devise-security 0.15.0 → 0.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9172082dca0b721f493e44d5183a0e660c9dd67d3893bd86b03638b039c34935
-  data.tar.gz: 80b4649313476c6ae926fabf1db2a58abd9c8796fe639927743ab8ba8f53be97
+  metadata.gz: 30c17693a3331769b786cf6925dcce0b62087a894960309ad316189613b62291
+  data.tar.gz: defa2b29a2d67e7615062ab6bea7518b37b6f24ed4735016a4fca4ef860ffbd0
 SHA512:
-  metadata.gz: 10f1e3243f77003658cdc377d13fe56d92fe6cf7713f3a658d01ea61ffc18788ce6508f3d894c664edf6847242e863174696f3ef810527d4d4889212a258baab
-  data.tar.gz: dc5802511d5c406923a541ea1d10f7d3ffff715b9278adc407a1ee87c18659eccf6b1ea9328b06b08cd0f30ae6b523236ff27164ae7c44f5608b7d5c31706fbb
+  metadata.gz: 54fa56d5e200c73e329d1f07eb1845ce2be695ffb4afa20f475d624fb6615f1583a161c8eec8fa5f84643b957a0d9e4d4d653d5f5071f7b73784bf843a520a70
+  data.tar.gz: 891fcf2b29571ee6fca9d667ddbc211cf27a5ba64e6048b33d3f63a6f395e02ef88d51a6c35da3bfe761b42c04bf1a57e118ae9bb46ebb22212eb85f9a0b3179

data/LICENSE.txt

@@ -1,4 +1,6 @@
-Copyright (c) 2011 Marco Scholl
+Copyright (c) 2017-2022 Dillon Welch & Kevin Olbrich.
+
+Copyright (c) 2011-2017 Marco Scholl
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -1,10 +1,10 @@
 # Devise Security
 
-[![Build Status](https://travis-ci.org/devise-security/devise-security.svg?branch=master)](https://travis-ci.org/devise-security/devise-security)
+[![Build Status](https://github.com/devise-security/devise-security/actions/workflows/test_suite.yml/badge.svg?branch=master)](https://github.com/devise-security/devise-security/actions/workflows/test_suite.yml)
 [![Coverage Status](https://coveralls.io/repos/github/devise-security/devise-security/badge.svg?branch=master)](https://coveralls.io/github/devise-security/devise-security?branch=master)
 [![Maintainability](https://api.codeclimate.com/v1/badges/ace7cd003a0db8bffa5a/maintainability)](https://codeclimate.com/github/devise-security/devise-security/maintainability)
 
-A [Devise](https://github.com/plataformatec/devise) extension to add additional
+A [Devise](https://github.com/heartcombo/devise) extension to add additional
 security features required by modern web applications. Forked from
 [Devise Security Extension](https://github.com/phatworx/devise_security_extension)
 
@@ -37,9 +37,9 @@ automated mass creation and brute forcing of accounts harder)
 
 ## Getting started
 
-Devise Security works with Devise on Rails 4.2 onwards. You can add it to your
+Devise Security works with Devise on Rails >= 5.2. You can add it to your
 Gemfile after you successfully set up Devise (see
-[Devise documentation](https://github.com/plataformatec/devise)) with:
+[Devise documentation](https://github.com/heartcombo/devise)) with:
 
 ```ruby
 gem 'devise-security'
@@ -54,7 +54,7 @@ rails generate devise_security:install
 ```
 
 The generator adds optional configurations to
-`config/initializers/devise-security.rb`. Enable the modules you wish to use in
+`config/initializers/devise_security.rb`. Enable the modules you wish to use in
 the initializer you are ready to add Devise Security modules on top of Devise
 modules to any of your Devise models:
 
@@ -89,6 +89,8 @@ Devise.setup do |config|
   # config.expire_password_after = 3.months | true | false
 
   # Need 1 char each of: A-Z, a-z, 0-9, and a punctuation mark or symbol
+  # You may use "digits" in place of "digit" and "symbols" in place of
+  # "symbol" based on your preference
   # config.password_complexity = { digit: 1, lower: 1, symbol: 1, upper: 1 }
 
   # Number of old passwords in archive
@@ -124,6 +126,12 @@ Devise.setup do |config|
   # ==> Configuration for :expirable
   # Time period for account expiry from last_activity_at
   # config.expire_after = 90.days
+
+  # Allow passwords to be equal to email (false, true)
+  # config.allow_passwords_equal_to_email = false
+
+  # paranoid_verification will regenerate verification code after failed attempt
+  # config.paranoid_code_regenerate_after_attempt = 10
 end
 ```
 
@@ -187,10 +195,10 @@ documentation there.
 4. Add the captcha in the generated devise views for each controller you have
    activated.
 
-    ```erb
-    <p><%= captcha_tag %></p>
-    <p><%= text_field_tag :captcha %></p>
-    ```
+   ```erb
+   <p><%= captcha_tag %></p>
+   <p><%= text_field_tag :captcha %></p>
+   ```
 
 ## Schema
 
@@ -231,6 +239,20 @@ create_table :the_resources do |t|
 end
 ```
 
+#### Bypassing session limitable
+
+Sometimes it's useful to impersonate a user without authentication (e.g.
+[administrator impersonating a user](https://github.com/heartcombo/devise/wiki/How-To:-Sign-in-as-another-user-if-you-are-an-admin)),
+in this case the `session_limitable` strategy will log out the user, and if the
+user logs in while the administrator is still logged in, the administrator will
+be logged out.
+
+For such cases the following can be used:
+
+```ruby
+sign_in(User.find(params[:id]), scope: :user, skip_session_limitable: true)
+```
+
 ### Expirable
 
 ```ruby
@@ -303,8 +325,8 @@ end
 
 ## Requirements
 
-- Devise (<https://github.com/plataformatec/devise>)
-- Rails 4.2 onwards (<http://github.com/rails/rails>)
+- Devise (<https://github.com/heartcombo/devise>)
+- Rails 5.2 onwards (<http://github.com/rails/rails>)
 - recommendations:
   - `autocomplete-off` (<http://github.com/phatworx/autocomplete-off>)
   - `easy_captcha` (<http://github.com/phatworx/easy_captcha>)
@@ -356,28 +378,25 @@ See also
 Standard tests can be invoked using `rake`. To run the tests against the
 `mongoid` ORM, use `DEVISE_ORM=mongoid rake` while `mongodb` is running.
 
-To locally simulate what travis-ci will run when you push code use:
-
-```bash
-gem install bundler -v '1.17.3'
-BUNDLER_VERSION=1.17.3 wwtd
-```
-
 ## Maintenance Policy
 
-We are committed to maintain support for `devise-security` for all normal or
+We are committed to maintaining support for `devise-security` for all normal or
 security maintenance versions of the Ruby language
 [as listed here](https://www.ruby-lang.org/en/downloads/branches/), and for the
 Ruby on Rails framework
 [as per their maintenance policy](https://rubyonrails.org/maintenance/).
 
-Support for Rails 4.2 will be dropped in version 0.16.0.
-
-In order to avoid introducing bugs caused by backwardly incompatible Ruby
+To avoid introducing bugs caused by backwardly incompatible Ruby
 language features, it is highly recommended that all development work be done
-using the oldest supported ruby version. The contents of the `.ruby-version`
+using the oldest supported Ruby version. The contents of the `.ruby-version`
 file should reflect this.
 
 ## Copyright
 
-Copyright (c) 2011-2017 Marco Scholl. See LICENSE.txt for further details.
+Copyright (c) 2017-2023 Dillon Welch & Kevin Olbrich.
+
+Copyright (c) 2011-2017 Marco Scholl as the project [`devise_security_extension`](https://github.com/phatworx/devise_security_extension).
+
+This repo was created as a fork from [b2ee978a](https://github.com/phatworx/devise_security_extension/commit/b2ee978af7d49f0fb0e7271c6ac074dfb4d39353).
+
+See LICENSE.txt for further details.

data/app/controllers/devise/paranoid_verification_code_controller.rb

@@ -1,15 +1,13 @@
 # frozen_string_literal: true
 
 class Devise::ParanoidVerificationCodeController < DeviseController
+  before_action :verify_requested_format!
   skip_before_action :handle_paranoid_verification
-  prepend_before_action :authenticate_scope!, only: [:show, :update]
+  before_action :skip_paranoid_verification, only: %i[show update]
+  prepend_before_action :authenticate_scope!, only: %i[show update]
 
   def show
-    if !resource.nil? && resource.need_paranoid_verification?
-      respond_with(resource)
-    else
-      redirect_to :root
-    end
+    respond_with(resource)
   end
 
   def update
@@ -17,20 +15,36 @@ class Devise::ParanoidVerificationCodeController < DeviseController
       warden.session(scope)['paranoid_verify'] = false
       set_flash_message :notice, :updated
       bypass_sign_in resource, scope: scope
-      redirect_to stored_location_for(scope) || :root
+      respond_with({}, location: after_paranoid_verification_code_update_path_for(resource))
     else
       respond_with(resource, action: :show)
     end
   end
 
+  # Allows you to customize where the user is redirected to after the update action
+  # successfully completes.
+  #
+  # Defaults to the request's original path, and then `root` if that is `nil`.
+  #
+  # @param resource [ActiveModel::Model] Devise `resource` model for logged in user.
+  #
+  # @return [String, Symbol] The path that the user will be redirected to.
+  def after_paranoid_verification_code_update_path_for(_resource)
+    stored_location_for(scope) || :root
+  end
+
   private
 
+  def skip_paranoid_verification
+    return if !resource.nil? && resource.need_paranoid_verification?
+
+    redirect_to :root
+  end
+
   def resource_params
-    if params.respond_to?(:permit)
-      params.require(resource_name).permit(:paranoid_verification_code)
-    else
-      params[scope].slice(:paranoid_verification_code)
-    end
+    permitted_params = %i[paranoid_verification_code]
+
+    params.require(resource_name).permit(*permitted_params)
   end
 
   def scope

data/app/controllers/devise/password_expired_controller.rb

@@ -3,8 +3,8 @@
 class Devise::PasswordExpiredController < DeviseController
   before_action :verify_requested_format!
   skip_before_action :handle_password_change
-  before_action :skip_password_change, only: [:show, :update]
-  prepend_before_action :authenticate_scope!, only: [:show, :update]
+  before_action :skip_password_change, only: %i[show update]
+  prepend_before_action :authenticate_scope!, only: %i[show update]
 
   def show
     respond_with(resource)
@@ -20,32 +20,45 @@ class Devise::PasswordExpiredController < DeviseController
   # @see https://github.com/devise-security/devise-security/pull/111
   def update
     resource.extend(Devise::Models::DatabaseAuthenticatablePatch)
-    if resource.update_with_password(resource_params)
+    resource.update_with_password(resource_params)
+
+    yield resource if block_given?
+
+    if resource.errors.empty?
       warden.session(scope)['password_expired'] = false
       set_flash_message :notice, :updated
       bypass_sign_in resource, scope: scope
-      respond_with({}, location: stored_location_for(scope) || :root)
+      respond_with({}, location: after_password_expired_update_path_for(resource))
     else
       clean_up_passwords(resource)
       respond_with(resource, action: :show)
     end
   end
 
+  # Allows you to customize where the user is sent to after the update action
+  # successfully completes.
+  #
+  # Defaults to the request's original path, and then `root` if that is `nil`.
+  #
+  # @param resource [ActiveModel::Model] Devise `resource` model for logged in user.
+  #
+  # @return [String, Symbol] The path that the user will be sent to.
+  def after_password_expired_update_path_for(_resource)
+    stored_location_for(scope) || :root
+  end
+
   private
 
   def skip_password_change
     return if !resource.nil? && resource.need_change_password?
+
     redirect_to :root
   end
 
   def resource_params
-    permitted_params = [:current_password, :password, :password_confirmation]
+    permitted_params = %i[current_password password password_confirmation]
 
-    if params.respond_to?(:permit)
-      params.require(resource_name).permit(*permitted_params)
-    else
-      params[scope].slice(*permitted_params)
-    end
+    params.require(resource_name).permit(*permitted_params)
   end
 
   def scope

data/config/locales/bg.yml

@@ -0,0 +1,42 @@
+bg:
+  errors:
+    messages:
+      taken_in_past: 'е използвана и преди.'
+      equal_to_current_password: 'трябва да е различна от настоящата парола.'
+      equal_to_email: 'трябва да е различна от e-mail адреса.'
+      password_complexity:
+        digit:
+          one: трябва да съдържа поне една цифра
+          other: трябва да съдържа %{count} цифри
+        lower:
+          one: трябва да съдържа поне една малка буква
+          other: трябва да съдържа поне %{count} малки букви
+        symbol:
+          one: трябва да съдържа поне един пунктоационен знак или символ
+          other: трябва да съдържа поне %{count} пунктоационни знака или символи
+        upper:
+          one: трябва да съдържа поне една главна буква
+          other: трябва да съдържа поне %{count} главни букви
+  devise:
+    invalid_captcha: 'Кодът е грешен.'
+    invalid_security_question: 'Отговора на тайния въпрос е грешен.'
+    paranoid_verify:
+      code_required: 'Моля въведете кода, който нашия екип по поддръжката Ви е предоставил'
+    paranoid_verification_code:
+      updated: Кодът за потвърждение е приет
+      show:
+        submit_verification_code: Изпрати код за потвърждение
+        verification_code: Код за потвърждение
+        submit: Изпрати
+    password_expired:
+      updated: 'Вашата нова парола е запазена.'
+      change_required: 'Вашата парола е изтекла. Моля подновете паролата си.'
+      show:
+        renew_your_password: Подновете паролата си
+        current_password: Настояща парола
+        new_password: Нова парола
+        new_password_confirmation: Потвърждение на нова парола
+        change_my_password: Промени паролата ми
+    failure:
+      session_limited: 'Вашето потребителско име и парола са използвани в друг браузър. Моля влезте отново за да продължите в този браузър.'
+      expired: 'Вашия акаунт е затворен поради неактивност. Моля свържете се с администратор.'

data/config/locales/by.yml

@@ -3,6 +3,7 @@ by:
     messages:
       taken_in_past: 'ужо раней выкарыстоўваўся.'
       equal_to_current_password: 'павінен адрознівацца ад сучаснага пароля.'
+      equal_to_email: 'павінна адрознівацца ад электроннай пошты.'
       password_complexity:
         digit:
           one: 'павінен утрымліваць хоць адну лічбу'
@@ -30,6 +31,7 @@ by:
     paranoid_verify:
       code_required: 'Калі ласка, увядзіце код, атрыманы ад нашай каманды падтрымкі'
     paranoid_verification_code:
+      updated: Код спраўджання прыняты
       show:
         submit_verification_code: 'Увод кода пацверджання'
         verification_code: 'Код пацверджання'

data/config/locales/cs.yml

@@ -3,18 +3,23 @@ cs:
     messages:
       taken_in_past: bylo již použito v minulosti.
       equal_to_current_password: se musí lišit od aktuálního hesla.
+      equal_to_email: musí být jiný než e-mail.
       password_complexity:
         digit:
           one: musí obsahovat alespoň jednu číslici
+          few: musí obsahovat alespoň %{count} číslice
           other: musí obsahovat alespoň %{count} číslice
         lower:
           one: musí obsahovat alespoň jedno malé písmeno
+          few: musí obsahovat alespoň %{count} malé písmena
           other: musí obsahovat alespoň %{count} malé písmena
         symbol:
           one: musí obsahovat alespoň jedno interpunkční znaménko nebo symbol
+          few: musí obsahovat alespoň %{count} interpunkční znaménka nebo symboly
           other: musí obsahovat alespoň %{count} interpunkční znaménka nebo symboly
         upper:
           one: musí obsahovat alespoň jedno velké písmeno
+          few: musí obsahovat alespoň %{count} velké písmena
           other: musí obsahovat alespoň %{count} velké písmena
   devise:
     invalid_captcha: Chybná captcha.
@@ -22,6 +27,7 @@ cs:
     paranoid_verify:
       code_required: Zadejte kód, který poskytla naše podpora
     paranoid_verification_code:
+      updated: Ověřovací kód přijat
       show:
         submit_verification_code: Odeslat ověřovací kód
         verification_code: Ověřovací kód

data/config/locales/de.yml

@@ -3,6 +3,7 @@ de:
     messages:
       taken_in_past: 'wurde bereits in der Vergangenheit verwendet.'
       equal_to_current_password: 'darf nicht dem aktuellen Passwort entsprechen.'
+      equal_to_email: 'darf nicht dem E-mail entsprechen.'
       password_complexity:
         digit:
           one: muss mindestens eine Ziffer enthalten
@@ -18,8 +19,11 @@ de:
           other: muss mindestens %{count} Großbuchstaben enthalten
   devise:
     invalid_captcha: 'Die Captcha-Eingabe ist nicht gültig.'
+    invalid_security_question: 'Die Antwort auf die Sicherheitsfrage war ungültig.'
     paranoid_verify:
       code_required: 'Bitte geben Sie den Code ein, den unser Support-Team zur Verfügung gestellt hat.'
+    paranoid_verification_code:
+      updated: Bestätigungscode akzeptiert
       show:
         submit_verification_code: Bestätigungscode eingeben
         verification_code: Bestätigungscode

data/config/locales/en.yml

@@ -3,10 +3,11 @@ en:
     messages:
       taken_in_past: 'was used previously.'
       equal_to_current_password: 'must be different than the current password.'
+      equal_to_email: 'must be different than the email.'
       password_complexity:
         digit:
           one: must contain at least one digit
-          other: must contain at least %{count} numerals
+          other: must contain at least %{count} digits
         lower:
           one: must contain at least one lower-case letter
           other: must contain at least %{count} lower-case letters
@@ -22,6 +23,7 @@ en:
     paranoid_verify:
       code_required: 'Please enter the code our support team provided'
     paranoid_verification_code:
+      updated: Verification code accepted
       show:
         submit_verification_code: Submit verification code
         verification_code: Verification code

data/config/locales/es.yml

@@ -3,6 +3,7 @@ es:
     messages:
       taken_in_past: 'la contraseña fue usada previamente, por favor elige otra.'
       equal_to_current_password: 'tiene que ser diferente a la contraseña actual.'
+      equal_to_email: 'tiene que ser diferente al email'
       password_complexity:
         digit:
           one: tiene que contener al menos un dígito
@@ -21,9 +22,21 @@ es:
     invalid_security_question: 'La respuesta a la pregunta de seguridad fue incorrecta.'
     paranoid_verify:
       code_required: 'Por favor ingrese el código provisto por nuestro equipo de soporte'
+    paranoid_verification_code:
+      updated: Se acepta el código de verificación
+      show:
+        submit_verification_code: Envíe el código de verificación
+        verification_code: Código de verificación
+        submit: Entregar
     password_expired:
       updated: 'Su nueva contraseña ha sido guardada.'
       change_required: 'Su contraseña ha expirado. Por favor renueve su contraseña.'
+      show:
+        renew_your_password: Renueve su contraseña
+        current_password: Actual contraseña
+        new_password: Nueva contraseña
+        new_password_confirmation: Confirmar nueva contraseña
+        change_my_password: Cambiar mi contraseña
     failure:
       session_limited: 'Sus credenciales de inicio de sesión fueron usadas en otro navegador. Por favor inicie sesión nuevamente para continuar en este navegador.'
       expired: 'Su cuenta ha expirado debido a inactividad. Por favor contacte al administrador de la aplicación.'

data/config/locales/fa.yml

@@ -3,6 +3,7 @@ fa:
     messages:
       taken_in_past: 'قبلا استفاده شده است'
       equal_to_current_password: 'باید متفاوت با رمز عبور فعلی باشد'
+      equal_to_email: 'باید متفاوت از ایمیل باشد'
       password_complexity:
         digit:
           one: باید حداقل یک رقم داشته باشد
@@ -22,6 +23,7 @@ fa:
     paranoid_verify:
       code_required: 'لطفاً کدی را که تیم پشتیبانی ما ارائه کرده است وارد کنید'
     paranoid_verification_code:
+      updated: کد تأیید پذیرفته شد
       show:
         submit_verification_code: ارسال کد تاییدیه
         verification_code: کد تاییدیه

data/config/locales/fr.yml

@@ -3,13 +3,14 @@ fr:
     messages:
       taken_in_past: a été utilisé trop récemment. Veuillez en choisir un autre
       equal_to_current_password: doit être différent de l'actuel
+      equal_to_email: doit être différent de l'e-mail
       password_complexity:
         digit:
           one: doit contenir au moins un chiffre
           other: doit contenir au moins %{count} chiffres
         lower:
-          one: doit contenir au moins une lettre miniscule
-          other: doit contenir au moins %{count} lettres miniscules
+          one: doit contenir au moins une lettre minuscule
+          other: doit contenir au moins %{count} lettres minuscules
         symbol:
           one: doit contenir au moins un signe de ponctuation
           other: doit contenir au moins %{count} signes de ponctuation
@@ -21,9 +22,21 @@ fr:
     invalid_security_question: La réponse à la question de sécurité est invalide
     paranoid_verify:
       code_required: Veuillez entrer le code fourni par notre équipe de support
+    paranoid_verification_code:
+      updated: Code de vérification accepté
+      show:
+        submit_verification_code: Soumettre le code de vérification
+        verification_code: Code de vérification
+        submit: Soumettre
     password_expired:
       updated: Votre nouveau mot de passe est enregistré
       change_required: Votre mot de passe a expiré. Veuillez en choisir un autre
+      show:
+        renew_your_password: Renouveler votre mot de passe
+        current_password: Mot de passe actuel
+        new_password: Nouveau mot de passe
+        new_password_confirmation: Confirmer le nouveau mot de passe
+        change_my_password: Changer mon mot de passe
     failure:
       session_limited: Vos identifiants de connexion ont été utilisés dans un autre navigateur. Veuillez vous reconnecter pour continuer dans ce navigateur
       expired: Votre compte a expiré pour cause d'inactivité. Veuillez contacter l'administrateur du site

data/config/locales/hi.yml

@@ -2,40 +2,42 @@
 hi:
   errors:
     messages:
-      taken_in_past: यह पासवर्ड, आपके द्वारा पूर्व मे प्रयोग किया जा चुका है  
-      equal_to_current_password: नया पासवर्ड, वर्तमान पासवर्ड से भिन्न होना चाहिए 
+      taken_in_past: यह पासवर्ड, आपके द्वारा पूर्व मे प्रयोग किया जा चुका है
+      equal_to_current_password: नया पासवर्ड, वर्तमान पासवर्ड से भिन्न होना चाहिए
+      equal_to_email: ईमेल से अलग होना चाहिए
       password_complexity:
         digit:
-          one: एक अंक होना चाहिए 
-          other: कम से कम %{count} अंक होने चाहिए  
+          one: एक अंक होना चाहिए
+          other: कम से कम %{count} अंक होने चाहिए
         lower:
-          one: एक लोअर-केस अक्षर होना चाहिए 
-          other: कम से कम %{count} अक्षर होने चाहिए  
+          one: एक लोअर-केस अक्षर होना चाहिए
+          other: कम से कम %{count} अक्षर होने चाहिए
         symbol:
-          one: एक चिन्ह होना चाहिए 
-          other: कम से कम %{count} चिन्ह होने चाहिए  
+          one: एक चिन्ह होना चाहिए
+          other: कम से कम %{count} चिन्ह होने चाहिए
         upper:
-          one: एक अपर-केस अक्षर होना चाहिए 
-          other: कम से कम %{count} अपर-केस अक्षर होने चाहिए  
+          one: एक अपर-केस अक्षर होना चाहिए
+          other: कम से कम %{count} अपर-केस अक्षर होने चाहिए
   devise:
     invalid_captcha: अमान्य कॅप्टचा
     invalid_security_question: अमान्य सुरक्षा उत्तर
     paranoid_verify:
-      code_required: सपोर्ट टीम द्वारा दिया गया कोड डाले 
+      code_required: सपोर्ट टीम द्वारा दिया गया कोड डाले
     paranoid_verification_code:
+      updated: सत्यापन कोड स्वीकार किया गया
       show:
-        submit_verification_code: वेरिफिकेशन कोड डाले 
-        verification_code: वेरिफिकेशन कोड 
-        submit: सबमिट 
+        submit_verification_code: वेरिफिकेशन कोड डाले
+        verification_code: वेरिफिकेशन कोड
+        submit: सबमिट
     password_expired:
       updated: पासवर्ड अद्यतन किया गया
-      change_required: पासवर्ड अमान्य हो चुका, पासवर्ड बदले 
+      change_required: पासवर्ड अमान्य हो चुका, पासवर्ड बदले
       show:
-        renew_your_password: पासवर्ड बदले 
+        renew_your_password: पासवर्ड बदले
         current_password: वर्तमान पासवर्ड
-        new_password: नया पासवर्ड 
-        new_password_confirmation: नए पासवर्ड की पुष्टि करें 
-        change_my_password: पासवर्ड बदले 
+        new_password: नया पासवर्ड
+        new_password_confirmation: नए पासवर्ड की पुष्टि करें
+        change_my_password: पासवर्ड बदले
     failure:
-      session_limited: जानकारी, दूसरे ब्राउज़र में उपयोग की गयी थी जारी रखने फिर से साइन-इन करे 
+      session_limited: जानकारी, दूसरे ब्राउज़र में उपयोग की गयी थी जारी रखने फिर से साइन-इन करे
       expired: कोई गतिविधि न होने के कारण खाता बंद हो गया, सिस्टम व्यवस्थापक से संपर्क करें

data/config/locales/it.yml

@@ -3,6 +3,7 @@ it:
     messages:
       taken_in_past: "è stata gia' utilizzata in passato!"
       equal_to_current_password: " deve essere differente dalla password corrente!"
+      equal_to_email: "deve essere differente dall'email"
       password_complexity:
         digit:
           one: deve contenere almeno una cifra
@@ -22,6 +23,7 @@ it:
     paranoid_verify:
       code_required: 'Inserisci il codice fornito dal nostro team di supporto'
     paranoid_verification_code:
+      updated: Codice di verifica accettato
       show:
         submit_verification_code: Invia codice di verifica
         verification_code: Codice di verifica

data/config/locales/ja.yml

@@ -3,6 +3,7 @@ ja:
     messages:
       taken_in_past: 'は既に使われています。'
       equal_to_current_password: 'は現在のパスワードと異なるものである必要があります。'
+      equal_to_email: 'メールとは異なる必要があります'
       password_complexity:
         digit:
           one: は最低1つの数字を含む必要があります。
@@ -21,9 +22,21 @@ ja:
     invalid_security_question: 'セキュリティ質問に対する回答が不正です。'
     paranoid_verify:
       code_required: 'サポートチームに提供された認証コードを入力してください。'
+    paranoid_verification_code:
+      updated: 確認コードを受け入れました
+      show:
+        submit_verification_code: 確認コードを送信する
+        verification_code: 検証コード
+        submit: 参加する
     password_expired:
       updated: '新しいパスワードが保存されました。'
       change_required: 'パスワードが期限切れです。パスワードを新しく設定してください。'
+      show:
+        renew_your_password: パスワードを更新する
+        current_password: 現在のパスワード
+        new_password: 新しいパスワード
+        new_password_confirmation: 新しいパスワードを確認
+        change_my_password: パスワードを変更する
     failure:
       session_limited: '他のブラウザでログインされました。このブラウザで続ける場合は、もう一度サインインしてください。'
       expired: '活動がなかったため、あなたのアカウントは期限切れとなりました。サイト管理者に連絡してください。'

data/config/locales/nl.yml

@@ -3,6 +3,7 @@ nl:
     messages:
       taken_in_past: is eerder gebruikt.
       equal_to_current_password: moet verschillen van het huidige wachtwoord.
+      equal_to_email: moet anders zijn dan de e-mail
       password_complexity:
         digit:
           one: moet minimaal 1 cijfer bevatten
@@ -22,6 +23,7 @@ nl:
     paranoid_verify:
       code_required: Voer de aangeleverde code in
     paranoid_verification_code:
+      updated: Verificatiecode geaccepteerd
       show:
         submit_verification_code: Verstuur verificatie code
         verification_code: Verificatie code

data/config/locales/pt.yml

@@ -3,6 +3,7 @@ pt:
     messages:
       taken_in_past: 'foi usada anteriormente.'
       equal_to_current_password: 'deve ser diferente da senha atual.'
+      equal_to_email: 'deve ser diferente do e-mail.'
       password_complexity:
         digit:
           one: deve conter ao menos um dígito
@@ -22,6 +23,7 @@ pt:
     paranoid_verify:
       code_required: 'Por favor entre o código que a equipe de suporte enviou'
     paranoid_verification_code:
+      updated: Código de verificação aceito
       show:
         submit_verification_code: Enviar código de verificação
         verification_code: Código de verificação