devise_security_extension 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +5 -0
- data/Gemfile +13 -0
- data/Gemfile.lock +87 -0
- data/LICENSE.txt +20 -0
- data/README.rdoc +57 -0
- data/Rakefile +53 -0
- data/VERSION +1 -0
- data/app/controllers/devise/password_expired_controller.rb +35 -0
- data/app/views/devise/password_expired/show.html.erb +16 -0
- data/config/locales/de.yml +5 -0
- data/config/locales/en.yml +5 -0
- data/devise_security_extension.gemspec +78 -0
- data/lib/devise_security_extension.rb +22 -0
- data/lib/devise_security_extension/controllers/helpers.rb +44 -0
- data/lib/devise_security_extension/hooks/password_expirable.rb +3 -0
- data/lib/devise_security_extension/models/password_expirable.rb +63 -0
- data/lib/devise_security_extension/rails.rb +7 -0
- data/lib/devise_security_extension/routes.rb +13 -0
- data/lib/devise_security_extension/schema.rb +23 -0
- data/lib/generators/devise_security_extension/install_generator.rb +19 -0
- data/test/helper.rb +17 -0
- data/test/test_devise_security_extension.rb +7 -0
- metadata +156 -0
data/.document
ADDED
data/Gemfile
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
source "http://rubygems.org"
|
2
|
+
# Add dependencies required to use your gem here.
|
3
|
+
# Example:
|
4
|
+
gem "rails"
|
5
|
+
gem "devise"
|
6
|
+
|
7
|
+
# Add dependencies to develop your gem here.
|
8
|
+
# Include everything needed to run rake, tests, features, etc.
|
9
|
+
group :development do
|
10
|
+
gem "bundler", "~> 1.0.0"
|
11
|
+
gem "jeweler", "~> 1.5.2"
|
12
|
+
gem "rcov", ">= 0"
|
13
|
+
end
|
data/Gemfile.lock
ADDED
@@ -0,0 +1,87 @@
|
|
1
|
+
GEM
|
2
|
+
remote: http://rubygems.org/
|
3
|
+
specs:
|
4
|
+
abstract (1.0.0)
|
5
|
+
actionmailer (3.0.3)
|
6
|
+
actionpack (= 3.0.3)
|
7
|
+
mail (~> 2.2.9)
|
8
|
+
actionpack (3.0.3)
|
9
|
+
activemodel (= 3.0.3)
|
10
|
+
activesupport (= 3.0.3)
|
11
|
+
builder (~> 2.1.2)
|
12
|
+
erubis (~> 2.6.6)
|
13
|
+
i18n (~> 0.4)
|
14
|
+
rack (~> 1.2.1)
|
15
|
+
rack-mount (~> 0.6.13)
|
16
|
+
rack-test (~> 0.5.6)
|
17
|
+
tzinfo (~> 0.3.23)
|
18
|
+
activemodel (3.0.3)
|
19
|
+
activesupport (= 3.0.3)
|
20
|
+
builder (~> 2.1.2)
|
21
|
+
i18n (~> 0.4)
|
22
|
+
activerecord (3.0.3)
|
23
|
+
activemodel (= 3.0.3)
|
24
|
+
activesupport (= 3.0.3)
|
25
|
+
arel (~> 2.0.2)
|
26
|
+
tzinfo (~> 0.3.23)
|
27
|
+
activeresource (3.0.3)
|
28
|
+
activemodel (= 3.0.3)
|
29
|
+
activesupport (= 3.0.3)
|
30
|
+
activesupport (3.0.3)
|
31
|
+
arel (2.0.7)
|
32
|
+
bcrypt-ruby (2.1.4)
|
33
|
+
builder (2.1.2)
|
34
|
+
devise (1.1.5)
|
35
|
+
bcrypt-ruby (~> 2.1.2)
|
36
|
+
warden (~> 1.0.2)
|
37
|
+
erubis (2.6.6)
|
38
|
+
abstract (>= 1.0.0)
|
39
|
+
git (1.2.5)
|
40
|
+
i18n (0.5.0)
|
41
|
+
jeweler (1.5.2)
|
42
|
+
bundler (~> 1.0.0)
|
43
|
+
git (>= 1.2.5)
|
44
|
+
rake
|
45
|
+
mail (2.2.15)
|
46
|
+
activesupport (>= 2.3.6)
|
47
|
+
i18n (>= 0.4.0)
|
48
|
+
mime-types (~> 1.16)
|
49
|
+
treetop (~> 1.4.8)
|
50
|
+
mime-types (1.16)
|
51
|
+
polyglot (0.3.1)
|
52
|
+
rack (1.2.1)
|
53
|
+
rack-mount (0.6.13)
|
54
|
+
rack (>= 1.0.0)
|
55
|
+
rack-test (0.5.7)
|
56
|
+
rack (>= 1.0)
|
57
|
+
rails (3.0.3)
|
58
|
+
actionmailer (= 3.0.3)
|
59
|
+
actionpack (= 3.0.3)
|
60
|
+
activerecord (= 3.0.3)
|
61
|
+
activeresource (= 3.0.3)
|
62
|
+
activesupport (= 3.0.3)
|
63
|
+
bundler (~> 1.0)
|
64
|
+
railties (= 3.0.3)
|
65
|
+
railties (3.0.3)
|
66
|
+
actionpack (= 3.0.3)
|
67
|
+
activesupport (= 3.0.3)
|
68
|
+
rake (>= 0.8.7)
|
69
|
+
thor (~> 0.14.4)
|
70
|
+
rake (0.8.7)
|
71
|
+
rcov (0.9.9)
|
72
|
+
thor (0.14.6)
|
73
|
+
treetop (1.4.9)
|
74
|
+
polyglot (>= 0.3.1)
|
75
|
+
tzinfo (0.3.24)
|
76
|
+
warden (1.0.3)
|
77
|
+
rack (>= 1.0.0)
|
78
|
+
|
79
|
+
PLATFORMS
|
80
|
+
ruby
|
81
|
+
|
82
|
+
DEPENDENCIES
|
83
|
+
bundler (~> 1.0.0)
|
84
|
+
devise
|
85
|
+
jeweler (~> 1.5.2)
|
86
|
+
rails
|
87
|
+
rcov
|
data/LICENSE.txt
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2011 Marco Scholl
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.rdoc
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
= devise_security_extension
|
2
|
+
|
3
|
+
an security extension for devise
|
4
|
+
|
5
|
+
== Installation
|
6
|
+
add to Gemfile
|
7
|
+
gem 'devise_security_extension'
|
8
|
+
|
9
|
+
after bundle execute
|
10
|
+
rails g devise_security_extension:install
|
11
|
+
|
12
|
+
== Configuration
|
13
|
+
|
14
|
+
Devise.setup do |config|
|
15
|
+
# Should the password expire (e.g 3.months)
|
16
|
+
# config.expire_password_after = false
|
17
|
+
end
|
18
|
+
|
19
|
+
== Requirements
|
20
|
+
|
21
|
+
* devise (https://github.com/plataformatec/devise)
|
22
|
+
* Rails 3 (http://github.com/rails/rails)
|
23
|
+
|
24
|
+
== Features
|
25
|
+
|
26
|
+
* expire passwords (update password with current password)
|
27
|
+
|
28
|
+
== Todo
|
29
|
+
|
30
|
+
* password rules
|
31
|
+
* easy_captcha for registration
|
32
|
+
* easy_captcha for password forgotten
|
33
|
+
* easy_captcha for unlock instructions
|
34
|
+
* disable inactive users after time
|
35
|
+
|
36
|
+
== History
|
37
|
+
* 0.1 expire passwords
|
38
|
+
|
39
|
+
== Maintainers
|
40
|
+
|
41
|
+
* Marco Scholl (http://github.com/traxanos)
|
42
|
+
|
43
|
+
== Contributing to devise_security_extension
|
44
|
+
|
45
|
+
* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
|
46
|
+
* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
|
47
|
+
* Fork the project
|
48
|
+
* Start a feature/bugfix branch
|
49
|
+
* Commit and push until you are happy with your contribution
|
50
|
+
* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
|
51
|
+
* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
|
52
|
+
|
53
|
+
== Copyright
|
54
|
+
|
55
|
+
Copyright (c) 2011 Marco Scholl. See LICENSE.txt for
|
56
|
+
further details.
|
57
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'bundler'
|
3
|
+
begin
|
4
|
+
Bundler.setup(:default, :development)
|
5
|
+
rescue Bundler::BundlerError => e
|
6
|
+
$stderr.puts e.message
|
7
|
+
$stderr.puts "Run `bundle install` to install missing gems"
|
8
|
+
exit e.status_code
|
9
|
+
end
|
10
|
+
require 'rake'
|
11
|
+
|
12
|
+
require 'jeweler'
|
13
|
+
Jeweler::Tasks.new do |gem|
|
14
|
+
# gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
|
15
|
+
gem.name = "devise_security_extension"
|
16
|
+
gem.homepage = "http://github.com/traxanos/devise_security_extension"
|
17
|
+
gem.license = "MIT"
|
18
|
+
gem.summary = %Q{an security extension for devise}
|
19
|
+
gem.description = %Q{a gem for extend devise for more password security}
|
20
|
+
gem.email = "develop@marco-scholl.de"
|
21
|
+
gem.authors = ["Marco Scholl"]
|
22
|
+
# Include your dependencies below. Runtime dependencies are required when using your gem,
|
23
|
+
# and development dependencies are only needed for development (ie running rake tasks, tests, etc)
|
24
|
+
# gem.add_runtime_dependency 'jabber4r', '> 0.1'
|
25
|
+
# gem.add_development_dependency 'rspec', '> 1.2.3'
|
26
|
+
end
|
27
|
+
Jeweler::RubygemsDotOrgTasks.new
|
28
|
+
|
29
|
+
require 'rake/testtask'
|
30
|
+
Rake::TestTask.new(:test) do |test|
|
31
|
+
test.libs << 'lib' << 'test'
|
32
|
+
test.pattern = 'test/**/test_*.rb'
|
33
|
+
test.verbose = true
|
34
|
+
end
|
35
|
+
|
36
|
+
require 'rcov/rcovtask'
|
37
|
+
Rcov::RcovTask.new do |test|
|
38
|
+
test.libs << 'test'
|
39
|
+
test.pattern = 'test/**/test_*.rb'
|
40
|
+
test.verbose = true
|
41
|
+
end
|
42
|
+
|
43
|
+
task :default => :test
|
44
|
+
|
45
|
+
require 'rake/rdoctask'
|
46
|
+
Rake::RDocTask.new do |rdoc|
|
47
|
+
version = File.exist?('VERSION') ? File.read('VERSION') : ""
|
48
|
+
|
49
|
+
rdoc.rdoc_dir = 'rdoc'
|
50
|
+
rdoc.title = "devise_security_extension #{version}"
|
51
|
+
rdoc.rdoc_files.include('README*')
|
52
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
53
|
+
end
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
0.1.0
|
@@ -0,0 +1,35 @@
|
|
1
|
+
class Devise::PasswordExpiredController < ApplicationController
|
2
|
+
skip_before_filter :handle_password_change
|
3
|
+
prepend_before_filter :authenticate_scope!, :only => [:show, :update]
|
4
|
+
include Devise::Controllers::InternalHelpers
|
5
|
+
|
6
|
+
def show
|
7
|
+
if resource.need_change_password?
|
8
|
+
render_with_scope :show
|
9
|
+
else
|
10
|
+
redirect_to :root
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
def update
|
15
|
+
if resource.update_with_password(params[resource_name])
|
16
|
+
warden.session(scope)[:password_expired] = false
|
17
|
+
set_flash_message :notice, :updated
|
18
|
+
redirect_to stored_location_for(scope) || :root
|
19
|
+
else
|
20
|
+
clean_up_passwords(resource)
|
21
|
+
render_with_scope :show
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
private
|
26
|
+
|
27
|
+
def scope
|
28
|
+
resource_name.to_sym
|
29
|
+
end
|
30
|
+
|
31
|
+
def authenticate_scope!
|
32
|
+
send(:"authenticate_#{resource_name}!")
|
33
|
+
self.resource = send("current_#{resource_name}")
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
<h2>Renew your password</h2>
|
2
|
+
|
3
|
+
<%= form_for(resource, :as => resource_name, :url => [resource_name, :password_expired], :html => { :method => :put }) do |f| %>
|
4
|
+
<%= devise_error_messages! %>
|
5
|
+
|
6
|
+
<p><%= f.label :current_password, "Current password" %><br />
|
7
|
+
<%= f.password_field :current_password %></p>
|
8
|
+
|
9
|
+
<p><%= f.label :password, "New password" %><br />
|
10
|
+
<%= f.password_field :password %></p>
|
11
|
+
|
12
|
+
<p><%= f.label :password_confirmation, "Confirm new password" %><br />
|
13
|
+
<%= f.password_field :password_confirmation %></p>
|
14
|
+
|
15
|
+
<p><%= f.submit "Change my password" %></p>
|
16
|
+
<% end %>
|
@@ -0,0 +1,78 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
|
+
# -*- encoding: utf-8 -*-
|
5
|
+
|
6
|
+
Gem::Specification.new do |s|
|
7
|
+
s.name = %q{devise_security_extension}
|
8
|
+
s.version = "0.1.0"
|
9
|
+
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
+
s.authors = ["Marco Scholl"]
|
12
|
+
s.date = %q{2011-01-31}
|
13
|
+
s.description = %q{a gem for extend devise for more password security}
|
14
|
+
s.email = %q{develop@marco-scholl.de}
|
15
|
+
s.extra_rdoc_files = [
|
16
|
+
"LICENSE.txt",
|
17
|
+
"README.rdoc"
|
18
|
+
]
|
19
|
+
s.files = [
|
20
|
+
".document",
|
21
|
+
"Gemfile",
|
22
|
+
"Gemfile.lock",
|
23
|
+
"LICENSE.txt",
|
24
|
+
"README.rdoc",
|
25
|
+
"Rakefile",
|
26
|
+
"VERSION",
|
27
|
+
"app/controllers/devise/password_expired_controller.rb",
|
28
|
+
"app/views/devise/password_expired/show.html.erb",
|
29
|
+
"config/locales/de.yml",
|
30
|
+
"config/locales/en.yml",
|
31
|
+
"devise_security_extension.gemspec",
|
32
|
+
"lib/devise_security_extension.rb",
|
33
|
+
"lib/devise_security_extension/controllers/helpers.rb",
|
34
|
+
"lib/devise_security_extension/hooks/password_expirable.rb",
|
35
|
+
"lib/devise_security_extension/models/password_expirable.rb",
|
36
|
+
"lib/devise_security_extension/rails.rb",
|
37
|
+
"lib/devise_security_extension/routes.rb",
|
38
|
+
"lib/devise_security_extension/schema.rb",
|
39
|
+
"lib/generators/devise_security_extension/install_generator.rb",
|
40
|
+
"test/helper.rb",
|
41
|
+
"test/test_devise_security_extension.rb"
|
42
|
+
]
|
43
|
+
s.homepage = %q{http://github.com/traxanos/devise_security_extension}
|
44
|
+
s.licenses = ["MIT"]
|
45
|
+
s.require_paths = ["lib"]
|
46
|
+
s.rubygems_version = %q{1.3.7}
|
47
|
+
s.summary = %q{an security extension for devise}
|
48
|
+
s.test_files = [
|
49
|
+
"test/helper.rb",
|
50
|
+
"test/test_devise_security_extension.rb"
|
51
|
+
]
|
52
|
+
|
53
|
+
if s.respond_to? :specification_version then
|
54
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
55
|
+
s.specification_version = 3
|
56
|
+
|
57
|
+
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
58
|
+
s.add_runtime_dependency(%q<rails>, [">= 0"])
|
59
|
+
s.add_runtime_dependency(%q<devise>, [">= 0"])
|
60
|
+
s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
|
61
|
+
s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
|
62
|
+
s.add_development_dependency(%q<rcov>, [">= 0"])
|
63
|
+
else
|
64
|
+
s.add_dependency(%q<rails>, [">= 0"])
|
65
|
+
s.add_dependency(%q<devise>, [">= 0"])
|
66
|
+
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
67
|
+
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
68
|
+
s.add_dependency(%q<rcov>, [">= 0"])
|
69
|
+
end
|
70
|
+
else
|
71
|
+
s.add_dependency(%q<rails>, [">= 0"])
|
72
|
+
s.add_dependency(%q<devise>, [">= 0"])
|
73
|
+
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
74
|
+
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
75
|
+
s.add_dependency(%q<rcov>, [">= 0"])
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
@@ -0,0 +1,22 @@
|
|
1
|
+
require 'rails/all'
|
2
|
+
require 'active_support/core_ext/integer'
|
3
|
+
require 'devise'
|
4
|
+
require 'devise_security_extension/routes'
|
5
|
+
require 'devise_security_extension/schema'
|
6
|
+
require 'devise_security_extension/controllers/helpers'
|
7
|
+
require 'devise_security_extension/rails'
|
8
|
+
|
9
|
+
module Devise # :nodoc:
|
10
|
+
|
11
|
+
# expire password after e.g 1.year
|
12
|
+
mattr_accessor :expire_password_after
|
13
|
+
@@expire_password_after = false
|
14
|
+
|
15
|
+
end
|
16
|
+
|
17
|
+
# an security extension for devise
|
18
|
+
module DeviseSecurityExtension
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
Devise.add_module :password_expirable, :controller => :password_expirable, :model => 'devise_security_extension/models/password_expirable', :route => :password_expired
|
@@ -0,0 +1,44 @@
|
|
1
|
+
module DeviseSecurityExtension
|
2
|
+
module Controllers # :nodoc:
|
3
|
+
module Helpers # :nodoc:
|
4
|
+
extend ActiveSupport::Concern
|
5
|
+
|
6
|
+
included do
|
7
|
+
before_filter :handle_password_change
|
8
|
+
end
|
9
|
+
|
10
|
+
|
11
|
+
# controller instance methods
|
12
|
+
module InstanceMethods
|
13
|
+
private
|
14
|
+
|
15
|
+
# lookup if an password change needed
|
16
|
+
def handle_password_change
|
17
|
+
Devise.mappings.keys.flatten.any? do |scope|
|
18
|
+
if signed_in? scope
|
19
|
+
if warden.session[:password_expired]
|
20
|
+
session["#{scope}_return_to"] = request.path if request.get?
|
21
|
+
redirect_for_password_change scope
|
22
|
+
break
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
# redirect for password update with alert message
|
29
|
+
def redirect_for_password_change(scope)
|
30
|
+
redirect_to change_password_required_path_for(scope), :alert => I18n.t('change_required', {:scope => 'devise.password_expired'})
|
31
|
+
end
|
32
|
+
|
33
|
+
# path for change password
|
34
|
+
def change_password_required_path_for(resource_or_scope = nil)
|
35
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
36
|
+
change_path = "#{scope}_password_expired_path"
|
37
|
+
send(change_path)
|
38
|
+
end
|
39
|
+
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
require 'devise_security_extension/hooks/password_expirable'
|
2
|
+
|
3
|
+
module Devise # :nodoc:
|
4
|
+
module Models # :nodoc:
|
5
|
+
|
6
|
+
# PasswordExpirable takes care of change password after
|
7
|
+
module PasswordExpirable
|
8
|
+
|
9
|
+
def self.included(base) # :nodoc:
|
10
|
+
base.extend ClassMethods
|
11
|
+
|
12
|
+
base.class_eval do
|
13
|
+
before_save :update_password_changed
|
14
|
+
include InstanceMethods
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
module InstanceMethods # :nodoc:
|
19
|
+
|
20
|
+
# is an password change required?
|
21
|
+
def need_change_password?
|
22
|
+
if self.class.expire_password_after.is_a? Fixnum
|
23
|
+
self.password_changed_at.nil? or self.password_changed_at < self.class.expire_password_after.ago
|
24
|
+
else
|
25
|
+
false
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
# set a fake datetime so a password change is needed and save the record
|
30
|
+
def need_change_password!
|
31
|
+
if self.class.expire_password_after.is_a? Fixnum
|
32
|
+
need_change_password
|
33
|
+
self.save(:validate => false)
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
# set a fake datetime so a password change is needed
|
38
|
+
def need_change_password
|
39
|
+
if self.class.expire_password_after.is_a? Fixnum
|
40
|
+
self.password_changed_at = self.class.expire_password_after.ago
|
41
|
+
end
|
42
|
+
|
43
|
+
# is date not set it will set default to need set new password next login
|
44
|
+
need_change_password if self.password_changed_at.nil?
|
45
|
+
|
46
|
+
self.password_changed_at
|
47
|
+
end
|
48
|
+
|
49
|
+
private
|
50
|
+
|
51
|
+
# is password changed then update password_cahanged_at
|
52
|
+
def update_password_changed
|
53
|
+
self.password_changed_at = Time.now if (self.new_record? or self.encrypted_password_changed?) and not self.password_changed_at_changed?
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
module ClassMethods #:nodoc:
|
58
|
+
::Devise::Models.config(self, :expire_password_after)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module ActionDispatch::Routing # :nodoc:
|
2
|
+
class Mapper # :nodoc:
|
3
|
+
|
4
|
+
protected
|
5
|
+
|
6
|
+
# route for handle expired passwords
|
7
|
+
def devise_password_expired(mapping, controllers)
|
8
|
+
resource :password_expired, :only => [:show, :update], :path => mapping.path_names[:password_expired], :controller => controllers[:password_expired]
|
9
|
+
end
|
10
|
+
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
@@ -0,0 +1,23 @@
|
|
1
|
+
module DeviseSecurityExtension
|
2
|
+
# add schema helper for migrations
|
3
|
+
module Schema
|
4
|
+
# Add password_changed_at columns in the resource's database table.
|
5
|
+
#
|
6
|
+
# Examples
|
7
|
+
#
|
8
|
+
# # For a new resource migration:
|
9
|
+
# create_table :the_resources do
|
10
|
+
# t.password_expirable
|
11
|
+
# ...
|
12
|
+
# end
|
13
|
+
#
|
14
|
+
# # or if the resource's table already exists, define a migration and put this in:
|
15
|
+
# change_table :the_resources do |t|
|
16
|
+
# t.datetime :password_changed_at
|
17
|
+
# end
|
18
|
+
#
|
19
|
+
def password_expirable
|
20
|
+
apply_devise_schema :password_changed_at, DateTime
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module DeviseSecurityExtension
|
2
|
+
module Generators # :nodoc:
|
3
|
+
# Install Generator
|
4
|
+
class InstallGenerator < Rails::Generators::Base
|
5
|
+
source_root File.expand_path("../../templates", __FILE__)
|
6
|
+
|
7
|
+
desc "Install the devise security extension"
|
8
|
+
|
9
|
+
def add_configs
|
10
|
+
inject_into_file "config/initializers/devise.rb", "\n\n # ==> Security Extension\n # Configure security extension for devise\n\n # Should the password expire (e.g 3.months)\n # config.expire_password_after = false\n\n", :before => /end[ |\n|]+\Z/
|
11
|
+
end
|
12
|
+
|
13
|
+
def copy_locale
|
14
|
+
copy_file "../../../config/locales/en.yml", "config/locales/devise.security_extension.en.yml"
|
15
|
+
copy_file "../../../config/locales/de.yml", "config/locales/devise.security_extension.de.yml"
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
data/test/helper.rb
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'bundler'
|
3
|
+
begin
|
4
|
+
Bundler.setup(:default, :development)
|
5
|
+
rescue Bundler::BundlerError => e
|
6
|
+
$stderr.puts e.message
|
7
|
+
$stderr.puts "Run `bundle install` to install missing gems"
|
8
|
+
exit e.status_code
|
9
|
+
end
|
10
|
+
require 'test/unit'
|
11
|
+
|
12
|
+
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
13
|
+
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
14
|
+
require 'devise_security_extension'
|
15
|
+
|
16
|
+
class Test::Unit::TestCase
|
17
|
+
end
|
metadata
ADDED
@@ -0,0 +1,156 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: devise_security_extension
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
prerelease: false
|
5
|
+
segments:
|
6
|
+
- 0
|
7
|
+
- 1
|
8
|
+
- 0
|
9
|
+
version: 0.1.0
|
10
|
+
platform: ruby
|
11
|
+
authors:
|
12
|
+
- Marco Scholl
|
13
|
+
autorequire:
|
14
|
+
bindir: bin
|
15
|
+
cert_chain: []
|
16
|
+
|
17
|
+
date: 2011-01-31 00:00:00 +01:00
|
18
|
+
default_executable:
|
19
|
+
dependencies:
|
20
|
+
- !ruby/object:Gem::Dependency
|
21
|
+
name: rails
|
22
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
23
|
+
none: false
|
24
|
+
requirements:
|
25
|
+
- - ">="
|
26
|
+
- !ruby/object:Gem::Version
|
27
|
+
segments:
|
28
|
+
- 0
|
29
|
+
version: "0"
|
30
|
+
type: :runtime
|
31
|
+
prerelease: false
|
32
|
+
version_requirements: *id001
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: devise
|
35
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
36
|
+
none: false
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
segments:
|
41
|
+
- 0
|
42
|
+
version: "0"
|
43
|
+
type: :runtime
|
44
|
+
prerelease: false
|
45
|
+
version_requirements: *id002
|
46
|
+
- !ruby/object:Gem::Dependency
|
47
|
+
name: bundler
|
48
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
49
|
+
none: false
|
50
|
+
requirements:
|
51
|
+
- - ~>
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
segments:
|
54
|
+
- 1
|
55
|
+
- 0
|
56
|
+
- 0
|
57
|
+
version: 1.0.0
|
58
|
+
type: :development
|
59
|
+
prerelease: false
|
60
|
+
version_requirements: *id003
|
61
|
+
- !ruby/object:Gem::Dependency
|
62
|
+
name: jeweler
|
63
|
+
requirement: &id004 !ruby/object:Gem::Requirement
|
64
|
+
none: false
|
65
|
+
requirements:
|
66
|
+
- - ~>
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
segments:
|
69
|
+
- 1
|
70
|
+
- 5
|
71
|
+
- 2
|
72
|
+
version: 1.5.2
|
73
|
+
type: :development
|
74
|
+
prerelease: false
|
75
|
+
version_requirements: *id004
|
76
|
+
- !ruby/object:Gem::Dependency
|
77
|
+
name: rcov
|
78
|
+
requirement: &id005 !ruby/object:Gem::Requirement
|
79
|
+
none: false
|
80
|
+
requirements:
|
81
|
+
- - ">="
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
segments:
|
84
|
+
- 0
|
85
|
+
version: "0"
|
86
|
+
type: :development
|
87
|
+
prerelease: false
|
88
|
+
version_requirements: *id005
|
89
|
+
description: a gem for extend devise for more password security
|
90
|
+
email: develop@marco-scholl.de
|
91
|
+
executables: []
|
92
|
+
|
93
|
+
extensions: []
|
94
|
+
|
95
|
+
extra_rdoc_files:
|
96
|
+
- LICENSE.txt
|
97
|
+
- README.rdoc
|
98
|
+
files:
|
99
|
+
- .document
|
100
|
+
- Gemfile
|
101
|
+
- Gemfile.lock
|
102
|
+
- LICENSE.txt
|
103
|
+
- README.rdoc
|
104
|
+
- Rakefile
|
105
|
+
- VERSION
|
106
|
+
- app/controllers/devise/password_expired_controller.rb
|
107
|
+
- app/views/devise/password_expired/show.html.erb
|
108
|
+
- config/locales/de.yml
|
109
|
+
- config/locales/en.yml
|
110
|
+
- devise_security_extension.gemspec
|
111
|
+
- lib/devise_security_extension.rb
|
112
|
+
- lib/devise_security_extension/controllers/helpers.rb
|
113
|
+
- lib/devise_security_extension/hooks/password_expirable.rb
|
114
|
+
- lib/devise_security_extension/models/password_expirable.rb
|
115
|
+
- lib/devise_security_extension/rails.rb
|
116
|
+
- lib/devise_security_extension/routes.rb
|
117
|
+
- lib/devise_security_extension/schema.rb
|
118
|
+
- lib/generators/devise_security_extension/install_generator.rb
|
119
|
+
- test/helper.rb
|
120
|
+
- test/test_devise_security_extension.rb
|
121
|
+
has_rdoc: true
|
122
|
+
homepage: http://github.com/traxanos/devise_security_extension
|
123
|
+
licenses:
|
124
|
+
- MIT
|
125
|
+
post_install_message:
|
126
|
+
rdoc_options: []
|
127
|
+
|
128
|
+
require_paths:
|
129
|
+
- lib
|
130
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
131
|
+
none: false
|
132
|
+
requirements:
|
133
|
+
- - ">="
|
134
|
+
- !ruby/object:Gem::Version
|
135
|
+
hash: 3532175990553077458
|
136
|
+
segments:
|
137
|
+
- 0
|
138
|
+
version: "0"
|
139
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
140
|
+
none: false
|
141
|
+
requirements:
|
142
|
+
- - ">="
|
143
|
+
- !ruby/object:Gem::Version
|
144
|
+
segments:
|
145
|
+
- 0
|
146
|
+
version: "0"
|
147
|
+
requirements: []
|
148
|
+
|
149
|
+
rubyforge_project:
|
150
|
+
rubygems_version: 1.3.7
|
151
|
+
signing_key:
|
152
|
+
specification_version: 3
|
153
|
+
summary: an security extension for devise
|
154
|
+
test_files:
|
155
|
+
- test/helper.rb
|
156
|
+
- test/test_devise_security_extension.rb
|