devise-security 0.15.0 → 0.18.0

metadata

@@ -1,18 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: devise-security
 version: !ruby/object:Gem::Version
-  version: 0.15.0
+  version: 0.18.0
 platform: ruby
 authors:
-- Marco Scholl
 - Alexander Dreher
-- Nate Bird
 - Dillon Welch
 - Kevin Olbrich
+- Marco Scholl
+- Nate Bird
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-01-13 00:00:00.000000000 Z
+date: 2023-04-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -21,9 +21,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 4.3.0
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -31,9 +28,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 4.3.0
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: appraisal
   requirement: !ruby/object:Gem::Requirement
@@ -62,6 +56,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: database_cleaner
   requirement: !ruby/object:Gem::Requirement
@@ -91,7 +99,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: m
+  name: i18n-tasks
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -105,7 +113,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: minitest
+  name: m
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -119,7 +127,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: omniauth
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -133,7 +141,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: pry-byebug
+  name: omniauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -178,18 +186,18 @@ dependencies:
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.80.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.80.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rails
+  name: rubocop-minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -203,7 +211,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: simplecov-lcov
+  name: rubocop-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -217,7 +225,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: solargraph
+  name: simplecov-lcov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -231,7 +239,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: sqlite3
+  name: solargraph
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -245,7 +253,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: wwtd
+  name: solargraph-arc
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -270,6 +278,7 @@ files:
 - app/controllers/devise/password_expired_controller.rb
 - app/views/devise/paranoid_verification_code/show.html.erb
 - app/views/devise/password_expired/show.html.erb
+- config/locales/bg.yml
 - config/locales/by.yml
 - config/locales/cs.yml
 - config/locales/de.yml
@@ -306,34 +315,26 @@ files:
 - lib/devise-security/models/secure_validatable.rb
 - lib/devise-security/models/security_questionable.rb
 - lib/devise-security/models/session_limitable.rb
-- lib/devise-security/orm/active_record.rb
 - lib/devise-security/orm/mongoid.rb
 - lib/devise-security/patches.rb
-- lib/devise-security/patches/confirmations_controller_captcha.rb
-- lib/devise-security/patches/confirmations_controller_security_question.rb
 - lib/devise-security/patches/controller_captcha.rb
 - lib/devise-security/patches/controller_security_question.rb
-- lib/devise-security/patches/passwords_controller_captcha.rb
-- lib/devise-security/patches/passwords_controller_security_question.rb
-- lib/devise-security/patches/registrations_controller_captcha.rb
-- lib/devise-security/patches/sessions_controller_captcha.rb
-- lib/devise-security/patches/unlocks_controller_captcha.rb
-- lib/devise-security/patches/unlocks_controller_security_question.rb
 - lib/devise-security/rails.rb
 - lib/devise-security/routes.rb
-- lib/devise-security/schema.rb
 - lib/devise-security/validators/password_complexity_validator.rb
 - lib/devise-security/version.rb
 - lib/generators/devise_security/install_generator.rb
-- lib/generators/templates/devise-security.rb
+- lib/generators/templates/devise_security.rb
 - test/controllers/test_captcha_controller.rb
+- test/controllers/test_paranoid_verification_code_controller.rb
 - test/controllers/test_password_expired_controller.rb
 - test/controllers/test_security_question_controller.rb
 - test/dummy/Rakefile
 - test/dummy/app/assets/config/manifest.js
 - test/dummy/app/controllers/application_controller.rb
 - test/dummy/app/controllers/captcha/sessions_controller.rb
-- test/dummy/app/controllers/foos_controller.rb
+- test/dummy/app/controllers/overrides/paranoid_verification_code_controller.rb
+- test/dummy/app/controllers/overrides/password_expired_controller.rb
 - test/dummy/app/controllers/security_question/unlocks_controller.rb
 - test/dummy/app/controllers/widgets_controller.rb
 - test/dummy/app/models/application_record.rb
@@ -357,7 +358,8 @@ files:
 - test/dummy/app/models/mongoid/timeoutable_fields.rb
 - test/dummy/app/models/mongoid/trackable_fields.rb
 - test/dummy/app/models/mongoid/validatable_fields.rb
-- test/dummy/app/models/secure_user.rb
+- test/dummy/app/models/paranoid_verification_user.rb
+- test/dummy/app/models/password_expired_user.rb
 - test/dummy/app/models/security_question_user.rb
 - test/dummy/app/models/user.rb
 - test/dummy/app/models/widget.rb
@@ -377,6 +379,7 @@ files:
 - test/dummy/config/environments/test.rb
 - test/dummy/config/initializers/devise.rb
 - test/dummy/config/initializers/migration_class.rb
+- test/dummy/config/locales/en.yml
 - test/dummy/config/mongoid.yml
 - test/dummy/config/routes.rb
 - test/dummy/config/secrets.yml
@@ -393,10 +396,11 @@ files:
 - test/dummy/lib/shared_security_questions_fields.rb
 - test/dummy/lib/shared_user.rb
 - test/dummy/lib/shared_user_with_password_verification.rb
-- test/dummy/lib/shared_user_without_email.rb
 - test/dummy/lib/shared_user_without_omniauth.rb
 - test/dummy/lib/shared_verification_fields.rb
 - test/dummy/log/test.log
+- test/i18n_test.rb
+- test/integration/test_paranoid_verification_code_workflow.rb
 - test/integration/test_password_expirable_workflow.rb
 - test/integration/test_session_limitable_workflow.rb
 - test/orm/active_record.rb
@@ -405,19 +409,24 @@ files:
 - test/support/mongoid.yml
 - test/test_compatibility.rb
 - test/test_complexity_validator.rb
+- test/test_database_authenticatable_patch.rb
 - test/test_helper.rb
 - test/test_install_generator.rb
 - test/test_paranoid_verification.rb
 - test/test_password_archivable.rb
 - test/test_password_expirable.rb
 - test/test_secure_validatable.rb
+- test/test_secure_validatable_overrides.rb
 - test/test_session_limitable.rb
-- test/tmp/config/initializers/devise-security.rb
+- test/tmp/config/initializers/devise_security.rb
+- test/tmp/config/locales/devise.security_extension.by.yml
+- test/tmp/config/locales/devise.security_extension.cs.yml
 - test/tmp/config/locales/devise.security_extension.de.yml
 - test/tmp/config/locales/devise.security_extension.en.yml
 - test/tmp/config/locales/devise.security_extension.es.yml
 - test/tmp/config/locales/devise.security_extension.fa.yml
 - test/tmp/config/locales/devise.security_extension.fr.yml
+- test/tmp/config/locales/devise.security_extension.hi.yml
 - test/tmp/config/locales/devise.security_extension.it.yml
 - test/tmp/config/locales/devise.security_extension.ja.yml
 - test/tmp/config/locales/devise.security_extension.nl.yml
@@ -426,12 +435,12 @@ files:
 - test/tmp/config/locales/devise.security_extension.tr.yml
 - test/tmp/config/locales/devise.security_extension.uk.yml
 - test/tmp/config/locales/devise.security_extension.zh_CN.yml
+- test/tmp/config/locales/devise.security_extension.zh_TW.yml
 homepage: https://github.com/devise-security/devise-security
 licenses:
 - MIT
 metadata: {}
-post_install_message: 'WARNING: devise-security will drop support for Rails 4.2 in
-  version 0.16.0'
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -446,7 +455,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Security extension for devise
@@ -479,14 +488,16 @@ test_files:
 - test/dummy/app/models/mongoid/omniauthable_fields.rb
 - test/dummy/app/models/security_question_user.rb
 - test/dummy/app/models/application_user_record.rb
-- test/dummy/app/models/secure_user.rb
 - test/dummy/app/models/widget.rb
+- test/dummy/app/models/password_expired_user.rb
+- test/dummy/app/models/paranoid_verification_user.rb
 - test/dummy/app/models/application_record.rb
 - test/dummy/app/models/captcha_user.rb
 - test/dummy/app/models/user.rb
+- test/dummy/app/controllers/overrides/password_expired_controller.rb
+- test/dummy/app/controllers/overrides/paranoid_verification_code_controller.rb
 - test/dummy/app/controllers/application_controller.rb
 - test/dummy/app/controllers/captcha/sessions_controller.rb
-- test/dummy/app/controllers/foos_controller.rb
 - test/dummy/app/controllers/widgets_controller.rb
 - test/dummy/app/controllers/security_question/unlocks_controller.rb
 - test/dummy/app/views/foos/index.html.erb
@@ -494,6 +505,7 @@ test_files:
 - test/dummy/config/secrets.yml
 - test/dummy/config/routes.rb
 - test/dummy/config/mongoid.yml
+- test/dummy/config/locales/en.yml
 - test/dummy/config/environments/test.rb
 - test/dummy/config/environment.rb
 - test/dummy/config/application.rb
@@ -505,7 +517,6 @@ test_files:
 - test/dummy/Rakefile
 - test/dummy/lib/shared_verification_fields.rb
 - test/dummy/lib/shared_user.rb
-- test/dummy/lib/shared_user_without_email.rb
 - test/dummy/lib/shared_user_without_omniauth.rb
 - test/dummy/lib/shared_user_with_password_verification.rb
 - test/dummy/lib/shared_expirable_columns.rb
@@ -521,9 +532,13 @@ test_files:
 - test/dummy/db/migrate/20180318105329_add_confirmable_columns.rb
 - test/dummy/log/test.log
 - test/test_install_generator.rb
+- test/test_secure_validatable_overrides.rb
+- test/i18n_test.rb
 - test/test_paranoid_verification.rb
 - test/integration/test_session_limitable_workflow.rb
 - test/integration/test_password_expirable_workflow.rb
+- test/integration/test_paranoid_verification_code_workflow.rb
+- test/test_database_authenticatable_patch.rb
 - test/test_secure_validatable.rb
 - test/test_session_limitable.rb
 - test/support/mongoid.yml
@@ -534,13 +549,16 @@ test_files:
 - test/test_compatibility.rb
 - test/test_password_expirable.rb
 - test/controllers/test_security_question_controller.rb
+- test/controllers/test_paranoid_verification_code_controller.rb
 - test/controllers/test_captcha_controller.rb
 - test/controllers/test_password_expired_controller.rb
+- test/tmp/config/locales/devise.security_extension.by.yml
 - test/tmp/config/locales/devise.security_extension.nl.yml
 - test/tmp/config/locales/devise.security_extension.tr.yml
 - test/tmp/config/locales/devise.security_extension.ru.yml
 - test/tmp/config/locales/devise.security_extension.fr.yml
 - test/tmp/config/locales/devise.security_extension.fa.yml
+- test/tmp/config/locales/devise.security_extension.hi.yml
 - test/tmp/config/locales/devise.security_extension.ja.yml
 - test/tmp/config/locales/devise.security_extension.en.yml
 - test/tmp/config/locales/devise.security_extension.pt.yml
@@ -549,5 +567,7 @@ test_files:
 - test/tmp/config/locales/devise.security_extension.es.yml
 - test/tmp/config/locales/devise.security_extension.zh_CN.yml
 - test/tmp/config/locales/devise.security_extension.uk.yml
-- test/tmp/config/initializers/devise-security.rb
+- test/tmp/config/locales/devise.security_extension.zh_TW.yml
+- test/tmp/config/locales/devise.security_extension.cs.yml
+- test/tmp/config/initializers/devise_security.rb
 - test/test_complexity_validator.rb

data/lib/devise-security/orm/active_record.rb

@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity
-  module Orm
-    # This module contains some helpers and handle schema (migrations):
-    #
-    #   create_table :accounts do |t|
-    #     t.password_expirable
-    #   end
-    #
-    module ActiveRecord
-      module Schema
-        include DeviseSecurity::Schema
-      end
-    end
-  end
-end
-
-ActiveRecord::ConnectionAdapters::Table.send :include, DeviseSecurity::Orm::ActiveRecord::Schema
-ActiveRecord::ConnectionAdapters::TableDefinition.send :include, DeviseSecurity::Orm::ActiveRecord::Schema

data/lib/devise-security/patches/confirmations_controller_captcha.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module ConfirmationsControllerCaptcha
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do
-        if valid_captcha_if_defined?(params[:captcha])
-          self.resource = resource_class.send_confirmation_instructions(params[resource_name])
-
-          if successfully_sent?(resource)
-            respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name))
-          else
-            respond_with(resource)
-          end
-        else
-          flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
-          respond_with({}, location: new_confirmation_path(resource_name))
-        end
-      end
-    end
-  end
-end

data/lib/devise-security/patches/confirmations_controller_security_question.rb

@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module ConfirmationsControllerSecurityQuestion
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do
-        # only find via email, not login
-        resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
-
-        if valid_captcha_or_security_question?(resource, params)
-          self.resource = resource_class.send_confirmation_instructions(params[resource_name])
-
-          if successfully_sent?(resource)
-            respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name))
-          else
-            respond_with(resource)
-          end
-        else
-          flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
-          respond_with({}, location: new_confirmation_path(resource_name))
-        end
-      end
-    end
-  end
-end

data/lib/devise-security/patches/passwords_controller_captcha.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module PasswordsControllerCaptcha
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do
-        if valid_captcha_if_defined?(params[:captcha])
-          self.resource = resource_class.send_reset_password_instructions(params[resource_name])
-          if successfully_sent?(resource)
-            respond_with({}, location: new_session_path(resource_name))
-          else
-            respond_with(resource)
-          end
-        else
-          flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
-          respond_with({}, location: new_password_path(resource_name))
-        end
-      end
-    end
-  end
-end

data/lib/devise-security/patches/passwords_controller_security_question.rb

@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module PasswordsControllerSecurityQuestion
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do
-        # only find via email, not login
-        resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
-
-        if valid_captcha_or_security_question?(resource, params)
-          self.resource = resource_class.send_reset_password_instructions(params[resource_name])
-          if successfully_sent?(resource)
-            respond_with({}, location: new_session_path(resource_name))
-          else
-            respond_with(resource)
-          end
-        else
-          flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
-          respond_with({}, location: new_password_path(resource_name))
-        end
-      end
-    end
-  end
-end

data/lib/devise-security/patches/registrations_controller_captcha.rb

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module RegistrationsControllerCaptcha
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do |&block|
-        build_resource(sign_up_params)
-
-        if valid_captcha_if_defined?(params[:captcha])
-          if resource.save
-            block.call(resource) if block
-            if resource.active_for_authentication?
-              set_flash_message :notice, :signed_up if is_flashing_format?
-              sign_up(resource_name, resource)
-              respond_with resource, location: after_sign_up_path_for(resource)
-            else
-              set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}" if is_flashing_format?
-              expire_data_after_sign_in!
-              respond_with resource, location: after_inactive_sign_up_path_for(resource)
-            end
-          else
-            clean_up_passwords resource
-            respond_with resource
-          end
-
-        else
-          resource.errors.add :base, t('devise.invalid_captcha')
-          clean_up_passwords resource
-          respond_with resource
-        end
-      end
-    end
-  end
-end

data/lib/devise-security/patches/sessions_controller_captcha.rb

@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module SessionsControllerCaptcha
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do |&block|
-        if valid_captcha_if_defined?(params[:captcha])
-          self.resource = warden.authenticate!(auth_options)
-          set_flash_message(:notice, :signed_in) if is_flashing_format?
-          sign_in(resource_name, resource)
-          block.call(resource) if block
-          respond_with resource, location: after_sign_in_path_for(resource)
-        else
-          flash[:alert] = t('devise.invalid_captcha') if is_flashing_format?
-          respond_with({}, location: new_session_path(resource_name))
-        end
-      end
-
-      # for bad protected use in controller
-      define_method :auth_options do
-        { scope: resource_name, recall: "#{controller_path}#new" }
-      end
-    end
-  end
-end

data/lib/devise-security/patches/unlocks_controller_captcha.rb

@@ -1,22 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module UnlocksControllerCaptcha
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do
-        if valid_captcha_if_defined?(params[:captcha])
-          self.resource = resource_class.send_unlock_instructions(params[resource_name])
-          if successfully_sent?(resource)
-            respond_with({}, location: new_session_path(resource_name))
-          else
-            respond_with(resource)
-          end
-        else
-          flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
-          respond_with({}, location: new_unlock_path(resource_name))
-        end
-      end
-    end
-  end
-end

data/lib/devise-security/patches/unlocks_controller_security_question.rb

@@ -1,25 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity::Patches
-  module UnlocksControllerSecurityQuestion
-    extend ActiveSupport::Concern
-    included do
-      define_method :create do
-        # only find via email, not login
-        resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
-
-        if valid_captcha_or_security_question?(resource, params)
-          self.resource = resource_class.send_unlock_instructions(params[resource_name])
-          if successfully_sent?(resource)
-            respond_with({}, location: new_session_path(resource_name))
-          else
-            respond_with(resource)
-          end
-        else
-          flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
-          respond_with({}, location: new_unlock_path(resource_name))
-        end
-      end
-    end
-  end
-end

data/lib/devise-security/schema.rb

@@ -1,66 +0,0 @@
-# frozen_string_literal: true
-
-module DeviseSecurity
-  # add schema helper for migrations
-  module Schema
-    # Add password_changed_at columns in the resource's database table.
-    #
-    # Examples
-    #
-    # # For a new resource migration:
-    # create_table :the_resources do |t|
-    #   t.password_expirable
-    # ...
-    # end
-    #
-    # # or if the resource's table already exists, define a migration and put this in:
-    # change_table :the_resources do |t|
-    #   t.datetime :password_changed_at
-    # end
-    #
-    def password_expirable
-      apply_devise_schema :password_changed_at, DateTime
-    end
-
-    # Add password_archivable columns
-    #
-    # Examples
-    #
-    # create_table :old_passwords do
-    #   t.password_archivable
-    # end
-    # add_index :old_passwords, [:password_archivable_type, :password_archivable_id], name: 'index_password_archivable'
-    #
-    def password_archivable
-      apply_devise_schema :encrypted_password, String, limit: 128, null: false
-      apply_devise_schema :password_salt, String
-      apply_devise_schema :password_archivable_id, Integer, null: false
-      apply_devise_schema :password_archivable_type, String, null: false
-      apply_devise_schema :created_at, DateTime
-    end
-
-    # Add session_limitable columns in the resource's database table.
-    #
-    # Examples
-    #
-    # # For a new resource migration:
-    # create_table :the_resources do |t|
-    #   t.session_limitable
-    # ...
-    # end
-    #
-    # # or if the resource's table already exists, define a migration and put this in:
-    # change_table :the_resources do |t|
-    #   t.string :unique_session_id, limit: 20
-    # end
-    #
-    def session_limitable
-      apply_devise_schema :unique_session_id, String, limit: 20
-    end
-
-    def expirable
-      apply_devise_schema :expired_at, DateTime
-      apply_devise_schema :last_activity_at, DateTime
-    end
-  end
-end

data/test/dummy/app/models/secure_user.rb

@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class SecureUser < ApplicationUserRecord
-  devise :database_authenticatable, :secure_validatable, email_validation: false
-  if DEVISE_ORM == :mongoid
-    require './test/dummy/app/models/mongoid/mappings'
-    include ::Mongoid::Mappings
-  end
-end