devise_security_extension 0.1.0 → 0.2.0

data/Gemfile

@@ -3,6 +3,7 @@ source "http://rubygems.org"
 # Example:
 gem "rails"
 gem "devise"
+gem "rails_email_validator"
 
 # Add dependencies to develop your gem here.
 # Include everything needed to run rake, tests, features, etc.

data/Gemfile.lock

@@ -62,6 +62,9 @@ GEM
       activesupport (= 3.0.3)
       bundler (~> 1.0)
       railties (= 3.0.3)
+    rails_email_validator (0.1.1)
+      activemodel (>= 3.0.0)
+      activemodel (>= 3.0.0)
     railties (3.0.3)
       actionpack (= 3.0.3)
       activesupport (= 3.0.3)
@@ -84,4 +87,5 @@ DEPENDENCIES
   devise
   jeweler (~> 1.5.2)
   rails
+  rails_email_validator
   rcov

data/README.rdoc

@@ -12,10 +12,18 @@ after bundle execute
 == Configuration
 
   Devise.setup do |config|
-    # Should the password expire (e.g 3.months)
-    # config.expire_password_after = false
+    # Should the password expire
+    # config.expire_password_after = 3.months
+
+    # Need 1 char of A-Z, a-z and 0-9
+    # config.password_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/
   end
 
+== Model modules
+
+ * :password_expirable - activate that passwords will expire
+ * :secure_validatable - better way to validate model. don't use with :validatable!!!
+ 
 == Requirements
 
 * devise (https://github.com/plataformatec/devise)
@@ -24,10 +32,10 @@ after bundle execute
 == Features
 
  * expire passwords (update password with current password)
+ * strong password validation
 
 == Todo
 
- * password rules
  * easy_captcha for registration
  * easy_captcha for password forgotten
  * easy_captcha for unlock instructions
@@ -35,6 +43,7 @@ after bundle execute
 
 == History
  * 0.1 expire passwords
+ * 0.2 strong password validation
 
 == Maintainers
 

data/VERSION

@@ -1 +1 @@
-0.1.0
+0.2.0

data/devise_security_extension.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{devise_security_extension}
-  s.version = "0.1.0"
+  s.version = "0.2.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Marco Scholl"]
-  s.date = %q{2011-01-31}
+  s.date = %q{2011-02-01}
   s.description = %q{a gem for extend devise for more password security}
   s.email = %q{develop@marco-scholl.de}
   s.extra_rdoc_files = [
@@ -33,6 +33,7 @@ Gem::Specification.new do |s|
     "lib/devise_security_extension/controllers/helpers.rb",
     "lib/devise_security_extension/hooks/password_expirable.rb",
     "lib/devise_security_extension/models/password_expirable.rb",
+    "lib/devise_security_extension/models/secure_validatable.rb",
     "lib/devise_security_extension/rails.rb",
     "lib/devise_security_extension/routes.rb",
     "lib/devise_security_extension/schema.rb",
@@ -57,12 +58,14 @@ Gem::Specification.new do |s|
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<rails>, [">= 0"])
       s.add_runtime_dependency(%q<devise>, [">= 0"])
+      s.add_runtime_dependency(%q<rails_email_validator>, [">= 0"])
       s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
       s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
       s.add_development_dependency(%q<rcov>, [">= 0"])
     else
       s.add_dependency(%q<rails>, [">= 0"])
       s.add_dependency(%q<devise>, [">= 0"])
+      s.add_dependency(%q<rails_email_validator>, [">= 0"])
       s.add_dependency(%q<bundler>, ["~> 1.0.0"])
       s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
       s.add_dependency(%q<rcov>, [">= 0"])
@@ -70,6 +73,7 @@ Gem::Specification.new do |s|
   else
     s.add_dependency(%q<rails>, [">= 0"])
     s.add_dependency(%q<devise>, [">= 0"])
+    s.add_dependency(%q<rails_email_validator>, [">= 0"])
     s.add_dependency(%q<bundler>, ["~> 1.0.0"])
     s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
     s.add_dependency(%q<rcov>, [">= 0"])

data/lib/devise_security_extension.rb

@@ -10,7 +10,11 @@ module Devise # :nodoc:
 
   # expire password after e.g 1.year
   mattr_accessor :expire_password_after
-  @@expire_password_after = false
+  @@expire_password_after = 3.months
+
+  # validate password for strongness
+  mattr_accessor :password_regex
+  @@password_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/
 
 end
 
@@ -20,3 +24,4 @@ module DeviseSecurityExtension
 end
 
 Devise.add_module :password_expirable, :controller => :password_expirable, :model => 'devise_security_extension/models/password_expirable', :route => :password_expired
+Devise.add_module :secure_validatable, :model => 'devise_security_extension/models/secure_validatable'

data/lib/devise_security_extension/models/secure_validatable.rb

@@ -0,0 +1,55 @@
+module Devise
+  module Models
+    # SecureValidatable creates better validations with more validation for security
+    #
+    # == Options
+    #
+    # SecureValidatable adds the following options to devise_for:
+    #
+    #   * +email_regexp+: the regular expression used to validate e-mails;
+    #   * +password_length+: a range expressing password length. Defaults from devise
+    #   * +password_regex+: need strong password. Defaults to /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/
+    #
+    module SecureValidatable
+
+      def self.included(base)
+        base.extend ClassMethods
+        assert_secure_validations_api!(base)
+
+        base.class_eval do
+
+          # uniq login
+          validates authentication_keys[0], :uniqueness => {:scope => authentication_keys[1..-1]}#, :case_sensitive => case_insensitive_keys.exclude?(authentication_keys[0])
+
+          # validates email
+          validates :email, :presence => true, :if => :email_required?
+          validates :email, :email => true # use rails_email_validator
+
+          # validates password
+          validates :password, :presence => true, :length => password_length, :format => password_regex, :confirmation => true, :if => :password_required?
+        end
+      end
+
+      def self.assert_secure_validations_api!(base) #:nodoc:
+        raise "Could not use SecureValidatable on #{base}" unless base.respond_to?(:validates)
+      end
+
+      protected
+
+      # Checks whether a password is needed or not. For validations only.
+      # Passwords are always required if it's a new record, or if the password
+      # or confirmation are being set somewhere.
+      def password_required?
+        !persisted? || !password.nil? || !password_confirmation.nil?
+      end
+
+      def email_required?
+        true
+      end
+
+      module ClassMethods
+        Devise::Models.config(self, :password_regex, :password_length)
+      end
+    end
+  end
+end

data/lib/generators/devise_security_extension/install_generator.rb

@@ -7,7 +7,10 @@ module DeviseSecurityExtension
       desc "Install the devise security extension"
 
       def add_configs
-        inject_into_file "config/initializers/devise.rb", "\n\n  # ==> Security Extension\n  # Configure security extension for devise\n\n  # Should the password expire (e.g 3.months)\n  # config.expire_password_after = false\n\n", :before => /end[ |\n|]+\Z/
+        inject_into_file "config/initializers/devise.rb", "\n\n  # ==> Security Extension\n  # Configure security extension for devise\n\n" +
+        "  # Should the password expire (e.g 3.months)\n  # config.expire_password_after = false\n" +
+        "  # Need 1 char of A-Z, a-z and 0-9\n  # config.password_regex = /(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])/\n" +
+        "\n", :before => /end[ |\n|]+\Z/
       end
 
       def copy_locale

metadata

@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
   prerelease: false
   segments: 
   - 0
-  - 1
+  - 2
   - 0
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors: 
 - Marco Scholl
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-31 00:00:00 +01:00
+date: 2011-02-01 00:00:00 +01:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -44,8 +44,21 @@ dependencies:
   prerelease: false
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
-  name: bundler
+  name: rails_email_validator
   requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  prerelease: false
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -57,10 +70,10 @@ dependencies:
         version: 1.0.0
   type: :development
   prerelease: false
-  version_requirements: *id003
+  version_requirements: *id004
 - !ruby/object:Gem::Dependency 
   name: jeweler
-  requirement: &id004 !ruby/object:Gem::Requirement 
+  requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -72,10 +85,10 @@ dependencies:
         version: 1.5.2
   type: :development
   prerelease: false
-  version_requirements: *id004
+  version_requirements: *id005
 - !ruby/object:Gem::Dependency 
   name: rcov
-  requirement: &id005 !ruby/object:Gem::Requirement 
+  requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
@@ -85,7 +98,7 @@ dependencies:
         version: "0"
   type: :development
   prerelease: false
-  version_requirements: *id005
+  version_requirements: *id006
 description: a gem for extend devise for more password security
 email: develop@marco-scholl.de
 executables: []
@@ -112,6 +125,7 @@ files:
 - lib/devise_security_extension/controllers/helpers.rb
 - lib/devise_security_extension/hooks/password_expirable.rb
 - lib/devise_security_extension/models/password_expirable.rb
+- lib/devise_security_extension/models/secure_validatable.rb
 - lib/devise_security_extension/rails.rb
 - lib/devise_security_extension/routes.rb
 - lib/devise_security_extension/schema.rb
@@ -132,7 +146,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3532175990553077458
+      hash: -2724377088242008292
       segments: 
       - 0
       version: "0"