devise_password_expirable 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+--- 
+SHA1: 
+  data.tar.gz: 580d34c38ff0183b3a09f42988a1c77441df2945
+  metadata.gz: 55c8b247f7f7a72167a97d4d5320bbc86d05271d
+SHA512: 
+  data.tar.gz: 37da798f6da4020241ad192e3d1c0f7bb644dfcc6b63e8167b345c31dccb32627221dadbaf515e0240a6fafa79a7de50a7c4ce93d3462f369838b6ad4c59f0e7
+  metadata.gz: aade38df02cfb36229bb7c4993786e1e6fdfe9cc4b73f88bb517bd103551515e0d222e102003eeb485a0ffff31a412750380f0d7001a93a51bd89b4474c18e24

data/.gitignore

@@ -0,0 +1,20 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+
+# Temporary files of every sort
+.DS_Store
+.idea
+.rvmrc
+.stgit*
+*.swap
+*.swo
+*.swp
+*~
+bin/*
+nbproject
+patches-*
+capybara-*.html
+dump.rdb
+*.ids

data/Gemfile

@@ -0,0 +1,6 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in devise_ip_filter.gemspec
+gemspec
+gem "rails"
+gem "devise"

data/README.md

@@ -0,0 +1,3 @@
+## Expire passwords plugin for Devise
+
+This plugin expires user passwords after a set time period.

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/app/controllers/devise/password_expired_controller.rb

@@ -0,0 +1,38 @@
+class Devise::PasswordExpiredController < DeviseController
+  skip_before_filter :handle_password_change
+  prepend_before_filter :authenticate_scope!, :only => [:show, :update]
+
+  def show
+    if not resource.nil? and resource.need_change_password?
+      respond_with(resource)
+    else
+      redirect_to :root
+    end
+  end
+
+  def update
+    if resource.update_with_password(resource_params)
+      warden.session(scope)[:password_expired] = false
+      set_flash_message :notice, :updated
+      sign_in scope, resource, :bypass => true
+      redirect_to stored_location_for(scope) || :root
+    else
+      clean_up_passwords(resource)
+      respond_with(resource, action: :show)
+    end
+  end
+
+  private
+    def resource_params
+      params.require(resource_name).permit!
+    end
+
+  def scope
+    resource_name.to_sym
+  end
+
+  def authenticate_scope!
+    send(:"authenticate_#{resource_name}!")
+    self.resource = send("current_#{resource_name}")
+  end
+end

data/app/views/devise/password_expired/show.html.erb

@@ -0,0 +1,16 @@
+<h2>Renew your password</h2>
+
+<%= form_for(resource, :as => resource_name, :url => [resource_name, :password_expired], :html => { :method => :put }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <p><%= f.label :current_password, "Current password" %><br />
+  <%= f.password_field :current_password %></p>
+
+  <p><%= f.label :password, "New password" %><br />
+  <%= f.password_field :password %></p>
+
+  <p><%= f.label :password_confirmation, "Confirm new password" %><br />
+  <%= f.password_field :password_confirmation %></p>
+
+  <p><%= f.submit "Change my password" %></p>
+<% end %>

data/config/locales/en.yml

@@ -0,0 +1,9 @@
+en:
+  errors:
+    messages:
+      equal_to_current_password: "must be different to the current password!"
+      password_format: "must contain at least 1 uppercase letter, 1 lowercase letter, and a number."
+  devise:
+    password_expired:
+      updated: "Your new password is saved."
+      change_required: "Your password is expired. Please renew your password!"

data/devise_password_expirable.gemspec

@@ -0,0 +1,26 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "devise_password_expirable/version"
+
+Gem::Specification.new do |s|
+  s.name        = "devise_password_expirable"
+  s.version     = DevisePasswordExpirable::VERSION.dup
+  s.authors     = ["Jenni Kissinger"]
+  s.email       = ["jkissinger@carekinesis.com"]
+  s.homepage    = "https://github.com/jenjaina/devise_password_expirable"
+  s.licenses    = ["MIT"]
+  s.summary     = %q{Expire passwords plugin for devise}
+  s.description = "An extension to devise that will expire user passwords after a set amount of time and prompt them to update their password."
+
+  # s.rubyforge_project = "devise_password_expirable"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_runtime_dependency 'rails', '3.0.20'
+  s.add_runtime_dependency 'devise', '1.1.3'
+
+  s.add_development_dependency 'bundler'
+end

data/lib/devise_password_expirable.rb

@@ -0,0 +1,32 @@
+require 'devise_password_expirable/version'
+require 'active_record'
+require 'active_support/core_ext/integer'
+require 'active_support/ordered_hash'
+require 'active_support/concern'
+require 'devise'
+
+module Devise
+  # Should the password expire (e.g 3.months)
+  mattr_accessor :expire_password_after
+  @@expire_password_after = 3.months
+
+  # Validate password for strongness
+  mattr_accessor :password_regex
+  @@password_regex = /^\w*(?=\w*\d)(?=\w*[a-z])(?=\w*[A-Z])\w*$/
+end
+
+# an security extension for devise
+module DevisePasswordExpirable
+  autoload :Schema, 'devise_password_expirable/schema'
+
+  module Controllers
+    autoload :Helpers, 'devise_password_expirable/controllers/helpers'
+  end
+end
+
+# modules
+Devise.add_module :password_expirable, :controller => :password_expirable, :model => 'devise_password_expirable/models/password_expirable', :route => :password_expired
+
+# requires
+require 'devise_password_expirable/routes'
+require 'devise_password_expirable/rails'

data/lib/devise_password_expirable/controllers/helpers.rb

@@ -0,0 +1,50 @@
+module DevisePasswordExpirable
+  module Controllers
+    module Helpers
+      extend ActiveSupport::Concern
+
+      included do
+        before_filter :handle_password_change
+      end
+
+      # controller instance methods
+
+        private
+
+        # lookup if an password change needed
+        def handle_password_change
+          if not devise_controller? and not ignore_password_expire? and not request.format.nil? and request.format.html?
+            Devise.mappings.keys.flatten.any? do |scope|
+              if signed_in?(scope) and warden.session(scope)['password_expired']
+                session["#{scope}_return_to"] = request.path if request.get?
+                redirect_for_password_change scope
+                return
+              end
+            end
+          end
+        end
+
+        # redirect for password update with alert message
+        def redirect_for_password_change(scope)
+          redirect_to change_password_required_path_for(scope), :alert => I18n.t('change_required', {:scope => 'devise.password_expired'})
+        end
+
+        # path for change password
+        def change_password_required_path_for(resource_or_scope = nil)
+          scope       = Devise::Mapping.find_scope!(resource_or_scope)
+          change_path = "#{scope}_password_expired_path"
+          send(change_path)
+        end
+        
+        protected
+        
+        # allow to overwrite for some special handlings
+        def ignore_password_expire?
+          false
+        end
+
+
+    end
+  end
+
+end

data/lib/devise_password_expirable/hooks/password_expirable.rb

@@ -0,0 +1,5 @@
+Warden::Manager.after_authentication do |record, warden, options|
+  if record.respond_to?(:need_change_password?)
+    warden.session(options[:scope])['password_expired'] = record.need_change_password?
+  end
+end

data/lib/devise_password_expirable/models/password_expirable.rb

@@ -0,0 +1,57 @@
+require 'devise_password_expirable/hooks/password_expirable'
+
+module Devise
+  module Models
+
+    # PasswordExpirable takes care of change password after
+    module PasswordExpirable
+      extend ActiveSupport::Concern
+
+      included do
+        before_save :update_password_changed
+      end
+
+      # is an password change required?
+      def need_change_password?
+        if self.class.expire_password_after.is_a? Fixnum or self.class.expire_password_after.is_a? Float
+          self.last_password_reset.nil? or self.last_password_reset < self.class.expire_password_after.ago
+        else
+          false
+        end
+      end
+
+      # set a fake datetime so a password change is needed and save the record
+      def need_change_password!
+        if self.class.expire_password_after.is_a? Fixnum or self.class.expire_password_after.is_a? Float
+          need_change_password
+          self.save(:validate => false)
+        end
+      end
+
+      # set a fake datetime so a password change is needed
+      def need_change_password
+        if self.class.expire_password_after.is_a? Fixnum or self.class.expire_password_after.is_a? Float
+          self.last_password_reset = self.class.expire_password_after.ago
+        end
+
+        # is date not set it will set default to need set new password next login
+        need_change_password if self.last_password_reset.nil?
+
+        self.last_password_reset
+      end
+
+      private
+
+        # is password changed then update password_cahanged_at
+        def update_password_changed
+          self.last_password_reset = Time.now if (self.new_record? or self.encrypted_password_changed?) and not self.last_password_reset_changed?
+        end
+
+      module ClassMethods
+        ::Devise::Models.config(self, :expire_password_after)
+      end
+    end
+
+  end
+
+end

data/lib/devise_password_expirable/rails.rb

@@ -0,0 +1,7 @@
+module DevisePasswordExpirable
+  class Engine < ::Rails::Engine
+    ActiveSupport.on_load(:action_controller) do
+      include DevisePasswordExpirable::Controllers::Helpers
+    end
+  end
+end

data/lib/devise_password_expirable/routes.rb

@@ -0,0 +1,13 @@
+module ActionDispatch::Routing
+  class Mapper
+
+    protected
+
+    # route for handle expired passwords
+    def devise_password_expired(mapping, controllers)
+      resource :password_expired, :only => [:show, :update], :path => mapping.path_names[:password_expired], :controller => controllers[:password_expired]
+    end
+
+  end
+end
+

data/lib/devise_password_expirable/schema.rb

@@ -0,0 +1,24 @@
+module DevisePasswordExpirable
+  # add schema helper for migrations
+  module Schema
+    # Add last_password_reset columns in the resource's database table.
+    #
+    # Examples
+    #
+    # # For a new resource migration:
+    # create_table :the_resources do |t|
+    #   t.password_expirable
+    # ...
+    # end
+    #
+    # # or if the resource's table already exists, define a migration and put this in:
+    # change_table :the_resources do |t|
+    #   t.datetime :last_password_reset
+    # end
+    #
+    def password_expirable
+      apply_devise_schema :last_password_reset, DateTime
+    end
+
+  end
+end

data/lib/devise_password_expirable/version.rb

@@ -0,0 +1,3 @@
+module DevisePasswordExpirable
+  VERSION = "0.0.1"
+end

data/lib/generators/devise_expire_passwords/install_generator.rb

@@ -0,0 +1,23 @@
+module DevisePasswordExpirable
+  module Generators
+    # Install Generator
+    class InstallGenerator < Rails::Generators::Base
+      source_root File.expand_path("../../templates", __FILE__)
+
+      desc "Install the devise password expirable extension"
+
+      def add_configs
+        inject_into_file "config/initializers/devise.rb", "\n  # ==> Password Expirable Extension\n  # Configure expire passwords extension for devise\n\n" +
+        "  # Should the password expire (e.g 3.months)\n" +
+        "  # config.expire_password_after = false\n\n" +
+        "  # Need 1 char of A-Z, a-z and 0-9\n" +
+        "  # config.password_regex = /(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])/\n\n" +
+        "", :before => /end[ |\n|]+\Z/
+      end
+
+      def copy_locale
+        copy_file "../../../config/locales/en.yml", "config/locales/devise.password_expirable.en.yml"
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,96 @@
+--- !ruby/object:Gem::Specification 
+name: devise_password_expirable
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Jenni Kissinger
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2014-10-21 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rails
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 3.0.20
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: devise
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 1.1.3
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    requirements: 
+    - &id004 
+      - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+  type: :development
+  version_requirements: *id003
+description: An extension to devise that will expire user passwords after a set amount of time and prompt them to update their password.
+email: 
+- jkissinger@carekinesis.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- Gemfile
+- README.md
+- Rakefile
+- app/controllers/devise/password_expired_controller.rb
+- app/views/devise/password_expired/show.html.erb
+- config/locales/en.yml
+- devise_password_expirable.gemspec
+- lib/devise_password_expirable.rb
+- lib/devise_password_expirable/controllers/helpers.rb
+- lib/devise_password_expirable/hooks/password_expirable.rb
+- lib/devise_password_expirable/models/password_expirable.rb
+- lib/devise_password_expirable/rails.rb
+- lib/devise_password_expirable/routes.rb
+- lib/devise_password_expirable/schema.rb
+- lib/devise_password_expirable/version.rb
+- lib/generators/devise_expire_passwords/install_generator.rb
+homepage: https://github.com/jenjaina/devise_password_expirable
+licenses: 
+- MIT
+metadata: {}
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - *id004
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - *id004
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 2.4.1
+signing_key: 
+specification_version: 4
+summary: Expire passwords plugin for devise
+test_files: []
+