RubyGems - devise-security - Versions diffs - 0.16.0 → 0.18.0 - Mend

devise-security 0.16.0 → 0.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (140) hide show

checksums.yaml +4 -4
data/LICENSE.txt +3 -1
data/README.md +18 -7
data/app/controllers/devise/paranoid_verification_code_controller.rb +26 -12
data/app/controllers/devise/password_expired_controller.rb +22 -5
data/config/locales/bg.yml +42 -0
data/config/locales/by.yml +1 -0
data/config/locales/cs.yml +5 -0
data/config/locales/de.yml +3 -0
data/config/locales/en.yml +2 -1
data/config/locales/es.yml +12 -0
data/config/locales/fa.yml +1 -0
data/config/locales/fr.yml +14 -2
data/config/locales/hi.yml +1 -0
data/config/locales/it.yml +1 -0
data/config/locales/ja.yml +12 -0
data/config/locales/nl.yml +1 -0
data/config/locales/pt.yml +1 -0
data/config/locales/ru.yml +1 -0
data/config/locales/tr.yml +25 -1
data/config/locales/uk.yml +1 -0
data/config/locales/zh_CN.yml +1 -0
data/config/locales/zh_TW.yml +1 -0
data/lib/devise-security/controllers/helpers.rb +23 -11
data/lib/devise-security/hooks/expirable.rb +3 -3
data/lib/devise-security/hooks/paranoid_verification.rb +1 -3
data/lib/devise-security/hooks/password_expirable.rb +1 -3
data/lib/devise-security/hooks/session_limitable.rb +4 -4
data/lib/devise-security/models/compatibility/active_record_patch.rb +4 -3
data/lib/devise-security/models/compatibility/mongoid_patch.rb +3 -2
data/lib/devise-security/models/database_authenticatable_patch.rb +18 -10
data/lib/devise-security/models/expirable.rb +6 -5
data/lib/devise-security/models/paranoid_verification.rb +2 -2
data/lib/devise-security/models/password_archivable.rb +3 -3
data/lib/devise-security/models/secure_validatable.rb +57 -20
data/lib/devise-security/orm/mongoid.rb +1 -1
data/lib/devise-security/patches.rb +14 -8
data/lib/devise-security/routes.rb +2 -3
data/lib/devise-security/validators/password_complexity_validator.rb +53 -26
data/lib/devise-security/version.rb +1 -1
data/lib/devise-security.rb +9 -3
data/lib/generators/devise_security/install_generator.rb +3 -5
data/lib/generators/templates/devise_security.rb +6 -1
data/test/controllers/test_paranoid_verification_code_controller.rb +133 -0
data/test/controllers/test_password_expired_controller.rb +87 -33
data/test/controllers/test_security_question_controller.rb +25 -19
data/test/dummy/app/controllers/overrides/paranoid_verification_code_controller.rb +7 -0
data/test/dummy/app/controllers/overrides/password_expired_controller.rb +17 -0
data/test/dummy/app/controllers/widgets_controller.rb +3 -0
data/test/dummy/app/models/application_user_record.rb +2 -1
data/test/dummy/app/models/mongoid/confirmable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/database_authenticable_fields.rb +4 -3
data/test/dummy/app/models/mongoid/expirable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/lockable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/mappings.rb +4 -2
data/test/dummy/app/models/mongoid/omniauthable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/paranoid_verification_fields.rb +2 -0
data/test/dummy/app/models/mongoid/password_archivable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/password_expirable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/recoverable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/registerable_fields.rb +4 -2
data/test/dummy/app/models/mongoid/rememberable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/secure_validatable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/security_questionable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/session_limitable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/timeoutable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/trackable_fields.rb +2 -0
data/test/dummy/app/models/mongoid/validatable_fields.rb +2 -0
data/test/dummy/app/models/paranoid_verification_user.rb +26 -0
data/test/dummy/app/models/password_expired_user.rb +26 -0
data/test/dummy/app/models/user.rb +5 -5
data/test/dummy/app/models/widget.rb +1 -3
data/test/dummy/app/mongoid/one_user.rb +5 -5
data/test/dummy/app/mongoid/user_on_engine.rb +2 -2
data/test/dummy/app/mongoid/user_on_main_app.rb +2 -2
data/test/dummy/app/mongoid/user_with_validations.rb +3 -3
data/test/dummy/app/mongoid/user_without_email.rb +7 -4
data/test/dummy/config/application.rb +3 -7
data/test/dummy/config/boot.rb +1 -1
data/test/dummy/config/environment.rb +1 -1
data/test/dummy/config/environments/test.rb +1 -0
data/test/dummy/config/initializers/devise.rb +1 -5
data/test/dummy/config/locales/en.yml +10 -0
data/test/dummy/config/routes.rb +3 -1
data/test/dummy/config.ru +1 -1
data/test/dummy/db/migrate/20120508165529_create_tables.rb +5 -5
data/test/dummy/lib/shared_expirable_columns.rb +1 -0
data/test/dummy/lib/shared_security_questions_fields.rb +1 -0
data/test/dummy/lib/shared_user.rb +17 -6
data/test/dummy/lib/shared_user_without_omniauth.rb +12 -3
data/test/dummy/lib/shared_verification_fields.rb +1 -0
data/test/dummy/log/test.log +39637 -16086
data/test/i18n_test.rb +22 -0
data/test/integration/test_paranoid_verification_code_workflow.rb +53 -0
data/test/integration/test_password_expirable_workflow.rb +2 -2
data/test/integration/test_session_limitable_workflow.rb +5 -3
data/test/orm/active_record.rb +7 -7
data/test/support/integration_helpers.rb +18 -12
data/test/test_compatibility.rb +2 -0
data/test/test_complexity_validator.rb +247 -37
data/test/test_database_authenticatable_patch.rb +146 -0
data/test/test_helper.rb +7 -8
data/test/test_install_generator.rb +1 -1
data/test/test_paranoid_verification.rb +8 -9
data/test/test_password_archivable.rb +34 -11
data/test/test_password_expirable.rb +27 -27
data/test/test_secure_validatable.rb +265 -107
data/test/test_secure_validatable_overrides.rb +185 -0
data/test/test_session_limitable.rb +9 -9
data/test/tmp/config/initializers/{devise-security.rb → devise_security.rb} +6 -1
data/test/tmp/config/locales/devise.security_extension.by.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.cs.yml +5 -0
data/test/tmp/config/locales/devise.security_extension.de.yml +3 -0
data/test/tmp/config/locales/devise.security_extension.en.yml +2 -1
data/test/tmp/config/locales/devise.security_extension.es.yml +12 -0
data/test/tmp/config/locales/devise.security_extension.fa.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.fr.yml +14 -2
data/test/tmp/config/locales/devise.security_extension.hi.yml +21 -20
data/test/tmp/config/locales/devise.security_extension.it.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.ja.yml +12 -0
data/test/tmp/config/locales/devise.security_extension.nl.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.pt.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.ru.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.tr.yml +25 -1
data/test/tmp/config/locales/devise.security_extension.uk.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.zh_CN.yml +1 -0
data/test/tmp/config/locales/devise.security_extension.zh_TW.yml +1 -0
metadata +82 -41
data/lib/devise-security/patches/confirmations_controller_captcha.rb +0 -23
data/lib/devise-security/patches/confirmations_controller_security_question.rb +0 -26
data/lib/devise-security/patches/passwords_controller_captcha.rb +0 -22
data/lib/devise-security/patches/passwords_controller_security_question.rb +0 -25
data/lib/devise-security/patches/registrations_controller_captcha.rb +0 -35
data/lib/devise-security/patches/sessions_controller_captcha.rb +0 -26
data/lib/devise-security/patches/unlocks_controller_captcha.rb +0 -22
data/lib/devise-security/patches/unlocks_controller_security_question.rb +0 -25
data/test/dummy/app/controllers/foos_controller.rb +0 -0
data/test/dummy/app/models/secure_user.rb +0 -9
data/test/dummy/lib/shared_user_without_email.rb +0 -28
data/test/dummy/log/development.log +0 -883

data/test/dummy/app/mongoid/one_user.rb CHANGED Viewed

@@ -11,16 +11,16 @@ class OneUser
   field :password_changed_at, type: Time
   index({ password_changed_at: 1 }, {})
-  #field :paranoid_verification_code, type: String
-  #field :paranoid_verified_at, type: Time
-  #field :paranoid_verification_attempt, type: Integer, default: 0
+  field :paranoid_verification_code, type: String
+  field :paranoid_verified_at, type: Time
+  field :paranoid_verification_attempt, type: Integer, default: 0
   field :username, type: String
   field :facebook_token, type: String
   ## Database authenticatable
-  field :email,              type: String, default: ""
-  field :encrypted_password, type: String, default: ""
+  field :email,              type: String, default: ''
+  field :encrypted_password, type: String, default: ''
   ## Recoverable
   field :reset_password_token,   type: String

data/test/dummy/app/mongoid/user_on_engine.rb CHANGED Viewed

@@ -11,8 +11,8 @@ class UserOnEngine
   field :facebook_token, type: String
   ## Database authenticatable
-  field :email, type: String, default: ""
-  field :encrypted_password, type: String, default: ""
+  field :email, type: String, default: ''
+  field :encrypted_password, type: String, default: ''
   ## Recoverable
   field :reset_password_token, type: String

data/test/dummy/app/mongoid/user_on_main_app.rb CHANGED Viewed

@@ -11,8 +11,8 @@ class UserOnMainApp
   field :facebook_token, type: String
   ## Database authenticatable
-  field :email, type: String, default: ""
-  field :encrypted_password, type: String, default: ""
+  field :email, type: String, default: ''
+  field :encrypted_password, type: String, default: ''
   ## Recoverable
   field :reset_password_token, type: String

data/test/dummy/app/mongoid/user_with_validations.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-require "shared_user"
+require 'shared_user'
 class UserWithValidations
   include Mongoid::Document
@@ -11,8 +11,8 @@ class UserWithValidations
   field :facebook_token, type: String
   ## Database authenticatable
-  field :email, type: String, default: ""
-  field :encrypted_password, type: String, default: ""
+  field :email, type: String, default: ''
+  field :encrypted_password, type: String, default: ''
   ## Recoverable
   field :reset_password_token, type: String

data/test/dummy/app/mongoid/user_without_email.rb CHANGED Viewed

@@ -1,18 +1,21 @@
 # frozen_string_literal: true
-require "shared_user_without_email"
+require 'shared_user_without_email'
 class UserWithoutEmail
   include Mongoid::Document
   include Shim
-  include SharedUserWithoutEmail
+  devise :database_authenticatable, :lockable, :recoverable,
+         :registerable, :rememberable, :timeoutable,
+         :trackable
   field :username, type: String
   field :facebook_token, type: String
   ## Database authenticatable
-  field :email, type: String, default: ""
-  field :encrypted_password, type: String, default: ""
+  field :email, type: String, default: ''
+  field :encrypted_password, type: String, default: ''
   ## Recoverable
   field :reset_password_token, type: String

data/test/dummy/config/application.rb CHANGED Viewed

@@ -1,10 +1,9 @@
 # frozen_string_literal: true
-require File.expand_path('../boot', __FILE__)
+require File.expand_path('boot', __dir__)
 require 'action_mailer/railtie'
-require "action_mailer/railtie"
-require "rails/test_unit/railtie"
+require 'rails/test_unit/railtie'
 DEVISE_ORM = ENV.fetch('DEVISE_ORM', 'active_record').to_sym
 Bundler.require :default, DEVISE_ORM
@@ -22,9 +21,6 @@ module RailsApp
     config.autoload_paths += ["#{config.root}/app/#{DEVISE_ORM}"]
     config.autoload_paths += ["#{config.root}/lib"]
-    config.assets.enabled = true
-    config.assets.version = '1.0'
-    config.secret_key_base = 'fuuuuuuuuuuu'
+    config.secret_key_base = 'foobar'
   end
 end

data/test/dummy/config/boot.rb CHANGED Viewed

@@ -3,6 +3,6 @@
 require 'rubygems'
 # Set up gems listed in the Gemfile.
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
 require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])

data/test/dummy/config/environment.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 # Load the rails application
-require File.expand_path('../application', __FILE__)
+require File.expand_path('application', __dir__)
 # Initialize the rails application
 RailsApp::Application.initialize!

data/test/dummy/config/environments/test.rb CHANGED Viewed

@@ -23,5 +23,6 @@ RailsApp::Application.configure do
   config.active_support.test_order = :sorted
   config.log_level = :debug
   config.active_record.sqlite3.represent_boolean_as_integer = true if Rails.gem_version.release >= Gem::Version.new('5.2') && Rails.gem_version.release < Gem::Version.new('6.0')
+  config.active_record.legacy_connection_handling = false if Rails.gem_version.release >= Gem::Version.new('6.1')
 end
 ActiveSupport::Deprecation.debug = true

data/test/dummy/config/initializers/devise.rb CHANGED Viewed

@@ -8,10 +8,6 @@ Devise.setup do |config|
   config.secret_key = 'f08cf11a38906f531d2dfc9a2c2d671aa0021be806c21255d4'
   config.case_insensitive_keys = [:email]
   config.strip_whitespace_keys = [:email]
-  config.password_complexity = {
-    digit: 1,
-    lower: 1,
-    upper: 1,
-  }
+  config.password_complexity = { digit: 1, lower: 1, upper: 1 }
   config.password_length = 7..128
 end

data/test/dummy/config/locales/en.yml ADDED Viewed

@@ -0,0 +1,10 @@
+en:
+  errors:
+    messages:
+      password_complexity:
+        letter:
+          one: must contain at least one letter
+          other: must contain at least %{count} letters
+        alnum:
+          one: must contain at least one letter or number
+          other: must contain at least %{count} letters or numbers

data/test/dummy/config/routes.rb CHANGED Viewed

@@ -4,7 +4,9 @@ RailsApp::Application.routes.draw do
   devise_for :users
   devise_for :captcha_users, only: [:sessions], controllers: { sessions: 'captcha/sessions' }
-  devise_for :security_question_users, only: [:sessions, :unlocks], controllers: { unlocks: 'security_question/unlocks' }
+  devise_for :password_expired_users, only: [:password_expired], controllers: { password_expired: 'overrides/password_expired' }
+  devise_for :paranoid_verification_users, only: [:verification_code], controllers: { paranoid_verification_code: 'overrides/paranoid_verification_code' }
+  devise_for :security_question_users, only: %i[sessions unlocks], controllers: { unlocks: 'security_question/unlocks' }
   resources :foos
   resource :widgets

data/test/dummy/config.ru CHANGED Viewed

@@ -2,5 +2,5 @@
 # This file is used by Rack-based servers to start the application.
-require ::File.expand_path('../config/environment', __FILE__)
+require ::File.expand_path('config/environment', __dir__)
 run RailsApp::Application

data/test/dummy/db/migrate/20120508165529_create_tables.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 class CreateTables < MIGRATION_CLASS
-  def self.up
+  def self.up # rubocop:disable Metrics/AbcSize
     create_table :users do |t|
       t.string :username
       t.string :facebook_token
@@ -33,13 +33,13 @@ class CreateTables < MIGRATION_CLASS
     end
     create_table :old_passwords do |t|
-      t.string :encrypted_password, :null => false
+      t.string :encrypted_password, null: false
       t.string :password_salt
-      t.string :password_archivable_type, :null => false
-      t.integer :password_archivable_id, :null => false
+      t.string :password_archivable_type, null: false
+      t.integer :password_archivable_id, null: false
       t.datetime :created_at
     end
-    add_index :old_passwords, [:password_archivable_type, :password_archivable_id], name: 'index_password_archivable'
+    add_index :old_passwords, %i[password_archivable_type password_archivable_id], name: 'index_password_archivable'
   end
   def self.down

data/test/dummy/lib/shared_expirable_columns.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 require 'shared_user'
 module SharedVerificationColumns

data/test/dummy/lib/shared_security_questions_fields.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 require 'shared_user'
 module SharedSecurityQuestionsFields

data/test/dummy/lib/shared_user.rb CHANGED Viewed

@@ -4,10 +4,21 @@ module SharedUser
   extend ActiveSupport::Concern
   included do
-    devise :database_authenticatable, :confirmable, :lockable, :recoverable,
-           :registerable, :rememberable, :timeoutable,
-           :trackable, :secure_validatable, :omniauthable, :validatable, password_length: 7..72,
-           reconfirmable: false
+    devise(
+      :database_authenticatable,
+      :confirmable,
+      :lockable,
+      :recoverable,
+      :registerable,
+      :rememberable,
+      :timeoutable,
+      :trackable,
+      :secure_validatable,
+      :omniauthable,
+      :validatable,
+      password_length: 7..72,
+      reconfirmable: false
+    )
     attr_accessor :other_key
@@ -22,8 +33,8 @@ module SharedUser
   module ExtendMethods
     def new_with_session(params, session)
       super.tap do |user|
-        if data = session["devise.facebook_data"]
-          user.email = data["email"]
+        if (data = session['devise.facebook_data'])
+          user.email = data['email']
           user.confirmed_at = Time.zone.now
         end
       end

data/test/dummy/lib/shared_user_without_omniauth.rb CHANGED Viewed

@@ -4,9 +4,18 @@ module SharedUserWithoutOmniauth
   extend ActiveSupport::Concern
   included do
-    devise :database_authenticatable, :confirmable, :lockable, :recoverable,
-      :registerable, :rememberable, :timeoutable,
-      :trackable, :validatable, reconfirmable: false
+    devise(
+      :database_authenticatable,
+      :confirmable,
+      :lockable,
+      :recoverable,
+      :registerable,
+      :rememberable,
+      :timeoutable,
+      :trackable,
+      :validatable,
+      reconfirmable: false
+    )
   end
   def raw_confirmation_token

data/test/dummy/lib/shared_verification_fields.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
 require 'shared_user'
 module SharedVerificationFields