_equal 'You will receive an email with instructions for how to unlock your account in a few minutes.', flash[:notice]
-    assert_redirected_to new_user_session_path
-  end
-end