RubyGems - devise_security_extension - Versions diffs - 0.3.2 → 0.3.3 - Mend

devise_security_extension 0.3.2 → 0.3.3

Files changed (8) hide show

data/README.rdoc CHANGED Viewed

@@ -40,7 +40,7 @@ after bundle execute
 === Password archive
-  create_table :old_passwords do
+  create_table :old_passwords do |t|
     t.password_archivable
   end
   add_index :old_passwords, [:password_archivable_type, :password_archivable_id], :name => :index_password_archivable

data/VERSION CHANGED Viewed

data/devise_security_extension.gemspec CHANGED Viewed

@@ -5,11 +5,11 @@
 Gem::Specification.new do |s|
   s.name = %q{devise_security_extension}
-  s.version = "0.3.2"
+  s.version = "0.3.3"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Marco Scholl"]
-  s.date = %q{2011-02-13}
+  s.date = %q{2011-03-08}
   s.description = %q{a gem for extend devise for more password security}
   s.email = %q{team@phatworx.de}
   s.extra_rdoc_files = [

@@ -16,7 +16,7 @@ module DeviseSecurityExtension
         def handle_password_change
           Devise.mappings.keys.flatten.any? do |scope|
             if signed_in? scope
-              if warden.session[:password_expired]
+              if warden.session(scope)[:password_expired]
                 session["#{scope}_return_to"] = request.path if request.get?
                 redirect_for_password_change scope
                 break

@@ -1,3 +1,3 @@
 Warden::Manager.after_authentication do |record, warden, options|
-  warden.session[:password_expired] = record.need_change_password?
+  warden.session(options[:scope])[:password_expired] = record.need_change_password?
 end

@@ -10,7 +10,7 @@ module Devise # :nodoc:
         base.class_eval do
           include InstanceMethods
           has_many :old_passwords, :as => :password_archivable, :class_name => "OldPassword"
-          before_save :archive_password
+          before_update :archive_password
           validate :validate_password_archive
         end
       end

@@ -19,7 +19,7 @@ module Devise
         base.class_eval do
           # uniq login
-          validates authentication_keys[0], :uniqueness => {:scope => authentication_keys[1..-1]}#, :case_sensitive => case_insensitive_keys.exclude?(authentication_keys[0])
+          validates authentication_keys[0], :uniqueness => {:scope => authentication_keys[1..-1]} #, :case_sensitive => case_insensitive_keys.exclude?(authentication_keys[0])
           # validates email
           validates :email, :presence => true, :if => :email_required?
@@ -27,6 +27,9 @@ module Devise
           # validates password
           validates :password, :presence => true, :length => password_length, :format => password_regex, :confirmation => true, :if => :password_required?
+          # don't allow use same password
+          validate :current_equal_password_validation
         end
       end
@@ -34,6 +37,13 @@ module Devise
         raise "Could not use SecureValidatable on #{base}" unless base.respond_to?(:validates)
       end
+      def current_equal_password_validation
+        dummy = self.class.new
+        dummy.encrypted_password = self.encrypted_password
+        dummy.password_salt = self.password_salt
+        self.errors.add(:password, :equal_to_current_password) if dummy.valid_password?(self.password)
+      end
       protected
       # Checks whether a password is needed or not. For validations only.

metadata CHANGED Viewed

@@ -2,7 +2,7 @@
 name: devise_security_extension
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.3.2
+  version: 0.3.3
 platform: ruby
 authors:
 - Marco Scholl
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-02-13 00:00:00 +01:00
+date: 2011-03-08 00:00:00 +01:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -129,7 +129,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: -1920032872941050500
+      hash: -1012646125628855063
       segments:
       - 0
       version: "0"