devise-uncommon_password 0.2.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +19 -11
- data/lib/devise/uncommon_password/model.rb +6 -1
- data/lib/devise/uncommon_password/version.rb +1 -1
- data/lib/devise/uncommon_password.rb +2 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3c3f797d9849ec73517edd495907e80fa81897e0
|
4
|
+
data.tar.gz: 66903d74de1376c74e9bc8027140d9f0ecf2acd2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '061827281b8fc9c91b88ab29b1c466057d8f0a387f8f702fb12ff9e86f9e5e77679540f8e11e971691706a9224409634c3a0fab9bafc3e4037203f750e1bc510'
|
7
|
+
data.tar.gz: bda011eebb6c2ae2e5141d09396b07d167a1dc375095a877cbd23c65a3011eb9c4a99e3812fce39bf6206bf49d7148ba8c931d23e7ada3bb225fc55b2597f964
|
data/README.md
CHANGED
@@ -3,7 +3,25 @@
|
|
3
3
|
[](https://travis-ci.org/HCLarsen/devise-uncommon_password)
|
4
4
|
[](https://codeclimate.com/github/HCLarsen/devise-uncommon_password)
|
5
5
|
|
6
|
-
Devise::UncommonPassword is an extension for the devise gem, which prevents users from signing up using one of the 100 most common passwords. The list is derived from the darkweb2017_top10K.txt found at: https://github.com/danielmiessler/SecLists/tree/master/Passwords.
|
6
|
+
Devise::UncommonPassword is an extension for the devise gem, which prevents users from signing up using one of the 100 most common passwords. The list is derived from the darkweb2017_top10K.txt found at: https://github.com/danielmiessler/SecLists/tree/master/Passwords.
|
7
|
+
|
8
|
+
## Usage
|
9
|
+
|
10
|
+
Add the ':uncommon_password' module to your model:
|
11
|
+
|
12
|
+
```ruby
|
13
|
+
class AdminUser < ApplicationRecord
|
14
|
+
devise :database_authenticatable,
|
15
|
+
:recoverable, :rememberable, :trackable, :validatable, :uncommon_password
|
16
|
+
end
|
17
|
+
```
|
18
|
+
|
19
|
+
By default, the password is checked against the 100 most common passwords that fit within the minimum and maximum lengths specified in the /config/initializers/devise.rb file. However, if a developer wants to check against a larger list, they may override this default by adding the following line to that same file:
|
20
|
+
|
21
|
+
```ruby
|
22
|
+
# Number of common passwords to check entered password against.
|
23
|
+
config.password_matches = 1000
|
24
|
+
```
|
7
25
|
|
8
26
|
## Installation
|
9
27
|
Add this line to your application's Gemfile:
|
@@ -17,16 +35,6 @@ And then execute:
|
|
17
35
|
$ bundle install
|
18
36
|
```
|
19
37
|
|
20
|
-
Then add the ':uncommon_password' module to your model:
|
21
|
-
```
|
22
|
-
class User < ActiveRecord::Base
|
23
|
-
devise :database_authenticatable, :registerable,
|
24
|
-
:recoverable, :rememberable, :trackable, :validatable, :uncommon_password
|
25
|
-
end
|
26
|
-
```
|
27
|
-
|
28
|
-
And you're ready to go.
|
29
|
-
|
30
38
|
## Contributing
|
31
39
|
|
32
40
|
You can contribute by doing the following:
|
@@ -16,13 +16,18 @@ module Devise
|
|
16
16
|
file.each { |password| passwords << password.chomp.downcase }
|
17
17
|
end
|
18
18
|
passwords.select! {|password| Devise.password_length.include? password.length }
|
19
|
-
passwords[0..99]
|
19
|
+
#passwords[0..99]
|
20
|
+
passwords[0..Devise.password_matches-1]
|
20
21
|
end
|
21
22
|
|
22
23
|
included do
|
23
24
|
validate :not_common_password, if: :password_required?
|
24
25
|
end
|
25
26
|
|
27
|
+
module ClassMethods
|
28
|
+
Devise::Models.config(self, :password_matches)
|
29
|
+
end
|
30
|
+
|
26
31
|
private
|
27
32
|
|
28
33
|
def not_common_password
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise-uncommon_password
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Larsen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-02-
|
11
|
+
date: 2018-02-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|