devise-security 0.14.0 → 0.16.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +124 -60
- data/app/controllers/devise/password_expired_controller.rb +11 -6
- data/app/views/devise/paranoid_verification_code/show.html.erb +3 -3
- data/app/views/devise/password_expired/show.html.erb +5 -5
- data/config/locales/by.yml +49 -0
- data/config/locales/cs.yml +41 -0
- data/config/locales/de.yml +13 -2
- data/config/locales/en.yml +13 -1
- data/config/locales/es.yml +10 -9
- data/config/locales/fa.yml +41 -0
- data/config/locales/fr.yml +1 -0
- data/config/locales/hi.yml +42 -0
- data/config/locales/it.yml +35 -4
- data/config/locales/ja.yml +2 -1
- data/config/locales/nl.yml +41 -0
- data/config/locales/pt.yml +41 -0
- data/config/locales/ru.yml +49 -0
- data/config/locales/tr.yml +1 -0
- data/config/locales/uk.yml +49 -0
- data/config/locales/zh_CN.yml +41 -0
- data/config/locales/zh_TW.yml +41 -0
- data/lib/devise-security.rb +7 -3
- data/lib/devise-security/controllers/helpers.rb +59 -50
- data/lib/devise-security/hooks/password_expirable.rb +2 -0
- data/lib/devise-security/hooks/session_limitable.rb +29 -14
- data/lib/devise-security/models/compatibility.rb +2 -2
- data/lib/devise-security/models/compatibility/{active_record.rb → active_record_patch.rb} +12 -1
- data/lib/devise-security/models/compatibility/{mongoid.rb → mongoid_patch.rb} +11 -1
- data/lib/devise-security/models/password_expirable.rb +5 -1
- data/lib/devise-security/models/secure_validatable.rb +15 -1
- data/lib/devise-security/models/session_limitable.rb +17 -2
- data/lib/devise-security/validators/password_complexity_validator.rb +4 -2
- data/lib/devise-security/version.rb +1 -1
- data/lib/generators/devise_security/install_generator.rb +3 -3
- data/lib/generators/templates/devise_security.rb +47 -0
- data/test/{test_captcha_controller.rb → controllers/test_captcha_controller.rb} +0 -0
- data/test/controllers/test_password_expired_controller.rb +110 -0
- data/test/{test_security_question_controller.rb → controllers/test_security_question_controller.rb} +16 -40
- data/test/dummy/app/assets/config/manifest.js +3 -0
- data/test/dummy/app/controllers/widgets_controller.rb +6 -0
- data/test/dummy/app/models/user.rb +8 -0
- data/test/dummy/config/application.rb +1 -0
- data/test/dummy/config/environments/test.rb +3 -13
- data/test/dummy/config/initializers/migration_class.rb +1 -8
- data/test/dummy/config/mongoid.yml +1 -1
- data/test/dummy/config/routes.rb +4 -3
- data/test/dummy/db/migrate/20120508165529_create_tables.rb +10 -1
- data/test/dummy/log/development.log +883 -0
- data/test/dummy/log/test.log +21689 -0
- data/test/integration/test_password_expirable_workflow.rb +53 -0
- data/test/integration/test_session_limitable_workflow.rb +67 -0
- data/test/orm/active_record.rb +4 -1
- data/test/orm/mongoid.rb +2 -1
- data/test/support/integration_helpers.rb +29 -0
- data/test/support/mongoid.yml +1 -1
- data/test/test_compatibility.rb +13 -0
- data/test/test_complexity_validator.rb +12 -0
- data/test/test_helper.rb +21 -6
- data/test/test_install_generator.rb +11 -1
- data/test/test_secure_validatable.rb +76 -0
- data/test/test_session_limitable.rb +57 -0
- data/{lib/generators/templates → test/tmp/config/initializers}/devise-security.rb +3 -0
- data/test/tmp/config/locales/devise.security_extension.by.yml +49 -0
- data/test/tmp/config/locales/devise.security_extension.cs.yml +41 -0
- data/test/tmp/config/locales/devise.security_extension.de.yml +39 -0
- data/test/tmp/config/locales/devise.security_extension.en.yml +41 -0
- data/test/tmp/config/locales/devise.security_extension.es.yml +30 -0
- data/test/tmp/config/locales/devise.security_extension.fa.yml +41 -0
- data/test/tmp/config/locales/devise.security_extension.fr.yml +30 -0
- data/test/tmp/config/locales/devise.security_extension.hi.yml +42 -0
- data/test/tmp/config/locales/devise.security_extension.it.yml +41 -0
- data/test/tmp/config/locales/devise.security_extension.ja.yml +30 -0
- data/test/tmp/config/locales/devise.security_extension.nl.yml +41 -0
- data/test/tmp/config/locales/devise.security_extension.pt.yml +41 -0
- data/test/tmp/config/locales/devise.security_extension.ru.yml +49 -0
- data/test/tmp/config/locales/devise.security_extension.tr.yml +18 -0
- data/test/tmp/config/locales/devise.security_extension.uk.yml +49 -0
- data/test/tmp/config/locales/devise.security_extension.zh_CN.yml +41 -0
- data/test/tmp/config/locales/devise.security_extension.zh_TW.yml +41 -0
- metadata +156 -133
- data/.codeclimate.yml +0 -63
- data/.document +0 -5
- data/.gitignore +0 -43
- data/.mdlrc +0 -1
- data/.rubocop.yml +0 -64
- data/.ruby-version +0 -1
- data/.travis.yml +0 -41
- data/Appraisals +0 -35
- data/Gemfile +0 -10
- data/Rakefile +0 -27
- data/devise-security.gemspec +0 -50
- data/gemfiles/rails_4.2_stable.gemfile +0 -16
- data/gemfiles/rails_5.0_stable.gemfile +0 -15
- data/gemfiles/rails_5.1_stable.gemfile +0 -15
- data/gemfiles/rails_5.2_stable.gemfile +0 -15
- data/gemfiles/rails_6.0_beta.gemfile +0 -15
- data/lib/devise-security/orm/active_record.rb +0 -20
- data/lib/devise-security/schema.rb +0 -66
- data/test/dummy/app/models/.gitkeep +0 -0
- data/test/test_password_expired_controller.rb +0 -46
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1d065158ce85c823918ca0fb7ad40382ca9957f7c5e0847e1fec86e1eaed0ffb
|
4
|
+
data.tar.gz: fa07606b583076da6b68ceeddf70f74f80c05f3adf752a057b8f935c9af68fb6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7f18a70374b20c80908006811184fc4757c4f678e11ff226d60b78ff0a3c1cf2612382185911b23692c6c7ed1553914f1361ab1243948ad1e1ff3ac91fdb5ab7
|
7
|
+
data.tar.gz: 68e392e9f0049659ad62977a0bb31910d4942b26ab24fab11b28e1e875286f2b48e9da20dd952f94bc4ac8350b1cd5199d9984e431d4664c865544a095b274b8
|
data/README.md
CHANGED
@@ -1,28 +1,45 @@
|
|
1
1
|
# Devise Security
|
2
2
|
|
3
|
-
[![Build Status](https://travis-ci.org/devise-security/devise-security.svg?branch=master)](https://travis-ci.org/devise-security/devise-security)
|
3
|
+
[![Build Status](https://travis-ci.org/devise-security/devise-security.svg?branch=master)](https://travis-ci.org/devise-security/devise-security)
|
4
|
+
[![Coverage Status](https://coveralls.io/repos/github/devise-security/devise-security/badge.svg?branch=master)](https://coveralls.io/github/devise-security/devise-security?branch=master)
|
5
|
+
[![Maintainability](https://api.codeclimate.com/v1/badges/ace7cd003a0db8bffa5a/maintainability)](https://codeclimate.com/github/devise-security/devise-security/maintainability)
|
4
6
|
|
5
|
-
A [Devise](https://github.com/
|
7
|
+
A [Devise](https://github.com/heartcombo/devise) extension to add additional
|
8
|
+
security features required by modern web applications. Forked from
|
9
|
+
[Devise Security Extension](https://github.com/phatworx/devise_security_extension)
|
6
10
|
|
7
11
|
It is composed of 7 additional Devise modules:
|
8
12
|
|
9
|
-
- `:password_expirable` - passwords will expire after a configured time (and
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
- `:
|
15
|
-
|
13
|
+
- `:password_expirable` - passwords will expire after a configured time (and
|
14
|
+
will need to be changed by the user). You will most likely want to use
|
15
|
+
`:password_expirable` together with the `:password_archivable` module to
|
16
|
+
[prevent the current expired password from being reused](https://github.com/phatworx/devise_security_extension/issues/175)
|
17
|
+
immediately as the new password.
|
18
|
+
- `:secure_validatable` - better way to validate a model (email, stronger
|
19
|
+
password validation). Don't use with Devise `:validatable` module!
|
20
|
+
- `:password_archivable` - save used passwords in an `old_passwords` table for
|
21
|
+
history checks (prevent reusing passwords)
|
22
|
+
- `:session_limitable` - ensures, that there is only one session usable per
|
23
|
+
account at once
|
24
|
+
- `:expirable` - expires a user account after x days of inactivity (default 90
|
25
|
+
days)
|
26
|
+
- `:security_questionable` - as accessible substitution for captchas (security
|
27
|
+
question with captcha fallback)
|
28
|
+
- `:paranoid_verification` - admin can generate verification code that user
|
29
|
+
needs to fill in otherwise he won't be able to use the application.
|
16
30
|
|
17
31
|
Configuration and database schema for each module below.
|
18
32
|
|
19
33
|
## Additional features
|
20
34
|
|
21
|
-
|
35
|
+
**captcha support** for `sign_up`, `sign_in`, `recover` and `unlock` (to make
|
36
|
+
automated mass creation and brute forcing of accounts harder)
|
22
37
|
|
23
38
|
## Getting started
|
24
39
|
|
25
|
-
Devise Security works with Devise on Rails
|
40
|
+
Devise Security works with Devise on Rails >= 5.0. You can add it to your
|
41
|
+
Gemfile after you successfully set up Devise (see
|
42
|
+
[Devise documentation](https://github.com/heartcombo/devise)) with:
|
26
43
|
|
27
44
|
```ruby
|
28
45
|
gem 'devise-security'
|
@@ -36,7 +53,10 @@ After you installed Devise Security you need to run the generator:
|
|
36
53
|
rails generate devise_security:install
|
37
54
|
```
|
38
55
|
|
39
|
-
The generator adds optional configurations to
|
56
|
+
The generator adds optional configurations to
|
57
|
+
`config/initializers/devise_security.rb`. Enable the modules you wish to use in
|
58
|
+
the initializer you are ready to add Devise Security modules on top of Devise
|
59
|
+
modules to any of your Devise models:
|
40
60
|
|
41
61
|
```ruby
|
42
62
|
devise :password_expirable, :secure_validatable, :password_archivable, :session_limitable, :expirable
|
@@ -44,13 +64,16 @@ devise :password_expirable, :secure_validatable, :password_archivable, :session_
|
|
44
64
|
|
45
65
|
### E-mail Validation
|
46
66
|
|
47
|
-
|
67
|
+
For `:secure_validatable` you need to have a way to validate an e-mail. There
|
68
|
+
are multiple libraries that support this, and even a way built into Ruby!
|
48
69
|
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
[
|
53
|
-
[
|
70
|
+
- (Recommended) Ruby built-in `URI::MailTo::EMAIL_REGEXP` constant
|
71
|
+
> Note: This method would require a `email_validation` method to be defined in
|
72
|
+
> order to hook into the `validates` method defined here.
|
73
|
+
- [email_address](https://github.com/afair/email_address) gem
|
74
|
+
- [valid_email2](https://github.com/micke/valid_email2) gem
|
75
|
+
- [rails_email_validator](https://github.com/phatworx/rails_email_validator) gem
|
76
|
+
(deprecated)
|
54
77
|
|
55
78
|
## Configuration
|
56
79
|
|
@@ -61,7 +84,7 @@ Devise.setup do |config|
|
|
61
84
|
|
62
85
|
# Password expires after a configurable time (in seconds).
|
63
86
|
# Or expire passwords on demand by setting this configuration to `true`
|
64
|
-
# Use `user.
|
87
|
+
# Use `user.need_change_password!` to expire a password.
|
65
88
|
# Setting the configuration to `false` will completely disable expiration checks.
|
66
89
|
# config.expire_password_after = 3.months | true | false
|
67
90
|
|
@@ -101,65 +124,76 @@ Devise.setup do |config|
|
|
101
124
|
# ==> Configuration for :expirable
|
102
125
|
# Time period for account expiry from last_activity_at
|
103
126
|
# config.expire_after = 90.days
|
127
|
+
|
128
|
+
# Allow passwords to be equal to email (false, true)
|
129
|
+
# config.allow_passwords_equal_to_email = false
|
104
130
|
end
|
105
131
|
```
|
106
132
|
|
107
133
|
## Other ORMs
|
108
134
|
|
109
|
-
Devise-security supports [Mongoid](https://rubygems.org/gems/mongoid) as an
|
135
|
+
Devise-security supports [Mongoid](https://rubygems.org/gems/mongoid) as an
|
136
|
+
alternative ORM to active_record. To use this ORM, add this to your `Gemfile`.
|
110
137
|
|
111
|
-
|
138
|
+
```ruby
|
139
|
+
gem 'mongoid'
|
140
|
+
```
|
112
141
|
|
113
142
|
And then ensure that the environment variable `DEVISE_ORM=mongoid` is set.
|
114
143
|
|
115
144
|
For local development you will need to have MongoDB installed locally.
|
116
145
|
|
117
|
-
|
146
|
+
```bash
|
147
|
+
brew install mongodb
|
148
|
+
```
|
118
149
|
|
119
150
|
### Rails App setup example with Mongoid
|
120
151
|
|
121
152
|
```ruby
|
122
153
|
# inside config/application.rb
|
123
|
-
require File.expand_path('../boot', __FILE__)
|
124
|
-
#...
|
125
|
-
DEVISE_ORM=:mongoid
|
154
|
+
require File.expand_path('../boot', __FILE__)
|
155
|
+
#...
|
156
|
+
DEVISE_ORM=:mongoid
|
126
157
|
|
127
158
|
# Require the gems listed in Gemfile, including any gems
|
128
159
|
# you've limited to :test, :development, or :production.
|
129
|
-
Bundler.require(*Rails.groups)
|
160
|
+
Bundler.require(*Rails.groups)
|
130
161
|
|
131
|
-
module MyApp
|
162
|
+
module MyApp
|
132
163
|
class Application < Rails::Application
|
133
164
|
#...
|
134
165
|
end
|
135
|
-
end
|
166
|
+
end
|
136
167
|
```
|
137
168
|
|
138
169
|
## Captcha-Support
|
139
170
|
|
140
|
-
The captcha support depends on
|
171
|
+
The captcha support depends on
|
172
|
+
[EasyCaptcha](https://github.com/phatworx/easy_captcha). See further
|
173
|
+
documentation there.
|
141
174
|
|
142
175
|
### Installation
|
143
176
|
|
144
177
|
1. Add EasyCaptcha to your `Gemfile` with
|
145
178
|
|
146
|
-
```ruby
|
147
|
-
gem 'easy_captcha'
|
148
|
-
```
|
179
|
+
```ruby
|
180
|
+
gem 'easy_captcha'
|
181
|
+
```
|
149
182
|
|
150
|
-
|
183
|
+
2. Run the initializer
|
151
184
|
|
152
|
-
```ruby
|
153
|
-
rails generate easy_captcha:install
|
154
|
-
```
|
185
|
+
```ruby
|
186
|
+
rails generate easy_captcha:install
|
187
|
+
```
|
155
188
|
|
156
|
-
|
157
|
-
|
189
|
+
3. Enable captcha - see "Configuration" of Devise Security above.
|
190
|
+
4. Add the captcha in the generated devise views for each controller you have
|
191
|
+
activated.
|
158
192
|
|
159
|
-
```erb
|
160
|
-
<p><%= captcha_tag %></p>
|
161
|
-
<p><%= text_field_tag :captcha %></p>
|
162
|
-
```
|
193
|
+
```erb
|
194
|
+
<p><%= captcha_tag %></p>
|
195
|
+
<p><%= text_field_tag :captcha %></p>
|
196
|
+
```
|
163
197
|
|
164
198
|
## Schema
|
165
199
|
|
@@ -174,7 +208,8 @@ end
|
|
174
208
|
add_index :the_resources, :password_changed_at
|
175
209
|
```
|
176
210
|
|
177
|
-
Note: setting `password_changed_at` to `nil` will require the user to change
|
211
|
+
Note: setting `password_changed_at` to `nil` will require the user to change
|
212
|
+
their password.
|
178
213
|
|
179
214
|
### Password archivable
|
180
215
|
|
@@ -195,10 +230,24 @@ add_index :old_passwords, [:password_archivable_type, :password_archivable_id],
|
|
195
230
|
create_table :the_resources do |t|
|
196
231
|
# other devise fields
|
197
232
|
|
198
|
-
t.string :unique_session_id
|
233
|
+
t.string :unique_session_id
|
199
234
|
end
|
200
235
|
```
|
201
236
|
|
237
|
+
#### Bypassing session limitable
|
238
|
+
|
239
|
+
Sometimes it's useful to impersonate a user without authentication (e.g.
|
240
|
+
[administrator impersonating a user](https://github.com/heartcombo/devise/wiki/How-To:-Sign-in-as-another-user-if-you-are-an-admin)),
|
241
|
+
in this case the `session_limitable` strategy will log out the user, and if the
|
242
|
+
user logs in while the administrator is still logged in, the administrator will
|
243
|
+
be logged out.
|
244
|
+
|
245
|
+
For such cases the following can be used:
|
246
|
+
|
247
|
+
```ruby
|
248
|
+
sign_in(User.find(params[:id]), scope: :user, skip_session_limitable: true)
|
249
|
+
```
|
250
|
+
|
202
251
|
### Expirable
|
203
252
|
|
204
253
|
```ruby
|
@@ -271,13 +320,13 @@ end
|
|
271
320
|
|
272
321
|
## Requirements
|
273
322
|
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
323
|
+
- Devise (<https://github.com/heartcombo/devise>)
|
324
|
+
- Rails 5.0 onwards (<http://github.com/rails/rails>)
|
325
|
+
- recommendations:
|
326
|
+
- `autocomplete-off` (<http://github.com/phatworx/autocomplete-off>)
|
327
|
+
- `easy_captcha` (<http://github.com/phatworx/easy_captcha>)
|
328
|
+
- `mongodb` (<https://www.mongodb.com/>)
|
329
|
+
- `rvm` (<https://rvm.io/>)
|
281
330
|
|
282
331
|
## Todo
|
283
332
|
|
@@ -295,7 +344,8 @@ end
|
|
295
344
|
- 0.8 Support for Rails 4 (+ variety of patches)
|
296
345
|
- 0.11 Support for Rails 5. Forked to allow project maintenance and features
|
297
346
|
|
298
|
-
See also
|
347
|
+
See also
|
348
|
+
[Github Releases](https://github.com/devise-security/devise-security/releases)
|
299
349
|
|
300
350
|
## Maintainers
|
301
351
|
|
@@ -305,22 +355,36 @@ See also [Github Releases](https://github.com/devise-security/devise-security/re
|
|
305
355
|
|
306
356
|
## Contributing to devise-security
|
307
357
|
|
308
|
-
- Check out the latest master to make sure the feature hasn't been implemented
|
309
|
-
|
358
|
+
- Check out the latest master to make sure the feature hasn't been implemented
|
359
|
+
or the bug hasn't been fixed yet
|
360
|
+
- Check out the issue tracker to make sure someone already hasn't requested it
|
361
|
+
and/or contributed it
|
310
362
|
- Fork the project
|
311
363
|
- Start a feature/bugfix branch
|
312
364
|
- Commit and push until you are happy with your contribution
|
313
|
-
- Make sure to add tests for it. This is important so I don't break it in a
|
314
|
-
|
365
|
+
- Make sure to add tests for it. This is important so I don't break it in a
|
366
|
+
future version unintentionally.
|
367
|
+
- Please try not to mess with the Rakefile, version, or history. If you want to
|
368
|
+
have your own version, or is otherwise necessary, that is fine, but please
|
369
|
+
isolate to its own commit so I can cherry-pick around it.
|
315
370
|
|
316
371
|
## Running tests
|
317
372
|
|
318
|
-
Standard tests can be invoked using `rake`.
|
373
|
+
Standard tests can be invoked using `rake`. To run the tests against the
|
374
|
+
`mongoid` ORM, use `DEVISE_ORM=mongoid rake` while `mongodb` is running.
|
375
|
+
|
376
|
+
## Maintenance Policy
|
319
377
|
|
320
|
-
|
378
|
+
We are committed to maintain support for `devise-security` for all normal or
|
379
|
+
security maintenance versions of the Ruby language
|
380
|
+
[as listed here](https://www.ruby-lang.org/en/downloads/branches/), and for the
|
381
|
+
Ruby on Rails framework
|
382
|
+
[as per their maintenance policy](https://rubyonrails.org/maintenance/).
|
321
383
|
|
322
|
-
|
323
|
-
|
384
|
+
In order to avoid introducing bugs caused by backwardly incompatible Ruby
|
385
|
+
language features, it is highly recommended that all development work be done
|
386
|
+
using the oldest supported ruby version. The contents of the `.ruby-version`
|
387
|
+
file should reflect this.
|
324
388
|
|
325
389
|
## Copyright
|
326
390
|
|
@@ -1,6 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
class Devise::PasswordExpiredController < DeviseController
|
4
|
+
before_action :verify_requested_format!
|
4
5
|
skip_before_action :handle_password_change
|
5
6
|
before_action :skip_password_change, only: [:show, :update]
|
6
7
|
prepend_before_action :authenticate_scope!, only: [:show, :update]
|
@@ -9,13 +10,21 @@ class Devise::PasswordExpiredController < DeviseController
|
|
9
10
|
respond_with(resource)
|
10
11
|
end
|
11
12
|
|
13
|
+
# Update the password stored on the `resource`.
|
14
|
+
# @note if a common data format like :json or :xml are requested
|
15
|
+
# this will respond with a 204 No Content and set the Location header.
|
16
|
+
# Useful for dealing with APIs when JS clients would otherwise automatically
|
17
|
+
# follow the redirect, which can be problematic.
|
18
|
+
# @see https://stackoverflow.com/questions/228225/prevent-redirection-of-xmlhttprequest
|
19
|
+
# @see https://github.com/axios/axios/issues/932#issuecomment-307390761
|
20
|
+
# @see https://github.com/devise-security/devise-security/pull/111
|
12
21
|
def update
|
13
22
|
resource.extend(Devise::Models::DatabaseAuthenticatablePatch)
|
14
23
|
if resource.update_with_password(resource_params)
|
15
24
|
warden.session(scope)['password_expired'] = false
|
16
25
|
set_flash_message :notice, :updated
|
17
26
|
bypass_sign_in resource, scope: scope
|
18
|
-
|
27
|
+
respond_with({}, location: stored_location_for(scope) || :root)
|
19
28
|
else
|
20
29
|
clean_up_passwords(resource)
|
21
30
|
respond_with(resource, action: :show)
|
@@ -32,11 +41,7 @@ class Devise::PasswordExpiredController < DeviseController
|
|
32
41
|
def resource_params
|
33
42
|
permitted_params = [:current_password, :password, :password_confirmation]
|
34
43
|
|
35
|
-
|
36
|
-
params.require(resource_name).permit(*permitted_params)
|
37
|
-
else
|
38
|
-
params[scope].slice(*permitted_params)
|
39
|
-
end
|
44
|
+
params.require(resource_name).permit(*permitted_params)
|
40
45
|
end
|
41
46
|
|
42
47
|
def scope
|
@@ -1,10 +1,10 @@
|
|
1
|
-
<h2>
|
1
|
+
<h2>t('.submit_verification_code')</h2>
|
2
2
|
|
3
3
|
<%= form_for(resource, as: resource_name, url: [resource_name, :paranoid_verification_code], html: { method: :put }) do |f| %>
|
4
4
|
<%= render partial: 'devise/shared/error_messages' %>
|
5
5
|
|
6
|
-
<p><%= f.label :paranoid_verification_code, '
|
6
|
+
<p><%= f.label :paranoid_verification_code, t('.verification_code') %><br />
|
7
7
|
<%= f.text_field :paranoid_verification_code, value: '' %></p>
|
8
8
|
|
9
|
-
<p><%= f.submit '
|
9
|
+
<p><%= f.submit t('.submit') %></p>
|
10
10
|
<% end %>
|
@@ -1,16 +1,16 @@
|
|
1
|
-
<h2
|
1
|
+
<h2><%= t('.renew_your_password') %></h2>
|
2
2
|
|
3
3
|
<%= form_for(resource, as: resource_name, url: [resource_name, :password_expired], html: { method: :put }) do |f| %>
|
4
4
|
<%= render partial: 'devise/shared/error_messages' %>
|
5
5
|
|
6
|
-
<p><%= f.label :current_password, '
|
6
|
+
<p><%= f.label :current_password, t('.current_password') %><br />
|
7
7
|
<%= f.password_field :current_password %></p>
|
8
8
|
|
9
|
-
<p><%= f.label :password, '
|
9
|
+
<p><%= f.label :password, t('.new_password') %><br />
|
10
10
|
<%= f.password_field :password %></p>
|
11
11
|
|
12
|
-
<p><%= f.label :password_confirmation, '
|
12
|
+
<p><%= f.label :password_confirmation, t('.new_password_confirmation') %><br />
|
13
13
|
<%= f.password_field :password_confirmation %></p>
|
14
14
|
|
15
|
-
<p><%= f.submit '
|
15
|
+
<p><%= f.submit t('.change_my_password') %></p>
|
16
16
|
<% end %>
|
@@ -0,0 +1,49 @@
|
|
1
|
+
by:
|
2
|
+
errors:
|
3
|
+
messages:
|
4
|
+
taken_in_past: 'ужо раней выкарыстоўваўся.'
|
5
|
+
equal_to_current_password: 'павінен адрознівацца ад сучаснага пароля.'
|
6
|
+
equal_to_email: 'павінна адрознівацца ад электроннай пошты.'
|
7
|
+
password_complexity:
|
8
|
+
digit:
|
9
|
+
one: 'павінен утрымліваць хоць адну лічбу'
|
10
|
+
few: 'павінен утрымліваць хоць %{count} лічбы'
|
11
|
+
many: 'павінен утрымліваць хоць %{count} лічбы'
|
12
|
+
other: 'павінен утрымліваць хоць %{count} лічбы'
|
13
|
+
lower:
|
14
|
+
one: 'павінен утрымліваць хоць адну маленькую літару'
|
15
|
+
few: 'павінен утрымліваць хоць %{count} малыx літары'
|
16
|
+
many: 'павінен утрымліваць хоць %{count} малыx літары'
|
17
|
+
other: 'павінен утрымліваць хоць %{count} малыx літары'
|
18
|
+
symbol:
|
19
|
+
one: 'павінен утрымліваць хоць адзін знак пунктуацыі або сімвал'
|
20
|
+
few: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
|
21
|
+
many: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
|
22
|
+
other: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
|
23
|
+
upper:
|
24
|
+
one: 'павінен утрымліваць хоць адну вялікую літару'
|
25
|
+
few: 'павінен утрымліваць хоць %{count} вялікіx літары'
|
26
|
+
many: 'павінен утрымліваць хоць %{count} вялікіx літары'
|
27
|
+
other: 'павінен утрымліваць хоць %{count} вялікіx літары'
|
28
|
+
devise:
|
29
|
+
invalid_captcha: 'Уведзены няправільны код капчы.'
|
30
|
+
invalid_security_question: 'Адказ на сакрэтнае пытанне быў няправільны.'
|
31
|
+
paranoid_verify:
|
32
|
+
code_required: 'Калі ласка, увядзіце код, атрыманы ад нашай каманды падтрымкі'
|
33
|
+
paranoid_verification_code:
|
34
|
+
show:
|
35
|
+
submit_verification_code: 'Увод кода пацверджання'
|
36
|
+
verification_code: 'Код пацверджання'
|
37
|
+
submit: 'Адправіць'
|
38
|
+
password_expired:
|
39
|
+
updated: 'Ваш новы пароль захаваны.'
|
40
|
+
change_required: 'Ваш пароль састарэў. Калі ласка, усталюйце новы.'
|
41
|
+
show:
|
42
|
+
renew_your_password: 'Змена пароля'
|
43
|
+
current_password: 'Сучасны пароль'
|
44
|
+
new_password: 'Новы пароль'
|
45
|
+
new_password_confirmation: 'Пацвердзіце новы пароль'
|
46
|
+
change_my_password: 'Змяніць пароль'
|
47
|
+
failure:
|
48
|
+
session_limited: 'Вашы параметры ўваходу выкарыстоўваюцца ў іншым браўзэры. Калі ласка, аўтарызуйцеся зноў, каб працягнуць у гэтым браўзэры.'
|
49
|
+
expired: 'Ваш уліковы запіс састарэў з-за неактыўнасці. Калі ласка, звяжыцеся з адміністратарам.'
|