devise-security 0.11.0 → 0.11.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b562461dba8b930f89dd68682f11d354a83f7a28
-  data.tar.gz: ffbac7216ea17728e7d483e846e63bfe773bbd8a
+  metadata.gz: 34e1123d37456a09b6554cde544c4e49c796447f
+  data.tar.gz: d3cc451de684f054e4404e9ce3d8a7a47ccc9b46
 SHA512:
-  metadata.gz: 6031c3ac9f30e9d09501d90d2f263a2600f4919dd79f0b99275b2be4a93732b8a5eddbadf6c95e6a9ba117932cfaba5357cdeb0036b34b2810909f2536eb269b
-  data.tar.gz: cd0a3386d268be89049f2fef0edf39b768d2b31b81335e79771d22b56c3575e34f23444b51a42006e0540b272df0602c323d35e60e31d06f1d916902633ae0a1
+  metadata.gz: 8f5c352c7234af43ab916d1b741799460289e96c843f9d90696f7bd8c2cc7b709009fbaf35ff61e99886c646941e2c186db43988f3ed64915ea7e80e491738a9
+  data.tar.gz: bcfff1037167e404e0998a225115713443675adfff7c3c13fa77a75611106286c1b33654ee3ec69280db693cbc4d234fa9b209377a8d1b38bd0441888ab98df3

data/.gitignore

@@ -36,3 +36,4 @@ pkg
 log
 test/tmp/*
 *.gem
+Gemfile.lock

data/.rubocop.yml

@@ -1,4 +1,5 @@
 AllCops:
+  TargetRubyVersion: 2.2
   Include:
     - '**/Rakefile'
     - '**/config.ru'

data/.ruby-version

@@ -0,0 +1 @@
+2.2.8

data/.travis.yml

@@ -4,10 +4,9 @@ install: bundle install --jobs=3 --retry=3
 before_script: bundle install
 script: bundle exec rake
 rvm:
-  - 2.1.8
-  - 2.2.4
-  - 2.3.4
-  - 2.4.1
+  - 2.2.8
+  - 2.3.5
+  - 2.4.2
   - ruby-head
 matrix:
   allow_failures:

data/README.md

@@ -22,7 +22,7 @@ Configuration and database schema for each module below.
 
 ## Getting started
 
-Devise Security Extension works with Devise on Rails 3.2 onwards. You can add it to your Gemfile after you successfully set up Devise (see [Devise documentation](https://github.com/plataformatec/devise)) with:
+Devise Security works with Devise on Rails 3.2 onwards. You can add it to your Gemfile after you successfully set up Devise (see [Devise documentation](https://github.com/plataformatec/devise)) with:
 
 ```ruby
 gem 'devise-security'
@@ -30,14 +30,14 @@ gem 'devise-security'
 
 Run the bundle command to install it.
 
-After you installed Devise Security Extension you need to run the generator:
+After you installed Devise Security you need to run the generator:
 
 ```console
-rails generate devise-security:install
+rails generate devise_security:install
 ```
 
-The generator adds optional configurations to `config/initializers/devise.rb`. Enable
-the modules you wish to use in the initializer you are ready to add Devise Security Extension modules on top of Devise modules to any of your Devise models:
+The generator adds optional configurations to `config/initializers/devise-security.rb`. Enable
+the modules you wish to use in the initializer you are ready to add Devise Security modules on top of Devise modules to any of your Devise models:
 
 ```ruby
 devise :password_expirable, :secure_validatable, :password_archivable, :session_limitable, :expirable
@@ -111,7 +111,7 @@ gem 'easy_captcha'
 ```ruby
 rails generate easy_captcha:install
 ```
-3. Enable captcha - see "Configuration" of Devise Security Extension above.
+3. Enable captcha - see "Configuration" of Devise Security above.
 4. Add the captcha in the generated devise views for each controller you have activated
 ```erb
 <p><%= captcha_tag %></p>

data/devise-security.gemspec

@@ -3,7 +3,7 @@ $LOAD_PATH.unshift(File.expand_path('../lib', __FILE__))
 require 'devise-security/version'
 
 Gem::Specification.new do |s|
-  s.name = 'devise-security'
+  s.name        = 'devise-security'
   s.version     = DeviseSecurity::VERSION.dup
   s.platform    = Gem::Platform::RUBY
   s.licenses    = ['MIT']
@@ -11,24 +11,28 @@ Gem::Specification.new do |s|
   s.email       = 'natebird@gmail.com'
   s.homepage    = 'https://github.com/devise-security/devise-security'
   s.description = 'An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.'
-  s.authors     = ['Marco Scholl', 'Alexander Dreher', 'Nate Bird']
+  s.authors     = [
+    'Marco Scholl', 'Alexander Dreher', 'Nate Bird', 'Dillon Welch'
+  ]
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- test/*`.split("\n")
   s.require_paths = ['lib']
-  s.required_ruby_version = '>= 2.1.0'
+  s.required_ruby_version = '>= 2.2.2'
 
   if RUBY_VERSION >= '2.4'
     s.add_runtime_dependency 'rails', '>= 4.2.8', '< 6.0'
   else
     s.add_runtime_dependency 'railties', '>= 3.2.6', '< 6.0'
   end
-  s.add_runtime_dependency 'devise', '>= 3.0.0', '< 5.0'
+  s.add_runtime_dependency 'devise', '>= 4.2.0', '< 5.0'
+
   s.add_development_dependency 'bundler', '>= 1.3.0', '< 2.0'
-  s.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.10'
-  s.add_development_dependency 'rubocop', '~> 0'
-  s.add_development_dependency 'minitest', '~> 5.0'
+  s.add_development_dependency 'coveralls', '~> 0.8'
   s.add_development_dependency 'easy_captcha', '~> 0'
+  s.add_development_dependency 'm'
+  s.add_development_dependency 'minitest', '~> 5.0'
   s.add_development_dependency 'rails_email_validator', '~> 0'
-  s.add_development_dependency 'coveralls', '~> 0.8'
+  s.add_development_dependency 'rubocop', '~> 0'
+  s.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.10'
 end

data/lib/devise-security/controllers/helpers.rb

@@ -21,6 +21,21 @@ module DeviseSecurity
         end
       end
 
+      def valid_captcha_or_security_question?(resource, params)
+        valid_captcha_if_defined?(params[:captcha]) ||
+          valid_security_question_answer?(resource, params[:security_question_answer])
+      end
+
+      def valid_captcha_if_defined?(captcha)
+        defined?(verify_recaptcha) && verify_recaptcha ||
+          defined?(valid_captcha?) && valid_captcha?(captcha)
+      end
+
+      def valid_security_question_answer?(resource, answer)
+        resource.security_question_answer.present? &&
+          resource.security_question_answer == answer
+      end
+
       # controller instance methods
 
         private
@@ -29,9 +44,9 @@ module DeviseSecurity
         def handle_password_change
           return if warden.nil?
 
-          if not devise_controller? and not ignore_password_expire? and not request.format.nil? and request.format.html?
+          if !devise_controller? && !ignore_password_expire? && !request.format.nil? && request.format.html?
             Devise.mappings.keys.flatten.any? do |scope|
-              if signed_in?(scope) and warden.session(scope)['password_expired']
+              if signed_in?(scope) && warden.session(scope)['password_expired']
                 # re-check to avoid infinite loop if date changed after login attempt
                 if send(:"current_#{scope}").try(:need_change_password?)
                   store_location_for(scope, request.original_fullpath) if request.get?
@@ -88,9 +103,6 @@ module DeviseSecurity
         def ignore_password_expire?
           false
         end
-
-
     end
   end
-
 end

data/lib/devise-security/models/password_archivable.rb

@@ -11,20 +11,20 @@ module Devise
       end
 
       def validate_password_archive
-        errors.add(:password, :taken_in_past) if encrypted_password_changed? and password_archive_included?
+        errors.add(:password, :taken_in_past) if encrypted_password_changed? && password_archive_included?
       end
 
       # validate is the password used in the past
       def password_archive_included?
         unless deny_old_passwords.is_a? 1.class
-          if deny_old_passwords.is_a? TrueClass and archive_count > 0
+          if deny_old_passwords.is_a?(TrueClass) && archive_count > 0
             self.deny_old_passwords = archive_count
           else
             self.deny_old_passwords = 0
           end
         end
 
-        if self.class.deny_old_passwords > 0 and not self.password.nil?
+        if self.class.deny_old_passwords > 0 && !self.password.nil?
           old_passwords_including_cur_change = self.old_passwords.order(:id).reverse_order.limit(self.class.deny_old_passwords).to_a
           old_passwords_including_cur_change << OldPassword.new(old_password_params)  # include most recent change in list, but don't save it yet!
           old_passwords_including_cur_change.each do |old_password|

data/lib/devise-security/models/password_expirable.rb

@@ -14,7 +14,7 @@ module Devise
       # is an password change required?
       def need_change_password?
         if expired_password_after_numeric?
-          self.password_changed_at.nil? or self.password_changed_at < self.expire_password_after.seconds.ago
+          self.password_changed_at.nil? || self.password_changed_at < self.expire_password_after.seconds.ago
         else
           false
         end
@@ -48,7 +48,7 @@ module Devise
 
         # is password changed then update password_cahanged_at
         def update_password_changed
-          self.password_changed_at = Time.now if (self.new_record? or self.encrypted_password_changed?) and not self.password_changed_at_changed?
+          self.password_changed_at = Time.now if (self.new_record? || self.encrypted_password_changed?) && !self.password_changed_at_changed?
         end
 
         def expired_password_after_numeric?

data/lib/devise-security/models/secure_validatable.rb

@@ -55,10 +55,10 @@ module Devise
       end
 
       def current_equal_password_validation
-        if not self.new_record? and not self.encrypted_password_change.nil?
+        if !self.new_record? && !self.encrypted_password_change.nil?
           dummy = self.class.new
           dummy.encrypted_password = self.encrypted_password_change.first
-          dummy.password_salt = self.password_salt_change.first if self.respond_to? :password_salt_change and not self.password_salt_change.nil?
+          dummy.password_salt = self.password_salt_change.first if self.respond_to?(:password_salt_change) && !self.password_salt_change.nil?
           self.errors.add(:password, :equal_to_current_password) if dummy.valid_password?(self.password)
         end
       end

data/lib/devise-security/patches/confirmations_controller_captcha.rb

@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
     extend ActiveSupport::Concern
     included do
       define_method :create do
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
+        if valid_captcha_if_defined?(params[:captcha])
           self.resource = resource_class.send_confirmation_instructions(params[resource_name])
 
           if successfully_sent?(resource)

data/lib/devise-security/patches/confirmations_controller_security_question.rb

@@ -6,8 +6,7 @@ module DeviseSecurity::Patches
         # only find via email, not login
         resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
 
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha])) or
-           (resource.security_question_answer.present? and resource.security_question_answer == params[:security_question_answer])
+        if valid_captcha_or_security_question?(resource, params)
           self.resource = resource_class.send_confirmation_instructions(params[resource_name])
 
           if successfully_sent?(resource)

data/lib/devise-security/patches/controller_captcha.rb

@@ -7,8 +7,9 @@ module DeviseSecurity::Patches
     end
 
     private
+
     def check_captcha
-      return if ((defined? verify_recaptcha) && (verify_recaptcha)) || ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
+      return if valid_captcha_if_defined?(params[:captcha])
 
       flash[:alert] = t('devise.invalid_captcha') if is_navigational_format?
       respond_with({}, location: url_for(action: :new))

data/lib/devise-security/patches/controller_security_question.rb

@@ -10,7 +10,7 @@ module DeviseSecurity::Patches
     def check_security_question
       # only find via email, not login
       resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
-      return if (resource.security_question_answer.present? && resource.security_question_answer == params[:security_question_answer])
+      return if valid_security_question_answer?(resource, params[:security_question_answer])
 
       flash[:alert] = t('devise.invalid_security_question') if is_navigational_format?
       respond_with({}, location: url_for(action: :new))

data/lib/devise-security/patches/passwords_controller_captcha.rb

@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
     extend ActiveSupport::Concern
     included do
       define_method :create do
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
+        if valid_captcha_if_defined?(params[:captcha])
           self.resource = resource_class.send_reset_password_instructions(params[resource_name])
           if successfully_sent?(resource)
             respond_with({}, :location => new_session_path(resource_name))

data/lib/devise-security/patches/passwords_controller_security_question.rb

@@ -6,8 +6,7 @@ module DeviseSecurity::Patches
         # only find via email, not login
         resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
 
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
-           (resource.security_question_answer.present? and resource.security_question_answer == params[:security_question_answer])
+        if valid_captcha_or_security_question?(resource, params)
           self.resource = resource_class.send_reset_password_instructions(params[resource_name])
           if successfully_sent?(resource)
             respond_with({}, :location => new_session_path(resource_name))

data/lib/devise-security/patches/registrations_controller_captcha.rb

@@ -5,7 +5,7 @@ module DeviseSecurity::Patches
       define_method :create do |&block|
         build_resource(sign_up_params)
 
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
+        if valid_captcha_if_defined?(params[:captcha])
           if resource.save
             block.call(resource) if block
             if resource.active_for_authentication?
@@ -21,7 +21,7 @@ module DeviseSecurity::Patches
             clean_up_passwords resource
             respond_with resource
           end
-          
+
         else
           resource.errors.add :base, t('devise.invalid_captcha')
           clean_up_passwords resource

data/lib/devise-security/patches/sessions_controller_captcha.rb

@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
     extend ActiveSupport::Concern
     included do
       define_method :create do |&block|
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
+        if valid_captcha_if_defined?(params[:captcha])
           self.resource = warden.authenticate!(auth_options)
           set_flash_message(:notice, :signed_in) if is_flashing_format?
           sign_in(resource_name, resource)
@@ -14,7 +14,7 @@ module DeviseSecurity::Patches
           respond_with({}, :location => new_session_path(resource_name))
         end
       end
-    
+
       # for bad protected use in controller
       define_method :auth_options do
         { :scope => resource_name, :recall => "#{controller_path}#new" }

data/lib/devise-security/patches/unlocks_controller_captcha.rb

@@ -3,7 +3,7 @@ module DeviseSecurity::Patches
     extend ActiveSupport::Concern
     included do
       define_method :create do
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
+        if valid_captcha_if_defined?(params[:captcha])
           self.resource = resource_class.send_unlock_instructions(params[resource_name])
           if successfully_sent?(resource)
             respond_with({}, :location => new_session_path(resource_name))

data/lib/devise-security/patches/unlocks_controller_security_question.rb

@@ -6,8 +6,7 @@ module DeviseSecurity::Patches
         # only find via email, not login
         resource = resource_class.find_or_initialize_with_error_by(:email, params[resource_name][:email], :not_found)
 
-        if ((defined? verify_recaptcha) && (verify_recaptcha)) or ((defined? valid_captcha?) && (valid_captcha? params[:captcha]))
-           (resource.security_question_answer.present? and resource.security_question_answer == params[:security_question_answer])
+        if valid_captcha_or_security_question?(resource, params)
           self.resource = resource_class.send_unlock_instructions(params[resource_name])
           if successfully_sent?(resource)
             respond_with({}, :location => new_session_path(resource_name))

data/lib/devise-security/version.rb

@@ -1,3 +1,3 @@
 module DeviseSecurity
-  VERSION = "0.11.0".freeze
+  VERSION = "0.11.1".freeze
 end

data/test/test_install_generator.rb

@@ -1,6 +1,6 @@
 require 'test_helper'
 require 'rails/generators/test_case'
-require 'generators/devise-security/install_generator'
+require 'generators/devise_security/install_generator'
 
 class TestInstallGenerator < Rails::Generators::TestCase
   tests DeviseSecurity::Generators::InstallGenerator

data/test/test_password_expired_controller.rb

@@ -6,7 +6,7 @@ class Devise::PasswordExpiredControllerTest < ActionController::TestCase
   setup do
     @request.env["devise.mapping"] = Devise.mappings[:user]
     @user = User.create(username: 'hello', email: 'hello@path.travel',
-                        password: '1234', password_changed_at: 3.months.ago)
+                        password: '1234', password_changed_at: 4.months.ago)
 
     sign_in(@user)
   end

metadata

@@ -1,16 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: devise-security
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.11.1
 platform: ruby
 authors:
 - Marco Scholl
 - Alexander Dreher
 - Nate Bird
+- Dillon Welch
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-10-13 00:00:00.000000000 Z
+date: 2018-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -38,7 +39,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 4.2.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '5.0'
@@ -48,7 +49,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.0.0
+        version: 4.2.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '5.0'
@@ -73,27 +74,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: sqlite3
+  name: coveralls
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.3.10
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.3.10
+        version: '0.8'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: easy_captcha
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -106,6 +101,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: m
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -121,7 +130,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '5.0'
 - !ruby/object:Gem::Dependency
-  name: easy_captcha
+  name: rails_email_validator
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -135,7 +144,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rails_email_validator
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -149,19 +158,25 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: coveralls
+  name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '1.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.10
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '1.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.3.10
 description: An enterprise security extension for devise, trying to meet industrial
   standard security demands for web applications.
 email: natebird@gmail.com
@@ -172,9 +187,9 @@ files:
 - ".document"
 - ".gitignore"
 - ".rubocop.yml"
+- ".ruby-version"
 - ".travis.yml"
 - Gemfile
-- Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -218,7 +233,7 @@ files:
 - lib/devise-security/routes.rb
 - lib/devise-security/schema.rb
 - lib/devise-security/version.rb
-- lib/generators/devise-security/install_generator.rb
+- lib/generators/devise_security/install_generator.rb
 - lib/generators/templates/devise-security.rb
 - test/dummy/Rakefile
 - test/dummy/app/controllers/application_controller.rb
@@ -266,7 +281,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.1.0
+      version: 2.2.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/Gemfile.lock

@@ -1,199 +0,0 @@
-PATH
-  remote: .
-  specs:
-    devise-security (0.11.0)
-      devise (>= 3.0.0, < 5.0)
-      railties (>= 3.2.6, < 6.0)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    actioncable (5.1.3)
-      actionpack (= 5.1.3)
-      nio4r (~> 2.0)
-      websocket-driver (~> 0.6.1)
-    actionmailer (5.1.3)
-      actionpack (= 5.1.3)
-      actionview (= 5.1.3)
-      activejob (= 5.1.3)
-      mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 2.0)
-    actionpack (5.1.3)
-      actionview (= 5.1.3)
-      activesupport (= 5.1.3)
-      rack (~> 2.0)
-      rack-test (~> 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.1.3)
-      activesupport (= 5.1.3)
-      builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.1.3)
-      activesupport (= 5.1.3)
-      globalid (>= 0.3.6)
-    activemodel (5.1.3)
-      activesupport (= 5.1.3)
-    activerecord (5.1.3)
-      activemodel (= 5.1.3)
-      activesupport (= 5.1.3)
-      arel (~> 8.0)
-    activesupport (5.1.3)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    arel (8.0.0)
-    ast (2.3.0)
-    bcrypt (3.1.11)
-    builder (3.2.3)
-    concurrent-ruby (1.0.5)
-    coveralls (0.8.21)
-      json (>= 1.8, < 3)
-      simplecov (~> 0.14.1)
-      term-ansicolor (~> 1.3)
-      thor (~> 0.19.4)
-      tins (~> 1.6)
-    devise (4.3.0)
-      bcrypt (~> 3.0)
-      orm_adapter (~> 0.1)
-      railties (>= 4.1.0, < 5.2)
-      responders
-      warden (~> 1.2.3)
-    diff-lcs (1.3)
-    docile (1.1.5)
-    easy_captcha (0.6.5)
-      bundler (>= 1.1.0)
-      rails (>= 3.0.0)
-      rmagick (>= 2.13.1)
-      rspec-rails (>= 2.8.1)
-      simplecov (>= 0.3.8)
-      yard (>= 0.7.0)
-    erubi (1.6.1)
-    globalid (0.4.0)
-      activesupport (>= 4.2.0)
-    i18n (0.8.6)
-    json (2.1.0)
-    loofah (2.0.3)
-      nokogiri (>= 1.5.9)
-    mail (2.6.6)
-      mime-types (>= 1.16, < 4)
-    method_source (0.8.2)
-    mime-types (3.1)
-      mime-types-data (~> 3.2015)
-    mime-types-data (3.2016.0521)
-    mini_portile2 (2.2.0)
-    minitest (5.10.3)
-    nio4r (2.1.0)
-    nokogiri (1.8.0)
-      mini_portile2 (~> 2.2.0)
-    orm_adapter (0.5.0)
-    parallel (1.12.0)
-    parser (2.4.0.0)
-      ast (~> 2.2)
-    powerpack (0.1.1)
-    rack (2.0.3)
-    rack-test (0.6.3)
-      rack (>= 1.0)
-    rails (5.1.3)
-      actioncable (= 5.1.3)
-      actionmailer (= 5.1.3)
-      actionpack (= 5.1.3)
-      actionview (= 5.1.3)
-      activejob (= 5.1.3)
-      activemodel (= 5.1.3)
-      activerecord (= 5.1.3)
-      activesupport (= 5.1.3)
-      bundler (>= 1.3.0)
-      railties (= 5.1.3)
-      sprockets-rails (>= 2.0.0)
-    rails-dom-testing (2.0.3)
-      activesupport (>= 4.2.0)
-      nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
-    rails_email_validator (0.1.4)
-      activemodel (>= 3.0.0)
-    railties (5.1.3)
-      actionpack (= 5.1.3)
-      activesupport (= 5.1.3)
-      method_source
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    rainbow (2.2.2)
-      rake
-    rake (12.0.0)
-    responders (2.4.0)
-      actionpack (>= 4.2.0, < 5.3)
-      railties (>= 4.2.0, < 5.3)
-    rmagick (2.16.0)
-    rspec-core (3.6.0)
-      rspec-support (~> 3.6.0)
-    rspec-expectations (3.6.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-mocks (3.6.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.6.0)
-    rspec-rails (3.6.1)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec-core (~> 3.6.0)
-      rspec-expectations (~> 3.6.0)
-      rspec-mocks (~> 3.6.0)
-      rspec-support (~> 3.6.0)
-    rspec-support (3.6.0)
-    rubocop (0.49.1)
-      parallel (~> 1.10)
-      parser (>= 2.3.3.1, < 3.0)
-      powerpack (~> 0.1)
-      rainbow (>= 1.99.1, < 3.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (~> 1.0, >= 1.0.1)
-    ruby-progressbar (1.8.1)
-    simplecov (0.14.1)
-      docile (~> 1.1.0)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
-    sprockets (3.7.1)
-      concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
-    sprockets-rails (3.2.0)
-      actionpack (>= 4.0)
-      activesupport (>= 4.0)
-      sprockets (>= 3.0.0)
-    sqlite3 (1.3.13)
-    term-ansicolor (1.6.0)
-      tins (~> 1.0)
-    thor (0.19.4)
-    thread_safe (0.3.6)
-    tins (1.15.0)
-    tzinfo (1.2.3)
-      thread_safe (~> 0.1)
-    unicode-display_width (1.3.0)
-    warden (1.2.7)
-      rack (>= 1.0)
-    websocket-driver (0.6.5)
-      websocket-extensions (>= 0.1.0)
-    websocket-extensions (0.1.2)
-    yard (0.9.9)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler (>= 1.3.0, < 2.0)
-  coveralls (~> 0.8)
-  devise-security!
-  easy_captcha (~> 0)
-  minitest (~> 5.0)
-  rails_email_validator (~> 0)
-  rubocop (~> 0)
-  sqlite3 (~> 1.3, >= 1.3.10)
-
-BUNDLED WITH
-   1.15.3