devise-uncommon_password 0.2.2 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +19 -11
- data/lib/devise/uncommon_password/model.rb +6 -1
- data/lib/devise/uncommon_password/version.rb +1 -1
- data/lib/devise/uncommon_password.rb +2 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3c3f797d9849ec73517edd495907e80fa81897e0
|
4
|
+
data.tar.gz: 66903d74de1376c74e9bc8027140d9f0ecf2acd2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: '061827281b8fc9c91b88ab29b1c466057d8f0a387f8f702fb12ff9e86f9e5e77679540f8e11e971691706a9224409634c3a0fab9bafc3e4037203f750e1bc510'
|
7
|
+
data.tar.gz: bda011eebb6c2ae2e5141d09396b07d167a1dc375095a877cbd23c65a3011eb9c4a99e3812fce39bf6206bf49d7148ba8c931d23e7ada3bb225fc55b2597f964
|
data/README.md
CHANGED
@@ -3,7 +3,25 @@
|
|
3
3
|
[![Build Status](https://travis-ci.org/HCLarsen/devise-uncommon_password.svg?branch=master)](https://travis-ci.org/HCLarsen/devise-uncommon_password)
|
4
4
|
[![Code Climate](https://codeclimate.com/github/HCLarsen/devise-uncommon_password.svg)](https://codeclimate.com/github/HCLarsen/devise-uncommon_password)
|
5
5
|
|
6
|
-
Devise::UncommonPassword is an extension for the devise gem, which prevents users from signing up using one of the 100 most common passwords. The list is derived from the darkweb2017_top10K.txt found at: https://github.com/danielmiessler/SecLists/tree/master/Passwords.
|
6
|
+
Devise::UncommonPassword is an extension for the devise gem, which prevents users from signing up using one of the 100 most common passwords. The list is derived from the darkweb2017_top10K.txt found at: https://github.com/danielmiessler/SecLists/tree/master/Passwords.
|
7
|
+
|
8
|
+
## Usage
|
9
|
+
|
10
|
+
Add the ':uncommon_password' module to your model:
|
11
|
+
|
12
|
+
```ruby
|
13
|
+
class AdminUser < ApplicationRecord
|
14
|
+
devise :database_authenticatable,
|
15
|
+
:recoverable, :rememberable, :trackable, :validatable, :uncommon_password
|
16
|
+
end
|
17
|
+
```
|
18
|
+
|
19
|
+
By default, the password is checked against the 100 most common passwords that fit within the minimum and maximum lengths specified in the /config/initializers/devise.rb file. However, if a developer wants to check against a larger list, they may override this default by adding the following line to that same file:
|
20
|
+
|
21
|
+
```ruby
|
22
|
+
# Number of common passwords to check entered password against.
|
23
|
+
config.password_matches = 1000
|
24
|
+
```
|
7
25
|
|
8
26
|
## Installation
|
9
27
|
Add this line to your application's Gemfile:
|
@@ -17,16 +35,6 @@ And then execute:
|
|
17
35
|
$ bundle install
|
18
36
|
```
|
19
37
|
|
20
|
-
Then add the ':uncommon_password' module to your model:
|
21
|
-
```
|
22
|
-
class User < ActiveRecord::Base
|
23
|
-
devise :database_authenticatable, :registerable,
|
24
|
-
:recoverable, :rememberable, :trackable, :validatable, :uncommon_password
|
25
|
-
end
|
26
|
-
```
|
27
|
-
|
28
|
-
And you're ready to go.
|
29
|
-
|
30
38
|
## Contributing
|
31
39
|
|
32
40
|
You can contribute by doing the following:
|
@@ -16,13 +16,18 @@ module Devise
|
|
16
16
|
file.each { |password| passwords << password.chomp.downcase }
|
17
17
|
end
|
18
18
|
passwords.select! {|password| Devise.password_length.include? password.length }
|
19
|
-
passwords[0..99]
|
19
|
+
#passwords[0..99]
|
20
|
+
passwords[0..Devise.password_matches-1]
|
20
21
|
end
|
21
22
|
|
22
23
|
included do
|
23
24
|
validate :not_common_password, if: :password_required?
|
24
25
|
end
|
25
26
|
|
27
|
+
module ClassMethods
|
28
|
+
Devise::Models.config(self, :password_matches)
|
29
|
+
end
|
30
|
+
|
26
31
|
private
|
27
32
|
|
28
33
|
def not_common_password
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise-uncommon_password
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Larsen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-02-
|
11
|
+
date: 2018-02-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|