devise_security_extension 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +19 -13
- data/Rakefile +3 -3
- data/VERSION +1 -1
- data/devise_security_extension.gemspec +4 -4
- metadata +18 -16
data/README.rdoc
CHANGED
|
@@ -4,16 +4,20 @@ An enterprise security extension for devise, trying to meet industrial standard
|
|
|
4
4
|
|
|
5
5
|
== Features
|
|
6
6
|
|
|
7
|
-
* expire passwords (update password with current password)
|
|
8
|
-
* strong password validation
|
|
9
|
-
* save old passwords to protect users from assigning old/expired passwords again
|
|
10
7
|
* captcha support for sign_up, sign_in, recover and unlock (to make automated mass creation and brute forcing of accounts harder)
|
|
11
8
|
|
|
9
|
+
=== Model modules
|
|
10
|
+
|
|
11
|
+
* :password_expirable - passwords will expire after a configured time (and will need an update)
|
|
12
|
+
* :secure_validatable - better way to validate model (email, stronger password validation). don't use with :validatable!
|
|
13
|
+
* :password_archivable - save used password in an old_passwords table for history checks (don't be able to use a formerly used password)
|
|
14
|
+
* :session_limitable - ensures, that there is only one session usable per account at once.
|
|
15
|
+
|
|
12
16
|
== Installation
|
|
13
17
|
add to Gemfile
|
|
14
18
|
gem 'devise_security_extension'
|
|
15
19
|
|
|
16
|
-
after bundle
|
|
20
|
+
after bundle install
|
|
17
21
|
rails g devise_security_extension:install
|
|
18
22
|
|
|
19
23
|
for :secure_validatable you need to add
|
|
@@ -59,13 +63,8 @@ for :secure_validatable you need to add
|
|
|
59
63
|
<p><%= captcha_tag %></p>
|
|
60
64
|
<p><%= text_field_tag :captcha %></p>
|
|
61
65
|
|
|
62
|
-
That's
|
|
66
|
+
That's it!
|
|
63
67
|
|
|
64
|
-
== Model modules
|
|
65
|
-
|
|
66
|
-
* :password_expirable - activate that passwords will expire
|
|
67
|
-
* :secure_validatable - better way to validate model. don't use with :validatable!!!
|
|
68
|
-
* :password_archivable - save password in old_passwords for history checks
|
|
69
68
|
|
|
70
69
|
== Schema
|
|
71
70
|
|
|
@@ -75,13 +74,19 @@ That's all!
|
|
|
75
74
|
t.password_expirable
|
|
76
75
|
end
|
|
77
76
|
|
|
78
|
-
=== Password
|
|
77
|
+
=== Password archivable
|
|
79
78
|
|
|
80
79
|
create_table :old_passwords do |t|
|
|
81
80
|
t.password_archivable
|
|
82
81
|
end
|
|
83
82
|
add_index :old_passwords, [:password_archivable_type, :password_archivable_id], :name => :index_password_archivable
|
|
84
83
|
|
|
84
|
+
=== Session limitable
|
|
85
|
+
|
|
86
|
+
create_table :the_resources do |t|
|
|
87
|
+
t.session_limitable
|
|
88
|
+
end
|
|
89
|
+
|
|
85
90
|
== Requirements
|
|
86
91
|
|
|
87
92
|
* devise (https://github.com/plataformatec/devise)
|
|
@@ -97,11 +102,13 @@ That's all!
|
|
|
97
102
|
* 0.2 strong password validation
|
|
98
103
|
* 0.3 password archivable with validation
|
|
99
104
|
* 0.4 captcha support for sign_up, sign_in, recover and unlock
|
|
105
|
+
* 0.5 session_limitable module
|
|
100
106
|
|
|
101
107
|
== Maintainers
|
|
102
108
|
|
|
103
109
|
* Team Phatworx (http://github.com/phatworx)
|
|
104
110
|
* Marco Scholl (http://github.com/traxanos)
|
|
111
|
+
* Alexander Dreher (http://github.com/alexdreher)
|
|
105
112
|
|
|
106
113
|
== Contributing to devise_security_extension
|
|
107
114
|
|
|
@@ -115,5 +122,4 @@ That's all!
|
|
|
115
122
|
|
|
116
123
|
== Copyright
|
|
117
124
|
|
|
118
|
-
Copyright (c) 2011 Marco Scholl. See LICENSE.txt for
|
|
119
|
-
further details.
|
|
125
|
+
Copyright (c) 2011 Marco Scholl. See LICENSE.txt for further details.
|
data/Rakefile
CHANGED
|
@@ -15,10 +15,10 @@ Jeweler::Tasks.new do |gem|
|
|
|
15
15
|
gem.name = "devise_security_extension"
|
|
16
16
|
gem.homepage = "http://github.com/phatworx/devise_security_extension"
|
|
17
17
|
gem.license = "MIT"
|
|
18
|
-
gem.summary = %Q{
|
|
19
|
-
gem.description = %Q{
|
|
18
|
+
gem.summary = %Q{Security extension for devise}
|
|
19
|
+
gem.description = %Q{An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.}
|
|
20
20
|
gem.email = "team@phatworx.de"
|
|
21
|
-
gem.authors = ["Marco Scholl"]
|
|
21
|
+
gem.authors = ["Marco Scholl", "Alexander Dreher"]
|
|
22
22
|
end
|
|
23
23
|
Jeweler::RubygemsDotOrgTasks.new
|
|
24
24
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.5.
|
|
1
|
+
0.5.1
|
|
@@ -5,12 +5,12 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = "devise_security_extension"
|
|
8
|
-
s.version = "0.5.
|
|
8
|
+
s.version = "0.5.1"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
|
-
s.authors = ["Marco Scholl"]
|
|
11
|
+
s.authors = ["Marco Scholl", "Alexander Dreher"]
|
|
12
12
|
s.date = "2011-12-27"
|
|
13
|
-
s.description = "
|
|
13
|
+
s.description = "An enterprise security extension for devise, trying to meet industrial standard security demands for web applications."
|
|
14
14
|
s.email = "team@phatworx.de"
|
|
15
15
|
s.extra_rdoc_files = [
|
|
16
16
|
"LICENSE.txt",
|
|
@@ -52,7 +52,7 @@ Gem::Specification.new do |s|
|
|
|
52
52
|
s.licenses = ["MIT"]
|
|
53
53
|
s.require_paths = ["lib"]
|
|
54
54
|
s.rubygems_version = "1.8.10"
|
|
55
|
-
s.summary = "
|
|
55
|
+
s.summary = "Security extension for devise"
|
|
56
56
|
s.test_files = [
|
|
57
57
|
"test/helper.rb",
|
|
58
58
|
"test/test_devise_security_extension.rb"
|
metadata
CHANGED
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_security_extension
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.1
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
8
8
|
- Marco Scholl
|
|
9
|
+
- Alexander Dreher
|
|
9
10
|
autorequire:
|
|
10
11
|
bindir: bin
|
|
11
12
|
cert_chain: []
|
|
@@ -13,7 +14,7 @@ date: 2011-12-27 00:00:00.000000000 Z
|
|
|
13
14
|
dependencies:
|
|
14
15
|
- !ruby/object:Gem::Dependency
|
|
15
16
|
name: rails
|
|
16
|
-
requirement: &
|
|
17
|
+
requirement: &16685220 !ruby/object:Gem::Requirement
|
|
17
18
|
none: false
|
|
18
19
|
requirements:
|
|
19
20
|
- - ! '>='
|
|
@@ -21,10 +22,10 @@ dependencies:
|
|
|
21
22
|
version: 3.1.1
|
|
22
23
|
type: :runtime
|
|
23
24
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
25
|
+
version_requirements: *16685220
|
|
25
26
|
- !ruby/object:Gem::Dependency
|
|
26
27
|
name: devise
|
|
27
|
-
requirement: &
|
|
28
|
+
requirement: &16683580 !ruby/object:Gem::Requirement
|
|
28
29
|
none: false
|
|
29
30
|
requirements:
|
|
30
31
|
- - ! '>='
|
|
@@ -32,10 +33,10 @@ dependencies:
|
|
|
32
33
|
version: '0'
|
|
33
34
|
type: :runtime
|
|
34
35
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
36
|
+
version_requirements: *16683580
|
|
36
37
|
- !ruby/object:Gem::Dependency
|
|
37
38
|
name: rails_email_validator
|
|
38
|
-
requirement: &
|
|
39
|
+
requirement: &16682360 !ruby/object:Gem::Requirement
|
|
39
40
|
none: false
|
|
40
41
|
requirements:
|
|
41
42
|
- - ! '>='
|
|
@@ -43,10 +44,10 @@ dependencies:
|
|
|
43
44
|
version: '0'
|
|
44
45
|
type: :development
|
|
45
46
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
47
|
+
version_requirements: *16682360
|
|
47
48
|
- !ruby/object:Gem::Dependency
|
|
48
49
|
name: easy_captcha
|
|
49
|
-
requirement: &
|
|
50
|
+
requirement: &16681140 !ruby/object:Gem::Requirement
|
|
50
51
|
none: false
|
|
51
52
|
requirements:
|
|
52
53
|
- - ! '>='
|
|
@@ -54,10 +55,10 @@ dependencies:
|
|
|
54
55
|
version: '0'
|
|
55
56
|
type: :development
|
|
56
57
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
58
|
+
version_requirements: *16681140
|
|
58
59
|
- !ruby/object:Gem::Dependency
|
|
59
60
|
name: bundler
|
|
60
|
-
requirement: &
|
|
61
|
+
requirement: &16696860 !ruby/object:Gem::Requirement
|
|
61
62
|
none: false
|
|
62
63
|
requirements:
|
|
63
64
|
- - ~>
|
|
@@ -65,10 +66,10 @@ dependencies:
|
|
|
65
66
|
version: 1.0.0
|
|
66
67
|
type: :development
|
|
67
68
|
prerelease: false
|
|
68
|
-
version_requirements: *
|
|
69
|
+
version_requirements: *16696860
|
|
69
70
|
- !ruby/object:Gem::Dependency
|
|
70
71
|
name: jeweler
|
|
71
|
-
requirement: &
|
|
72
|
+
requirement: &16692820 !ruby/object:Gem::Requirement
|
|
72
73
|
none: false
|
|
73
74
|
requirements:
|
|
74
75
|
- - ~>
|
|
@@ -76,8 +77,9 @@ dependencies:
|
|
|
76
77
|
version: 1.5.2
|
|
77
78
|
type: :development
|
|
78
79
|
prerelease: false
|
|
79
|
-
version_requirements: *
|
|
80
|
-
description:
|
|
80
|
+
version_requirements: *16692820
|
|
81
|
+
description: An enterprise security extension for devise, trying to meet industrial
|
|
82
|
+
standard security demands for web applications.
|
|
81
83
|
email: team@phatworx.de
|
|
82
84
|
executables: []
|
|
83
85
|
extensions: []
|
|
@@ -130,7 +132,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
130
132
|
version: '0'
|
|
131
133
|
segments:
|
|
132
134
|
- 0
|
|
133
|
-
hash:
|
|
135
|
+
hash: 2266778624520241726
|
|
134
136
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
135
137
|
none: false
|
|
136
138
|
requirements:
|
|
@@ -142,7 +144,7 @@ rubyforge_project:
|
|
|
142
144
|
rubygems_version: 1.8.10
|
|
143
145
|
signing_key:
|
|
144
146
|
specification_version: 3
|
|
145
|
-
summary:
|
|
147
|
+
summary: Security extension for devise
|
|
146
148
|
test_files:
|
|
147
149
|
- test/helper.rb
|
|
148
150
|
- test/test_devise_security_extension.rb
|