devise-uncommon_password 0.2.2 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +19 -11
  3. data/lib/devise/uncommon_password/model.rb +6 -1
  4. data/lib/devise/uncommon_password/version.rb +1 -1
  5. data/lib/devise/uncommon_password.rb +2 -0
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 6f78e8bdf28ec7c16226aa6446549f8d5f21d237
4
- data.tar.gz: d517c4599b99fdcb2a13f5c95fe77359ea76b58e
3
+ metadata.gz: 3c3f797d9849ec73517edd495907e80fa81897e0
4
+ data.tar.gz: 66903d74de1376c74e9bc8027140d9f0ecf2acd2
5
5
  SHA512:
6
- metadata.gz: 898c6720415820b742534e5e740db80871b85364698b0b10d4016fbaef797cdbb585c1f9a98f83a4da0386e5303fff890a1e7c51f05cee478a8869fddb5a1c03
7
- data.tar.gz: 4b2f57ad38c49aab0cc6e117e066104a3ffb5761b685a278588704494b33b3b7a34545b322ec158ad5d4335255de24d64fcef5b0671d94db14edf010ae78d3f8
6
+ metadata.gz: '061827281b8fc9c91b88ab29b1c466057d8f0a387f8f702fb12ff9e86f9e5e77679540f8e11e971691706a9224409634c3a0fab9bafc3e4037203f750e1bc510'
7
+ data.tar.gz: bda011eebb6c2ae2e5141d09396b07d167a1dc375095a877cbd23c65a3011eb9c4a99e3812fce39bf6206bf49d7148ba8c931d23e7ada3bb225fc55b2597f964
data/README.md CHANGED
@@ -3,7 +3,25 @@
3
3
  [![Build Status](https://travis-ci.org/HCLarsen/devise-uncommon_password.svg?branch=master)](https://travis-ci.org/HCLarsen/devise-uncommon_password)
4
4
  [![Code Climate](https://codeclimate.com/github/HCLarsen/devise-uncommon_password.svg)](https://codeclimate.com/github/HCLarsen/devise-uncommon_password)
5
5
 
6
- Devise::UncommonPassword is an extension for the devise gem, which prevents users from signing up using one of the 100 most common passwords. The list is derived from the darkweb2017_top10K.txt found at: https://github.com/danielmiessler/SecLists/tree/master/Passwords. Since the Devise gem allows developers to set the minimum and maximum lengths for passwords, this gem uses that information to provide only the top 100 passwords that fit into that length.
6
+ Devise::UncommonPassword is an extension for the devise gem, which prevents users from signing up using one of the 100 most common passwords. The list is derived from the darkweb2017_top10K.txt found at: https://github.com/danielmiessler/SecLists/tree/master/Passwords.
7
+
8
+ ## Usage
9
+
10
+ Add the ':uncommon_password' module to your model:
11
+
12
+ ```ruby
13
+ class AdminUser < ApplicationRecord
14
+ devise :database_authenticatable,
15
+ :recoverable, :rememberable, :trackable, :validatable, :uncommon_password
16
+ end
17
+ ```
18
+
19
+ By default, the password is checked against the 100 most common passwords that fit within the minimum and maximum lengths specified in the /config/initializers/devise.rb file. However, if a developer wants to check against a larger list, they may override this default by adding the following line to that same file:
20
+
21
+ ```ruby
22
+ # Number of common passwords to check entered password against.
23
+ config.password_matches = 1000
24
+ ```
7
25
 
8
26
  ## Installation
9
27
  Add this line to your application's Gemfile:
@@ -17,16 +35,6 @@ And then execute:
17
35
  $ bundle install
18
36
  ```
19
37
 
20
- Then add the ':uncommon_password' module to your model:
21
- ```
22
- class User < ActiveRecord::Base
23
- devise :database_authenticatable, :registerable,
24
- :recoverable, :rememberable, :trackable, :validatable, :uncommon_password
25
- end
26
- ```
27
-
28
- And you're ready to go.
29
-
30
38
  ## Contributing
31
39
 
32
40
  You can contribute by doing the following:
data/lib/devise/uncommon_password/model.rb CHANGED
@@ -16,13 +16,18 @@ module Devise
16
16
  file.each { |password| passwords << password.chomp.downcase }
17
17
  end
18
18
  passwords.select! {|password| Devise.password_length.include? password.length }
19
- passwords[0..99]
19
+ #passwords[0..99]
20
+ passwords[0..Devise.password_matches-1]
20
21
  end
21
22
 
22
23
  included do
23
24
  validate :not_common_password, if: :password_required?
24
25
  end
25
26
 
27
+ module ClassMethods
28
+ Devise::Models.config(self, :password_matches)
29
+ end
30
+
26
31
  private
27
32
 
28
33
  def not_common_password
data/lib/devise/uncommon_password/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module UncommonPassword
3
- VERSION = '0.2.2'
3
+ VERSION = '0.3.0'
4
4
  end
5
5
  end
data/lib/devise/uncommon_password.rb CHANGED
@@ -2,6 +2,8 @@ require 'devise'
2
2
  require 'devise/uncommon_password/model'
3
3
 
4
4
  module Devise
5
+ mattr_accessor :password_matches
6
+ @@password_matches = 100
5
7
  module UncommonPassword
6
8
  end
7
9
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-uncommon_password
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Larsen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-06 00:00:00.000000000 Z
11
+ date: 2018-02-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails