devise-security 0.17.0 → 0.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE.txt +3 -1
- data/README.md +14 -5
- data/app/controllers/devise/paranoid_verification_code_controller.rb +14 -12
- data/app/controllers/devise/password_expired_controller.rb +8 -4
- data/config/locales/bg.yml +1 -0
- data/config/locales/by.yml +1 -0
- data/config/locales/cs.yml +5 -0
- data/config/locales/de.yml +1 -0
- data/config/locales/es.yml +12 -0
- data/config/locales/fa.yml +1 -0
- data/config/locales/fr.yml +14 -2
- data/config/locales/hi.yml +1 -0
- data/config/locales/it.yml +1 -0
- data/config/locales/ja.yml +12 -0
- data/config/locales/nl.yml +1 -0
- data/config/locales/pt.yml +1 -0
- data/config/locales/ru.yml +1 -0
- data/config/locales/tr.yml +25 -1
- data/config/locales/uk.yml +1 -0
- data/config/locales/zh_CN.yml +1 -0
- data/config/locales/zh_TW.yml +1 -0
- data/lib/devise-security/controllers/helpers.rb +23 -11
- data/lib/devise-security/hooks/expirable.rb +3 -3
- data/lib/devise-security/hooks/paranoid_verification.rb +1 -3
- data/lib/devise-security/hooks/password_expirable.rb +1 -3
- data/lib/devise-security/hooks/session_limitable.rb +4 -4
- data/lib/devise-security/models/compatibility/active_record_patch.rb +4 -3
- data/lib/devise-security/models/compatibility/mongoid_patch.rb +3 -2
- data/lib/devise-security/models/database_authenticatable_patch.rb +12 -14
- data/lib/devise-security/models/expirable.rb +6 -5
- data/lib/devise-security/models/paranoid_verification.rb +2 -2
- data/lib/devise-security/models/password_archivable.rb +1 -1
- data/lib/devise-security/models/secure_validatable.rb +6 -5
- data/lib/devise-security/orm/mongoid.rb +1 -1
- data/lib/devise-security/patches.rb +14 -8
- data/lib/devise-security/routes.rb +2 -3
- data/lib/devise-security/version.rb +1 -1
- data/lib/devise-security.rb +2 -1
- data/lib/generators/devise_security/install_generator.rb +3 -5
- data/lib/generators/templates/devise_security.rb +3 -0
- data/test/controllers/test_paranoid_verification_code_controller.rb +70 -5
- data/test/controllers/test_password_expired_controller.rb +57 -41
- data/test/controllers/test_security_question_controller.rb +25 -19
- data/test/dummy/app/controllers/overrides/password_expired_controller.rb +10 -0
- data/test/dummy/app/models/user.rb +4 -3
- data/test/dummy/app/mongoid/user_without_email.rb +4 -1
- data/test/dummy/config/application.rb +0 -4
- data/test/dummy/config/environments/test.rb +1 -0
- data/test/dummy/config/initializers/devise.rb +1 -5
- data/test/dummy/config/routes.rb +1 -1
- data/test/dummy/config.ru +1 -1
- data/test/dummy/db/migrate/20120508165529_create_tables.rb +2 -2
- data/test/dummy/log/test.log +34100 -90393
- data/test/i18n_test.rb +22 -0
- data/test/integration/test_paranoid_verification_code_workflow.rb +53 -0
- data/test/integration/test_password_expirable_workflow.rb +2 -2
- data/test/integration/test_session_limitable_workflow.rb +3 -3
- data/test/support/integration_helpers.rb +18 -12
- data/test/test_complexity_validator.rb +42 -41
- data/test/test_database_authenticatable_patch.rb +3 -3
- data/test/test_paranoid_verification.rb +8 -8
- data/test/test_password_expirable.rb +1 -1
- data/test/test_secure_validatable.rb +5 -13
- data/test/test_session_limitable.rb +7 -7
- data/test/tmp/config/initializers/devise_security.rb +3 -0
- data/test/tmp/config/locales/devise.security_extension.by.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.cs.yml +5 -0
- data/test/tmp/config/locales/devise.security_extension.de.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.es.yml +12 -0
- data/test/tmp/config/locales/devise.security_extension.fa.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.fr.yml +14 -2
- data/test/tmp/config/locales/devise.security_extension.hi.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.it.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.ja.yml +12 -0
- data/test/tmp/config/locales/devise.security_extension.nl.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.pt.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.ru.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.tr.yml +25 -1
- data/test/tmp/config/locales/devise.security_extension.uk.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.zh_CN.yml +1 -0
- data/test/tmp/config/locales/devise.security_extension.zh_TW.yml +1 -0
- metadata +45 -27
- data/lib/devise-security/patches/confirmations_controller_captcha.rb +0 -23
- data/lib/devise-security/patches/confirmations_controller_security_question.rb +0 -26
- data/lib/devise-security/patches/passwords_controller_captcha.rb +0 -22
- data/lib/devise-security/patches/passwords_controller_security_question.rb +0 -25
- data/lib/devise-security/patches/registrations_controller_captcha.rb +0 -35
- data/lib/devise-security/patches/sessions_controller_captcha.rb +0 -26
- data/lib/devise-security/patches/unlocks_controller_captcha.rb +0 -22
- data/lib/devise-security/patches/unlocks_controller_security_question.rb +0 -25
- data/test/dummy/app/controllers/foos_controller.rb +0 -0
- data/test/dummy/lib/shared_user_without_email.rb +0 -29
- data/test/dummy/log/development.log +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 30c17693a3331769b786cf6925dcce0b62087a894960309ad316189613b62291
|
4
|
+
data.tar.gz: defa2b29a2d67e7615062ab6bea7518b37b6f24ed4735016a4fca4ef860ffbd0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 54fa56d5e200c73e329d1f07eb1845ce2be695ffb4afa20f475d624fb6615f1583a161c8eec8fa5f84643b957a0d9e4d4d653d5f5071f7b73784bf843a520a70
|
7
|
+
data.tar.gz: 891fcf2b29571ee6fca9d667ddbc211cf27a5ba64e6048b33d3f63a6f395e02ef88d51a6c35da3bfe761b42c04bf1a57e118ae9bb46ebb22212eb85f9a0b3179
|
data/LICENSE.txt
CHANGED
@@ -1,4 +1,6 @@
|
|
1
|
-
Copyright (c)
|
1
|
+
Copyright (c) 2017-2022 Dillon Welch & Kevin Olbrich.
|
2
|
+
|
3
|
+
Copyright (c) 2011-2017 Marco Scholl
|
2
4
|
|
3
5
|
Permission is hereby granted, free of charge, to any person obtaining
|
4
6
|
a copy of this software and associated documentation files (the
|
data/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# Devise Security
|
2
2
|
|
3
|
-
[![Build Status](https://
|
3
|
+
[![Build Status](https://github.com/devise-security/devise-security/actions/workflows/test_suite.yml/badge.svg?branch=master)](https://github.com/devise-security/devise-security/actions/workflows/test_suite.yml)
|
4
4
|
[![Coverage Status](https://coveralls.io/repos/github/devise-security/devise-security/badge.svg?branch=master)](https://coveralls.io/github/devise-security/devise-security?branch=master)
|
5
5
|
[![Maintainability](https://api.codeclimate.com/v1/badges/ace7cd003a0db8bffa5a/maintainability)](https://codeclimate.com/github/devise-security/devise-security/maintainability)
|
6
6
|
|
@@ -129,6 +129,9 @@ Devise.setup do |config|
|
|
129
129
|
|
130
130
|
# Allow passwords to be equal to email (false, true)
|
131
131
|
# config.allow_passwords_equal_to_email = false
|
132
|
+
|
133
|
+
# paranoid_verification will regenerate verification code after failed attempt
|
134
|
+
# config.paranoid_code_regenerate_after_attempt = 10
|
132
135
|
end
|
133
136
|
```
|
134
137
|
|
@@ -377,17 +380,23 @@ Standard tests can be invoked using `rake`. To run the tests against the
|
|
377
380
|
|
378
381
|
## Maintenance Policy
|
379
382
|
|
380
|
-
We are committed to
|
383
|
+
We are committed to maintaining support for `devise-security` for all normal or
|
381
384
|
security maintenance versions of the Ruby language
|
382
385
|
[as listed here](https://www.ruby-lang.org/en/downloads/branches/), and for the
|
383
386
|
Ruby on Rails framework
|
384
387
|
[as per their maintenance policy](https://rubyonrails.org/maintenance/).
|
385
388
|
|
386
|
-
|
389
|
+
To avoid introducing bugs caused by backwardly incompatible Ruby
|
387
390
|
language features, it is highly recommended that all development work be done
|
388
|
-
using the oldest supported
|
391
|
+
using the oldest supported Ruby version. The contents of the `.ruby-version`
|
389
392
|
file should reflect this.
|
390
393
|
|
391
394
|
## Copyright
|
392
395
|
|
393
|
-
Copyright (c)
|
396
|
+
Copyright (c) 2017-2023 Dillon Welch & Kevin Olbrich.
|
397
|
+
|
398
|
+
Copyright (c) 2011-2017 Marco Scholl as the project [`devise_security_extension`](https://github.com/phatworx/devise_security_extension).
|
399
|
+
|
400
|
+
This repo was created as a fork from [b2ee978a](https://github.com/phatworx/devise_security_extension/commit/b2ee978af7d49f0fb0e7271c6ac074dfb4d39353).
|
401
|
+
|
402
|
+
See LICENSE.txt for further details.
|
@@ -1,15 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
class Devise::ParanoidVerificationCodeController < DeviseController
|
4
|
+
before_action :verify_requested_format!
|
4
5
|
skip_before_action :handle_paranoid_verification
|
5
|
-
|
6
|
+
before_action :skip_paranoid_verification, only: %i[show update]
|
7
|
+
prepend_before_action :authenticate_scope!, only: %i[show update]
|
6
8
|
|
7
9
|
def show
|
8
|
-
|
9
|
-
respond_with(resource)
|
10
|
-
else
|
11
|
-
redirect_to :root
|
12
|
-
end
|
10
|
+
respond_with(resource)
|
13
11
|
end
|
14
12
|
|
15
13
|
def update
|
@@ -17,7 +15,7 @@ class Devise::ParanoidVerificationCodeController < DeviseController
|
|
17
15
|
warden.session(scope)['paranoid_verify'] = false
|
18
16
|
set_flash_message :notice, :updated
|
19
17
|
bypass_sign_in resource, scope: scope
|
20
|
-
|
18
|
+
respond_with({}, location: after_paranoid_verification_code_update_path_for(resource))
|
21
19
|
else
|
22
20
|
respond_with(resource, action: :show)
|
23
21
|
end
|
@@ -37,12 +35,16 @@ class Devise::ParanoidVerificationCodeController < DeviseController
|
|
37
35
|
|
38
36
|
private
|
39
37
|
|
38
|
+
def skip_paranoid_verification
|
39
|
+
return if !resource.nil? && resource.need_paranoid_verification?
|
40
|
+
|
41
|
+
redirect_to :root
|
42
|
+
end
|
43
|
+
|
40
44
|
def resource_params
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
params[scope].slice(:paranoid_verification_code)
|
45
|
-
end
|
45
|
+
permitted_params = %i[paranoid_verification_code]
|
46
|
+
|
47
|
+
params.require(resource_name).permit(*permitted_params)
|
46
48
|
end
|
47
49
|
|
48
50
|
def scope
|
@@ -3,8 +3,8 @@
|
|
3
3
|
class Devise::PasswordExpiredController < DeviseController
|
4
4
|
before_action :verify_requested_format!
|
5
5
|
skip_before_action :handle_password_change
|
6
|
-
before_action :skip_password_change, only: [
|
7
|
-
prepend_before_action :authenticate_scope!, only: [
|
6
|
+
before_action :skip_password_change, only: %i[show update]
|
7
|
+
prepend_before_action :authenticate_scope!, only: %i[show update]
|
8
8
|
|
9
9
|
def show
|
10
10
|
respond_with(resource)
|
@@ -20,7 +20,11 @@ class Devise::PasswordExpiredController < DeviseController
|
|
20
20
|
# @see https://github.com/devise-security/devise-security/pull/111
|
21
21
|
def update
|
22
22
|
resource.extend(Devise::Models::DatabaseAuthenticatablePatch)
|
23
|
-
|
23
|
+
resource.update_with_password(resource_params)
|
24
|
+
|
25
|
+
yield resource if block_given?
|
26
|
+
|
27
|
+
if resource.errors.empty?
|
24
28
|
warden.session(scope)['password_expired'] = false
|
25
29
|
set_flash_message :notice, :updated
|
26
30
|
bypass_sign_in resource, scope: scope
|
@@ -52,7 +56,7 @@ class Devise::PasswordExpiredController < DeviseController
|
|
52
56
|
end
|
53
57
|
|
54
58
|
def resource_params
|
55
|
-
permitted_params = [
|
59
|
+
permitted_params = %i[current_password password password_confirmation]
|
56
60
|
|
57
61
|
params.require(resource_name).permit(*permitted_params)
|
58
62
|
end
|
data/config/locales/bg.yml
CHANGED
@@ -23,6 +23,7 @@ bg:
|
|
23
23
|
paranoid_verify:
|
24
24
|
code_required: 'Моля въведете кода, който нашия екип по поддръжката Ви е предоставил'
|
25
25
|
paranoid_verification_code:
|
26
|
+
updated: Кодът за потвърждение е приет
|
26
27
|
show:
|
27
28
|
submit_verification_code: Изпрати код за потвърждение
|
28
29
|
verification_code: Код за потвърждение
|
data/config/locales/by.yml
CHANGED
@@ -31,6 +31,7 @@ by:
|
|
31
31
|
paranoid_verify:
|
32
32
|
code_required: 'Калі ласка, увядзіце код, атрыманы ад нашай каманды падтрымкі'
|
33
33
|
paranoid_verification_code:
|
34
|
+
updated: Код спраўджання прыняты
|
34
35
|
show:
|
35
36
|
submit_verification_code: 'Увод кода пацверджання'
|
36
37
|
verification_code: 'Код пацверджання'
|
data/config/locales/cs.yml
CHANGED
@@ -7,15 +7,19 @@ cs:
|
|
7
7
|
password_complexity:
|
8
8
|
digit:
|
9
9
|
one: musí obsahovat alespoň jednu číslici
|
10
|
+
few: musí obsahovat alespoň %{count} číslice
|
10
11
|
other: musí obsahovat alespoň %{count} číslice
|
11
12
|
lower:
|
12
13
|
one: musí obsahovat alespoň jedno malé písmeno
|
14
|
+
few: musí obsahovat alespoň %{count} malé písmena
|
13
15
|
other: musí obsahovat alespoň %{count} malé písmena
|
14
16
|
symbol:
|
15
17
|
one: musí obsahovat alespoň jedno interpunkční znaménko nebo symbol
|
18
|
+
few: musí obsahovat alespoň %{count} interpunkční znaménka nebo symboly
|
16
19
|
other: musí obsahovat alespoň %{count} interpunkční znaménka nebo symboly
|
17
20
|
upper:
|
18
21
|
one: musí obsahovat alespoň jedno velké písmeno
|
22
|
+
few: musí obsahovat alespoň %{count} velké písmena
|
19
23
|
other: musí obsahovat alespoň %{count} velké písmena
|
20
24
|
devise:
|
21
25
|
invalid_captcha: Chybná captcha.
|
@@ -23,6 +27,7 @@ cs:
|
|
23
27
|
paranoid_verify:
|
24
28
|
code_required: Zadejte kód, který poskytla naše podpora
|
25
29
|
paranoid_verification_code:
|
30
|
+
updated: Ověřovací kód přijat
|
26
31
|
show:
|
27
32
|
submit_verification_code: Odeslat ověřovací kód
|
28
33
|
verification_code: Ověřovací kód
|
data/config/locales/de.yml
CHANGED
@@ -23,6 +23,7 @@ de:
|
|
23
23
|
paranoid_verify:
|
24
24
|
code_required: 'Bitte geben Sie den Code ein, den unser Support-Team zur Verfügung gestellt hat.'
|
25
25
|
paranoid_verification_code:
|
26
|
+
updated: Bestätigungscode akzeptiert
|
26
27
|
show:
|
27
28
|
submit_verification_code: Bestätigungscode eingeben
|
28
29
|
verification_code: Bestätigungscode
|
data/config/locales/es.yml
CHANGED
@@ -22,9 +22,21 @@ es:
|
|
22
22
|
invalid_security_question: 'La respuesta a la pregunta de seguridad fue incorrecta.'
|
23
23
|
paranoid_verify:
|
24
24
|
code_required: 'Por favor ingrese el código provisto por nuestro equipo de soporte'
|
25
|
+
paranoid_verification_code:
|
26
|
+
updated: Se acepta el código de verificación
|
27
|
+
show:
|
28
|
+
submit_verification_code: Envíe el código de verificación
|
29
|
+
verification_code: Código de verificación
|
30
|
+
submit: Entregar
|
25
31
|
password_expired:
|
26
32
|
updated: 'Su nueva contraseña ha sido guardada.'
|
27
33
|
change_required: 'Su contraseña ha expirado. Por favor renueve su contraseña.'
|
34
|
+
show:
|
35
|
+
renew_your_password: Renueve su contraseña
|
36
|
+
current_password: Actual contraseña
|
37
|
+
new_password: Nueva contraseña
|
38
|
+
new_password_confirmation: Confirmar nueva contraseña
|
39
|
+
change_my_password: Cambiar mi contraseña
|
28
40
|
failure:
|
29
41
|
session_limited: 'Sus credenciales de inicio de sesión fueron usadas en otro navegador. Por favor inicie sesión nuevamente para continuar en este navegador.'
|
30
42
|
expired: 'Su cuenta ha expirado debido a inactividad. Por favor contacte al administrador de la aplicación.'
|
data/config/locales/fa.yml
CHANGED
data/config/locales/fr.yml
CHANGED
@@ -9,8 +9,8 @@ fr:
|
|
9
9
|
one: doit contenir au moins un chiffre
|
10
10
|
other: doit contenir au moins %{count} chiffres
|
11
11
|
lower:
|
12
|
-
one: doit contenir au moins une lettre
|
13
|
-
other: doit contenir au moins %{count} lettres
|
12
|
+
one: doit contenir au moins une lettre minuscule
|
13
|
+
other: doit contenir au moins %{count} lettres minuscules
|
14
14
|
symbol:
|
15
15
|
one: doit contenir au moins un signe de ponctuation
|
16
16
|
other: doit contenir au moins %{count} signes de ponctuation
|
@@ -22,9 +22,21 @@ fr:
|
|
22
22
|
invalid_security_question: La réponse à la question de sécurité est invalide
|
23
23
|
paranoid_verify:
|
24
24
|
code_required: Veuillez entrer le code fourni par notre équipe de support
|
25
|
+
paranoid_verification_code:
|
26
|
+
updated: Code de vérification accepté
|
27
|
+
show:
|
28
|
+
submit_verification_code: Soumettre le code de vérification
|
29
|
+
verification_code: Code de vérification
|
30
|
+
submit: Soumettre
|
25
31
|
password_expired:
|
26
32
|
updated: Votre nouveau mot de passe est enregistré
|
27
33
|
change_required: Votre mot de passe a expiré. Veuillez en choisir un autre
|
34
|
+
show:
|
35
|
+
renew_your_password: Renouveler votre mot de passe
|
36
|
+
current_password: Mot de passe actuel
|
37
|
+
new_password: Nouveau mot de passe
|
38
|
+
new_password_confirmation: Confirmer le nouveau mot de passe
|
39
|
+
change_my_password: Changer mon mot de passe
|
28
40
|
failure:
|
29
41
|
session_limited: Vos identifiants de connexion ont été utilisés dans un autre navigateur. Veuillez vous reconnecter pour continuer dans ce navigateur
|
30
42
|
expired: Votre compte a expiré pour cause d'inactivité. Veuillez contacter l'administrateur du site
|
data/config/locales/hi.yml
CHANGED
data/config/locales/it.yml
CHANGED
@@ -23,6 +23,7 @@ it:
|
|
23
23
|
paranoid_verify:
|
24
24
|
code_required: 'Inserisci il codice fornito dal nostro team di supporto'
|
25
25
|
paranoid_verification_code:
|
26
|
+
updated: Codice di verifica accettato
|
26
27
|
show:
|
27
28
|
submit_verification_code: Invia codice di verifica
|
28
29
|
verification_code: Codice di verifica
|
data/config/locales/ja.yml
CHANGED
@@ -22,9 +22,21 @@ ja:
|
|
22
22
|
invalid_security_question: 'セキュリティ質問に対する回答が不正です。'
|
23
23
|
paranoid_verify:
|
24
24
|
code_required: 'サポートチームに提供された認証コードを入力してください。'
|
25
|
+
paranoid_verification_code:
|
26
|
+
updated: 確認コードを受け入れました
|
27
|
+
show:
|
28
|
+
submit_verification_code: 確認コードを送信する
|
29
|
+
verification_code: 検証コード
|
30
|
+
submit: 参加する
|
25
31
|
password_expired:
|
26
32
|
updated: '新しいパスワードが保存されました。'
|
27
33
|
change_required: 'パスワードが期限切れです。パスワードを新しく設定してください。'
|
34
|
+
show:
|
35
|
+
renew_your_password: パスワードを更新する
|
36
|
+
current_password: 現在のパスワード
|
37
|
+
new_password: 新しいパスワード
|
38
|
+
new_password_confirmation: 新しいパスワードを確認
|
39
|
+
change_my_password: パスワードを変更する
|
28
40
|
failure:
|
29
41
|
session_limited: '他のブラウザでログインされました。このブラウザで続ける場合は、もう一度サインインしてください。'
|
30
42
|
expired: '活動がなかったため、あなたのアカウントは期限切れとなりました。サイト管理者に連絡してください。'
|
data/config/locales/nl.yml
CHANGED
data/config/locales/pt.yml
CHANGED
@@ -23,6 +23,7 @@ pt:
|
|
23
23
|
paranoid_verify:
|
24
24
|
code_required: 'Por favor entre o código que a equipe de suporte enviou'
|
25
25
|
paranoid_verification_code:
|
26
|
+
updated: Código de verificação aceito
|
26
27
|
show:
|
27
28
|
submit_verification_code: Enviar código de verificação
|
28
29
|
verification_code: Código de verificação
|
data/config/locales/ru.yml
CHANGED
@@ -31,6 +31,7 @@ ru:
|
|
31
31
|
paranoid_verify:
|
32
32
|
code_required: 'Пожалуйста введите код, полученный от нашей команды поддержки'
|
33
33
|
paranoid_verification_code:
|
34
|
+
updated: Код подтверждения принят
|
34
35
|
show:
|
35
36
|
submit_verification_code: Ввод кода подтверждения
|
36
37
|
verification_code: Код подверждения
|
data/config/locales/tr.yml
CHANGED
@@ -4,15 +4,39 @@ tr:
|
|
4
4
|
taken_in_past: "daha önce kullanıldı."
|
5
5
|
equal_to_current_password: "mevcut paroladan farklı olmalı."
|
6
6
|
equal_to_email: "e-postadan farklı olmalı."
|
7
|
-
|
7
|
+
password_complexity:
|
8
|
+
digit:
|
9
|
+
one: en az bir rakam içermelidir
|
10
|
+
other: en az %{count} basamak içermelidir
|
11
|
+
lower:
|
12
|
+
one: en az bir küçük harf içermelidir
|
13
|
+
other: en az %{count} küçük harf içermelidir
|
14
|
+
symbol:
|
15
|
+
one: en az bir noktalama işareti veya sembolü içermelidir
|
16
|
+
other: en az %{count} noktalama işareti veya sembolü içermelidir
|
17
|
+
upper:
|
18
|
+
one: en az bir büyük harf içermelidir
|
19
|
+
other: en az %{count} büyük harf içermelidir
|
8
20
|
devise:
|
9
21
|
invalid_captcha: "Captcha hatalı."
|
10
22
|
invalid_security_question: "Güvenlik sorusunun cevabı yanlış."
|
11
23
|
paranoid_verify:
|
12
24
|
code_required: "Destek ekibimizden aldığınız kodu girin."
|
25
|
+
paranoid_verification_code:
|
26
|
+
updated: Doğrulama kodu kabul edildi
|
27
|
+
show:
|
28
|
+
submit_verification_code: Doğrulama kodunu gönder
|
29
|
+
verification_code: Doğrulama kodu
|
30
|
+
submit: Gönder
|
13
31
|
password_expired:
|
14
32
|
updated: "Yeni parolanız kaydedildi."
|
15
33
|
change_required: "Parolanızın geçerlilik süresi dolmuş. Lütfen parolanızı yenileyin."
|
34
|
+
show:
|
35
|
+
renew_your_password: Şifrenizi yenileyin
|
36
|
+
current_password: Mevcut Şifre
|
37
|
+
new_password: Yeni Şifre
|
38
|
+
new_password_confirmation: Yeni şifreyi onayla
|
39
|
+
change_my_password: Şifremi Değiştir
|
16
40
|
failure:
|
17
41
|
session_limited: 'Hesabınıza başka bir tarayıcıdan giriş yapılmış. Lütfen devam etmek için yeniden giriş yapın.'
|
18
42
|
expired: 'Hesabınız aktif olarak kullanılmadığı için artık geçerli değil. Lütfen yönetici ile irtibata geçin.'
|
data/config/locales/uk.yml
CHANGED
@@ -31,6 +31,7 @@ uk:
|
|
31
31
|
paranoid_verify:
|
32
32
|
code_required: 'Введіть, будь ласка, код від нашої команди підтримки'
|
33
33
|
paranoid_verification_code:
|
34
|
+
updated: Код підтвердження прийнято
|
34
35
|
show:
|
35
36
|
submit_verification_code: Відправити код підтвердження
|
36
37
|
verification_code: Код підтвердження
|
data/config/locales/zh_CN.yml
CHANGED
data/config/locales/zh_TW.yml
CHANGED
@@ -29,8 +29,8 @@ module DeviseSecurity
|
|
29
29
|
end
|
30
30
|
|
31
31
|
def valid_captcha_if_defined?(captcha)
|
32
|
-
defined?(verify_recaptcha) && verify_recaptcha ||
|
33
|
-
defined?(valid_captcha?) && valid_captcha?(captcha)
|
32
|
+
(defined?(verify_recaptcha) && verify_recaptcha) ||
|
33
|
+
(defined?(valid_captcha?) && valid_captcha?(captcha))
|
34
34
|
end
|
35
35
|
|
36
36
|
def valid_security_question_answer?(resource, answer)
|
@@ -75,12 +75,18 @@ module DeviseSecurity
|
|
75
75
|
def handle_paranoid_verification
|
76
76
|
return if warden.nil?
|
77
77
|
|
78
|
-
if !devise_controller? &&
|
78
|
+
if !devise_controller? &&
|
79
|
+
!ignore_paranoid_verification_code? &&
|
80
|
+
!request.format.nil? &&
|
81
|
+
request.format.html?
|
79
82
|
Devise.mappings.keys.flatten.any? do |scope|
|
80
|
-
if signed_in?(scope) && warden.session(scope)['paranoid_verify']
|
81
|
-
|
82
|
-
|
83
|
-
|
83
|
+
if signed_in?(scope) && warden.session(scope)['paranoid_verify'] == true
|
84
|
+
if send(:"current_#{scope}").try(:need_paranoid_verification?)
|
85
|
+
store_location_for(scope, request.original_fullpath) if request.get?
|
86
|
+
redirect_for_paranoid_verification(scope)
|
87
|
+
else
|
88
|
+
warden.session(scope)['paranoid_verify'] = false
|
89
|
+
end
|
84
90
|
end
|
85
91
|
end
|
86
92
|
end
|
@@ -98,14 +104,16 @@ module DeviseSecurity
|
|
98
104
|
# path for change password
|
99
105
|
def change_password_required_path_for(resource_or_scope = nil)
|
100
106
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
101
|
-
|
102
|
-
send(
|
107
|
+
router_name = Devise.mappings[scope].router_name
|
108
|
+
context = router_name ? send(router_name) : _devise_route_context
|
109
|
+
context.send("#{scope}_password_expired_path")
|
103
110
|
end
|
104
111
|
|
105
112
|
def paranoid_verification_code_path_for(resource_or_scope = nil)
|
106
113
|
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
107
|
-
|
108
|
-
send(
|
114
|
+
router_name = Devise.mappings[scope].router_name
|
115
|
+
context = router_name ? send(router_name) : _devise_route_context
|
116
|
+
context.send("#{scope}_paranoid_verification_code_path")
|
109
117
|
end
|
110
118
|
|
111
119
|
protected
|
@@ -114,6 +122,10 @@ module DeviseSecurity
|
|
114
122
|
def ignore_password_expire?
|
115
123
|
false
|
116
124
|
end
|
125
|
+
|
126
|
+
def ignore_paranoid_verification_code?
|
127
|
+
false
|
128
|
+
end
|
117
129
|
end
|
118
130
|
end
|
119
131
|
end
|
@@ -1,11 +1,11 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
# Updates the last_activity_at fields from the record. Only when the user is active
|
3
|
+
# Updates the last_activity_at fields from the record. Only when the user is active
|
4
4
|
# for authentication and authenticated.
|
5
|
-
# An expiry of the account is only checked on sign in OR on manually setting the
|
5
|
+
# An expiry of the account is only checked on sign in OR on manually setting the
|
6
6
|
# expired_at to the past (see Devise::Models::Expirable for this)
|
7
7
|
Warden::Manager.after_set_user do |record, warden, options|
|
8
|
-
if record && record.respond_to?(:active_for_authentication?) && record.active_for_authentication? &&
|
8
|
+
if record && record.respond_to?(:active_for_authentication?) && record.active_for_authentication? &&
|
9
9
|
warden.authenticated?(options[:scope]) && record.respond_to?(:update_last_activity!)
|
10
10
|
record.update_last_activity!
|
11
11
|
end
|
@@ -1,7 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
Warden::Manager.after_set_user do |record, warden, options|
|
4
|
-
if record.respond_to?(:need_paranoid_verification?)
|
5
|
-
warden.session(options[:scope])['paranoid_verify'] = record.need_paranoid_verification?
|
6
|
-
end
|
4
|
+
warden.session(options[:scope])['paranoid_verify'] = record.need_paranoid_verification? if record.respond_to?(:need_paranoid_verification?)
|
7
5
|
end
|
@@ -3,7 +3,5 @@
|
|
3
3
|
# @note This happens after
|
4
4
|
# {DeviseSecurity::Controller::Helpers#handle_password_change}
|
5
5
|
Warden::Manager.after_authentication do |record, warden, options|
|
6
|
-
if record.respond_to?(:need_change_password?)
|
7
|
-
warden.session(options[:scope])['password_expired'] = record.need_change_password?
|
8
|
-
end
|
6
|
+
warden.session(options[:scope])['password_expired'] = record.need_change_password? if record.respond_to?(:need_change_password?)
|
9
7
|
end
|
@@ -8,13 +8,13 @@ Warden::Manager.after_set_user except: :fetch do |record, warden, options|
|
|
8
8
|
warden.authenticated?(options[:scope]) &&
|
9
9
|
!record.skip_session_limitable?
|
10
10
|
|
11
|
-
|
11
|
+
if !options[:skip_session_limitable]
|
12
12
|
unique_session_id = Devise.friendly_token
|
13
13
|
warden.session(options[:scope])['unique_session_id'] = unique_session_id
|
14
14
|
record.update_unique_session_id!(unique_session_id)
|
15
|
-
|
15
|
+
else
|
16
16
|
warden.session(options[:scope])['devise.skip_session_limitable'] = true
|
17
|
-
|
17
|
+
end
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
@@ -29,7 +29,7 @@ Warden::Manager.after_set_user only: :fetch do |record, warden, options|
|
|
29
29
|
warden.authenticated?(scope) &&
|
30
30
|
options[:store] != false
|
31
31
|
if record.unique_session_id != warden.session(scope)['unique_session_id'] &&
|
32
|
-
!record.skip_session_limitable? &&
|
32
|
+
!record.skip_session_limitable? &&
|
33
33
|
!warden.session(scope)['devise.skip_session_limitable']
|
34
34
|
Rails.logger.warn do
|
35
35
|
'[devise-security][session_limitable] session id mismatch: '\
|
@@ -1,12 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Devise
|
2
4
|
module Models
|
3
5
|
module Compatibility
|
4
|
-
|
5
6
|
class NotPersistedError < ActiveRecord::ActiveRecordError; end
|
6
7
|
|
7
8
|
module ActiveRecordPatch
|
8
9
|
extend ActiveSupport::Concern
|
9
|
-
|
10
|
+
|
11
|
+
unless defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
|
10
12
|
# When the record was saved, was the +encrypted_password+ changed?
|
11
13
|
# @return [Boolean]
|
12
14
|
def saved_change_to_encrypted_password?
|
@@ -33,7 +35,6 @@ module Devise
|
|
33
35
|
def update_attribute_without_validatons_or_callbacks(name, value)
|
34
36
|
update_column(name, value)
|
35
37
|
end
|
36
|
-
|
37
38
|
end
|
38
39
|
end
|
39
40
|
end
|
@@ -1,7 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Devise
|
2
4
|
module Models
|
3
5
|
module Compatibility
|
4
|
-
|
5
6
|
class NotPersistedError < Mongoid::Errors::MongoidError; end
|
6
7
|
|
7
8
|
module MongoidPatch
|
@@ -23,7 +24,7 @@ module Devise
|
|
23
24
|
# @param name [Symbol] attribute to update
|
24
25
|
# @param value [String] value to set
|
25
26
|
def update_attribute_without_validatons_or_callbacks(name, value)
|
26
|
-
set(Hash[
|
27
|
+
set(Hash[name, value])
|
27
28
|
end
|
28
29
|
end
|
29
30
|
end
|
@@ -11,24 +11,22 @@ module Devise
|
|
11
11
|
new_password_confirmation = params[:password_confirmation]
|
12
12
|
|
13
13
|
result = if valid_password && new_password.present? && new_password_confirmation.present?
|
14
|
-
|
15
|
-
|
16
|
-
|
14
|
+
update(params, *options)
|
15
|
+
else
|
16
|
+
assign_attributes(params, *options)
|
17
17
|
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
18
|
+
if current_password.blank?
|
19
|
+
errors.add(:current_password, :blank)
|
20
|
+
elsif !valid_password
|
21
|
+
errors.add(:current_password, :invalid)
|
22
|
+
end
|
23
23
|
|
24
|
-
|
24
|
+
errors.add(:password, :blank) if new_password.blank?
|
25
25
|
|
26
|
-
|
27
|
-
self.errors.add(:password_confirmation, :blank)
|
28
|
-
end
|
26
|
+
errors.add(:password_confirmation, :blank) if new_password_confirmation.blank?
|
29
27
|
|
30
|
-
|
31
|
-
|
28
|
+
false
|
29
|
+
end
|
32
30
|
|
33
31
|
clean_up_passwords
|
34
32
|
result
|