devise_security_extension 0.4.2 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile +2 -2
- data/Gemfile.lock +76 -66
- data/README.rdoc +3 -4
- data/Rakefile +1 -8
- data/VERSION +1 -1
- data/config/locales/de.yml +2 -0
- data/config/locales/en.yml +2 -0
- data/devise_security_extension.gemspec +13 -14
- data/lib/devise_security_extension.rb +1 -0
- data/lib/devise_security_extension/hooks/session_limitable.rb +28 -0
- data/lib/devise_security_extension/models/password_archivable.rb +1 -1
- data/lib/devise_security_extension/models/session_limitable.rb +21 -0
- data/lib/devise_security_extension/schema.rb +19 -0
- data/lib/generators/devise_security_extension/install_generator.rb +1 -1
- metadata +19 -30
data/Gemfile
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
source "http://rubygems.org"
|
2
2
|
# Add dependencies required to use your gem here.
|
3
3
|
# Example:
|
4
|
-
gem "rails", ">= 3.
|
4
|
+
gem "rails", ">= 3.1.1"
|
5
5
|
gem "devise"
|
6
6
|
|
7
7
|
# Add dependencies to develop your gem here.
|
@@ -11,5 +11,5 @@ group :development do
|
|
11
11
|
gem "easy_captcha"
|
12
12
|
gem "bundler", "~> 1.0.0"
|
13
13
|
gem "jeweler", "~> 1.5.2"
|
14
|
-
gem "rcov", ">= 0"
|
14
|
+
# gem "rcov", ">= 0"
|
15
15
|
end
|
data/Gemfile.lock
CHANGED
@@ -1,89 +1,100 @@
|
|
1
1
|
GEM
|
2
2
|
remote: http://rubygems.org/
|
3
3
|
specs:
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
rack (~> 1.
|
15
|
-
rack-mount (~> 0.
|
16
|
-
rack-test (~> 0.
|
17
|
-
|
18
|
-
activemodel (3.
|
19
|
-
activesupport (= 3.
|
20
|
-
builder (~>
|
21
|
-
i18n (~> 0.
|
22
|
-
activerecord (3.
|
23
|
-
activemodel (= 3.
|
24
|
-
activesupport (= 3.
|
25
|
-
arel (~> 2.
|
26
|
-
tzinfo (~> 0.3.
|
27
|
-
activeresource (3.
|
28
|
-
activemodel (= 3.
|
29
|
-
activesupport (= 3.
|
30
|
-
activesupport (3.
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
4
|
+
actionmailer (3.1.3)
|
5
|
+
actionpack (= 3.1.3)
|
6
|
+
mail (~> 2.3.0)
|
7
|
+
actionpack (3.1.3)
|
8
|
+
activemodel (= 3.1.3)
|
9
|
+
activesupport (= 3.1.3)
|
10
|
+
builder (~> 3.0.0)
|
11
|
+
erubis (~> 2.7.0)
|
12
|
+
i18n (~> 0.6)
|
13
|
+
rack (~> 1.3.5)
|
14
|
+
rack-cache (~> 1.1)
|
15
|
+
rack-mount (~> 0.8.2)
|
16
|
+
rack-test (~> 0.6.1)
|
17
|
+
sprockets (~> 2.0.3)
|
18
|
+
activemodel (3.1.3)
|
19
|
+
activesupport (= 3.1.3)
|
20
|
+
builder (~> 3.0.0)
|
21
|
+
i18n (~> 0.6)
|
22
|
+
activerecord (3.1.3)
|
23
|
+
activemodel (= 3.1.3)
|
24
|
+
activesupport (= 3.1.3)
|
25
|
+
arel (~> 2.2.1)
|
26
|
+
tzinfo (~> 0.3.29)
|
27
|
+
activeresource (3.1.3)
|
28
|
+
activemodel (= 3.1.3)
|
29
|
+
activesupport (= 3.1.3)
|
30
|
+
activesupport (3.1.3)
|
31
|
+
multi_json (~> 1.0)
|
32
|
+
arel (2.2.1)
|
33
|
+
bcrypt-ruby (3.0.1)
|
34
|
+
builder (3.0.0)
|
35
|
+
devise (1.5.1)
|
36
|
+
bcrypt-ruby (~> 3.0)
|
36
37
|
orm_adapter (~> 0.0.3)
|
37
|
-
warden (~> 1.
|
38
|
-
easy_captcha (0.4.
|
38
|
+
warden (~> 1.1)
|
39
|
+
easy_captcha (0.4.5)
|
39
40
|
rails (>= 3.0.0)
|
40
|
-
|
41
|
-
rmagick
|
42
|
-
rmagick
|
43
|
-
erubis (2.6.6)
|
44
|
-
abstract (>= 1.0.0)
|
41
|
+
erubis (2.7.0)
|
45
42
|
git (1.2.5)
|
46
|
-
|
43
|
+
hike (1.2.1)
|
44
|
+
i18n (0.6.0)
|
47
45
|
jeweler (1.5.2)
|
48
46
|
bundler (~> 1.0.0)
|
49
47
|
git (>= 1.2.5)
|
50
48
|
rake
|
51
|
-
|
52
|
-
|
49
|
+
json (1.6.1)
|
50
|
+
mail (2.3.0)
|
53
51
|
i18n (>= 0.4.0)
|
54
52
|
mime-types (~> 1.16)
|
55
53
|
treetop (~> 1.4.8)
|
56
|
-
mime-types (1.
|
54
|
+
mime-types (1.17.2)
|
55
|
+
multi_json (1.0.3)
|
57
56
|
orm_adapter (0.0.5)
|
58
|
-
polyglot (0.3.
|
59
|
-
rack (1.
|
60
|
-
rack-
|
57
|
+
polyglot (0.3.3)
|
58
|
+
rack (1.3.5)
|
59
|
+
rack-cache (1.1)
|
60
|
+
rack (>= 0.4)
|
61
|
+
rack-mount (0.8.3)
|
61
62
|
rack (>= 1.0.0)
|
62
|
-
rack-
|
63
|
+
rack-ssl (1.3.2)
|
64
|
+
rack
|
65
|
+
rack-test (0.6.1)
|
63
66
|
rack (>= 1.0)
|
64
|
-
rails (3.
|
65
|
-
actionmailer (= 3.
|
66
|
-
actionpack (= 3.
|
67
|
-
activerecord (= 3.
|
68
|
-
activeresource (= 3.
|
69
|
-
activesupport (= 3.
|
67
|
+
rails (3.1.3)
|
68
|
+
actionmailer (= 3.1.3)
|
69
|
+
actionpack (= 3.1.3)
|
70
|
+
activerecord (= 3.1.3)
|
71
|
+
activeresource (= 3.1.3)
|
72
|
+
activesupport (= 3.1.3)
|
70
73
|
bundler (~> 1.0)
|
71
|
-
railties (= 3.
|
74
|
+
railties (= 3.1.3)
|
72
75
|
rails_email_validator (0.1.4)
|
73
76
|
activemodel (>= 3.0.0)
|
74
|
-
railties (3.
|
75
|
-
actionpack (= 3.
|
76
|
-
activesupport (= 3.
|
77
|
+
railties (3.1.3)
|
78
|
+
actionpack (= 3.1.3)
|
79
|
+
activesupport (= 3.1.3)
|
80
|
+
rack-ssl (~> 1.3.2)
|
77
81
|
rake (>= 0.8.7)
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
+
rdoc (~> 3.4)
|
83
|
+
thor (~> 0.14.6)
|
84
|
+
rake (0.9.2.2)
|
85
|
+
rdoc (3.11)
|
86
|
+
json (~> 1.4)
|
87
|
+
sprockets (2.0.3)
|
88
|
+
hike (~> 1.2)
|
89
|
+
rack (~> 1.0)
|
90
|
+
tilt (~> 1.1, != 1.3.0)
|
82
91
|
thor (0.14.6)
|
83
|
-
|
92
|
+
tilt (1.3.3)
|
93
|
+
treetop (1.4.10)
|
94
|
+
polyglot
|
84
95
|
polyglot (>= 0.3.1)
|
85
|
-
tzinfo (0.3.
|
86
|
-
warden (1.0
|
96
|
+
tzinfo (0.3.31)
|
97
|
+
warden (1.1.0)
|
87
98
|
rack (>= 1.0)
|
88
99
|
|
89
100
|
PLATFORMS
|
@@ -94,6 +105,5 @@ DEPENDENCIES
|
|
94
105
|
devise
|
95
106
|
easy_captcha
|
96
107
|
jeweler (~> 1.5.2)
|
97
|
-
rails (>= 3.
|
108
|
+
rails (>= 3.1.1)
|
98
109
|
rails_email_validator
|
99
|
-
rcov
|
data/README.rdoc
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
= devise_security_extension
|
2
2
|
|
3
|
-
|
3
|
+
An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.
|
4
4
|
|
5
5
|
== Features
|
6
6
|
|
7
7
|
* expire passwords (update password with current password)
|
8
8
|
* strong password validation
|
9
|
-
* save old passwords
|
10
|
-
* captcha support for sign_up, sign_in, recover and unlock
|
9
|
+
* save old passwords to protect users from assigning old/expired passwords again
|
10
|
+
* captcha support for sign_up, sign_in, recover and unlock (to make automated mass creation and brute forcing of accounts harder)
|
11
11
|
|
12
12
|
== Installation
|
13
13
|
add to Gemfile
|
@@ -117,4 +117,3 @@ That's all!
|
|
117
117
|
|
118
118
|
Copyright (c) 2011 Marco Scholl. See LICENSE.txt for
|
119
119
|
further details.
|
120
|
-
|
data/Rakefile
CHANGED
@@ -29,16 +29,9 @@ Rake::TestTask.new(:test) do |test|
|
|
29
29
|
test.verbose = true
|
30
30
|
end
|
31
31
|
|
32
|
-
require 'rcov/rcovtask'
|
33
|
-
Rcov::RcovTask.new do |test|
|
34
|
-
test.libs << 'test'
|
35
|
-
test.pattern = 'test/**/test_*.rb'
|
36
|
-
test.verbose = true
|
37
|
-
end
|
38
|
-
|
39
32
|
task :default => :test
|
40
33
|
|
41
|
-
require '
|
34
|
+
require 'rdoc/task'
|
42
35
|
Rake::RDocTask.new do |rdoc|
|
43
36
|
version = File.exist?('VERSION') ? File.read('VERSION') : ""
|
44
37
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.
|
1
|
+
0.5.0
|
data/config/locales/de.yml
CHANGED
@@ -8,3 +8,5 @@ de:
|
|
8
8
|
password_expired:
|
9
9
|
updated: "Das neue Passwort wurde übernommen."
|
10
10
|
change_required: "Ihr Passwort ist abgelaufen. Bitte vergeben sie ein neues Passwort!"
|
11
|
+
failure:
|
12
|
+
session_limited: 'Ihre Anmeldedaten wurden in einem anderen Browser genutzt. Bitte melden Sie sich erneut an, um in diesem Browser fortzufahren.'
|
data/config/locales/en.yml
CHANGED
@@ -8,3 +8,5 @@ en:
|
|
8
8
|
password_expired:
|
9
9
|
updated: "Your new password is saved."
|
10
10
|
change_required: "Your password is expired. Please renew your password!"
|
11
|
+
failure:
|
12
|
+
session_limited: 'Your login credentials were used in another browser. Please sign in again to continue in this browser.'
|
@@ -4,14 +4,14 @@
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
|
-
s.name =
|
8
|
-
s.version = "0.
|
7
|
+
s.name = "devise_security_extension"
|
8
|
+
s.version = "0.5.0"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["Marco Scholl"]
|
12
|
-
s.date =
|
13
|
-
s.description =
|
14
|
-
s.email =
|
12
|
+
s.date = "2011-12-27"
|
13
|
+
s.description = "a gem for extend devise for more password security"
|
14
|
+
s.email = "team@phatworx.de"
|
15
15
|
s.extra_rdoc_files = [
|
16
16
|
"LICENSE.txt",
|
17
17
|
"README.rdoc"
|
@@ -32,10 +32,12 @@ Gem::Specification.new do |s|
|
|
32
32
|
"lib/devise_security_extension.rb",
|
33
33
|
"lib/devise_security_extension/controllers/helpers.rb",
|
34
34
|
"lib/devise_security_extension/hooks/password_expirable.rb",
|
35
|
+
"lib/devise_security_extension/hooks/session_limitable.rb",
|
35
36
|
"lib/devise_security_extension/models/old_password.rb",
|
36
37
|
"lib/devise_security_extension/models/password_archivable.rb",
|
37
38
|
"lib/devise_security_extension/models/password_expirable.rb",
|
38
39
|
"lib/devise_security_extension/models/secure_validatable.rb",
|
40
|
+
"lib/devise_security_extension/models/session_limitable.rb",
|
39
41
|
"lib/devise_security_extension/orm/active_record.rb",
|
40
42
|
"lib/devise_security_extension/patches.rb",
|
41
43
|
"lib/devise_security_extension/patches/controller_captcha.rb",
|
@@ -46,11 +48,11 @@ Gem::Specification.new do |s|
|
|
46
48
|
"test/helper.rb",
|
47
49
|
"test/test_devise_security_extension.rb"
|
48
50
|
]
|
49
|
-
s.homepage =
|
51
|
+
s.homepage = "http://github.com/phatworx/devise_security_extension"
|
50
52
|
s.licenses = ["MIT"]
|
51
53
|
s.require_paths = ["lib"]
|
52
|
-
s.rubygems_version =
|
53
|
-
s.summary =
|
54
|
+
s.rubygems_version = "1.8.10"
|
55
|
+
s.summary = "an security extension for devise"
|
54
56
|
s.test_files = [
|
55
57
|
"test/helper.rb",
|
56
58
|
"test/test_devise_security_extension.rb"
|
@@ -60,30 +62,27 @@ Gem::Specification.new do |s|
|
|
60
62
|
s.specification_version = 3
|
61
63
|
|
62
64
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
63
|
-
s.add_runtime_dependency(%q<rails>, [">= 3.
|
65
|
+
s.add_runtime_dependency(%q<rails>, [">= 3.1.1"])
|
64
66
|
s.add_runtime_dependency(%q<devise>, [">= 0"])
|
65
67
|
s.add_development_dependency(%q<rails_email_validator>, [">= 0"])
|
66
68
|
s.add_development_dependency(%q<easy_captcha>, [">= 0"])
|
67
69
|
s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
|
68
70
|
s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
|
69
|
-
s.add_development_dependency(%q<rcov>, [">= 0"])
|
70
71
|
else
|
71
|
-
s.add_dependency(%q<rails>, [">= 3.
|
72
|
+
s.add_dependency(%q<rails>, [">= 3.1.1"])
|
72
73
|
s.add_dependency(%q<devise>, [">= 0"])
|
73
74
|
s.add_dependency(%q<rails_email_validator>, [">= 0"])
|
74
75
|
s.add_dependency(%q<easy_captcha>, [">= 0"])
|
75
76
|
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
76
77
|
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
77
|
-
s.add_dependency(%q<rcov>, [">= 0"])
|
78
78
|
end
|
79
79
|
else
|
80
|
-
s.add_dependency(%q<rails>, [">= 3.
|
80
|
+
s.add_dependency(%q<rails>, [">= 3.1.1"])
|
81
81
|
s.add_dependency(%q<devise>, [">= 0"])
|
82
82
|
s.add_dependency(%q<rails_email_validator>, [">= 0"])
|
83
83
|
s.add_dependency(%q<easy_captcha>, [">= 0"])
|
84
84
|
s.add_dependency(%q<bundler>, ["~> 1.0.0"])
|
85
85
|
s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
|
86
|
-
s.add_dependency(%q<rcov>, [">= 0"])
|
87
86
|
end
|
88
87
|
end
|
89
88
|
|
@@ -60,6 +60,7 @@ end
|
|
60
60
|
Devise.add_module :password_expirable, :controller => :password_expirable, :model => 'devise_security_extension/models/password_expirable', :route => :password_expired
|
61
61
|
Devise.add_module :secure_validatable, :model => 'devise_security_extension/models/secure_validatable'
|
62
62
|
Devise.add_module :password_archivable, :model => 'devise_security_extension/models/password_archivable'
|
63
|
+
Devise.add_module :session_limitable, :model => 'devise_security_extension/models/session_limitable'
|
63
64
|
|
64
65
|
# requires
|
65
66
|
require 'devise_security_extension/routes'
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# After each sign in, update unique_session_id.
|
2
|
+
# This is only triggered when the user is explicitly set (with set_user)
|
3
|
+
# and on authentication. Retrieving the user from session (:fetch) does
|
4
|
+
# not trigger it.
|
5
|
+
Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
|
6
|
+
if record.respond_to?(:update_unique_session_id!) && warden.authenticated?(options[:scope])
|
7
|
+
unique_session_id = Devise.friendly_token
|
8
|
+
warden.session(options[:scope])['unique_session_id'] = unique_session_id
|
9
|
+
record.update_unique_session_id!(unique_session_id)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
# Each time a record is fetched from session we check if a new session from another
|
14
|
+
# browser was opened for the record or not, based on a unique session identifier.
|
15
|
+
# If so, the old account is logged out and redirected to the sign in page on the next request.
|
16
|
+
Warden::Manager.after_set_user :only => :fetch do |record, warden, options|
|
17
|
+
scope = options[:scope]
|
18
|
+
|
19
|
+
if warden.authenticated?(scope)
|
20
|
+
unless record.unique_session_id == warden.session(scope)['unique_session_id']
|
21
|
+
path_checker = Devise::PathChecker.new(warden.env, scope)
|
22
|
+
unless path_checker.signing_out?
|
23
|
+
warden.logout(scope)
|
24
|
+
throw :warden, :scope => scope, :message => :session_limited
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -18,7 +18,7 @@ module Devise # :nodoc:
|
|
18
18
|
module InstanceMethods # :nodoc:
|
19
19
|
|
20
20
|
def validate_password_archive
|
21
|
-
self.errors.add(:password, :taken_in_past) if password_archive_included?
|
21
|
+
self.errors.add(:password, :taken_in_past) if encrypted_password_changed? and password_archive_included?
|
22
22
|
end
|
23
23
|
|
24
24
|
# validate is the password used in the past
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'devise_security_extension/hooks/session_limitable'
|
2
|
+
|
3
|
+
module Devise # :nodoc:
|
4
|
+
module Models # :nodoc:
|
5
|
+
# SessionLimited ensures, that there is only one session usable per account at once.
|
6
|
+
# If someone logs in, and some other is logging in with the same credentials,
|
7
|
+
# the session from the first one is invalidated and not usable anymore.
|
8
|
+
# The first one is redirected to the sign page with a message, telling that
|
9
|
+
# someone used his credentials to sign in.
|
10
|
+
module SessionLimitable
|
11
|
+
extend ActiveSupport::Concern
|
12
|
+
|
13
|
+
def update_unique_session_id!(unique_session_id)
|
14
|
+
self.unique_session_id = unique_session_id
|
15
|
+
|
16
|
+
save(:validate => false)
|
17
|
+
end
|
18
|
+
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -36,5 +36,24 @@ module DeviseSecurityExtension
|
|
36
36
|
apply_devise_schema :password_archivable_type, String, :null => false
|
37
37
|
apply_devise_schema :created_at, DateTime
|
38
38
|
end
|
39
|
+
|
40
|
+
# Add session_limitable columns in the resource's database table.
|
41
|
+
#
|
42
|
+
# Examples
|
43
|
+
#
|
44
|
+
# # For a new resource migration:
|
45
|
+
# create_table :the_resources do |t|
|
46
|
+
# t.session_limitable
|
47
|
+
# ...
|
48
|
+
# end
|
49
|
+
#
|
50
|
+
# # or if the resource's table already exists, define a migration and put this in:
|
51
|
+
# change_table :the_resources do |t|
|
52
|
+
# t.string :unique_session_id, :limit => 20
|
53
|
+
# end
|
54
|
+
#
|
55
|
+
def session_limitable
|
56
|
+
apply_devise_schema :unique_session_id, String, :limit => 20
|
57
|
+
end
|
39
58
|
end
|
40
59
|
end
|
@@ -12,7 +12,7 @@ module DeviseSecurityExtension
|
|
12
12
|
" # config.expire_password_after = false\n\n" +
|
13
13
|
" # Need 1 char of A-Z, a-z and 0-9\n" +
|
14
14
|
" # config.password_regex = /(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])/\n\n" +
|
15
|
-
" # How
|
15
|
+
" # How many passwords to keep in archive\n" +
|
16
16
|
" # config.password_archiving_count = 5\n\n" +
|
17
17
|
" # Deny old password (true, false, count)\n" +
|
18
18
|
" # config.deny_old_passwords = true\n\n" +
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_security_extension
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,23 +9,22 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2011-
|
13
|
-
default_executable:
|
12
|
+
date: 2011-12-27 00:00:00.000000000 Z
|
14
13
|
dependencies:
|
15
14
|
- !ruby/object:Gem::Dependency
|
16
15
|
name: rails
|
17
|
-
requirement: &
|
16
|
+
requirement: &8681980 !ruby/object:Gem::Requirement
|
18
17
|
none: false
|
19
18
|
requirements:
|
20
19
|
- - ! '>='
|
21
20
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
21
|
+
version: 3.1.1
|
23
22
|
type: :runtime
|
24
23
|
prerelease: false
|
25
|
-
version_requirements: *
|
24
|
+
version_requirements: *8681980
|
26
25
|
- !ruby/object:Gem::Dependency
|
27
26
|
name: devise
|
28
|
-
requirement: &
|
27
|
+
requirement: &8706740 !ruby/object:Gem::Requirement
|
29
28
|
none: false
|
30
29
|
requirements:
|
31
30
|
- - ! '>='
|
@@ -33,10 +32,10 @@ dependencies:
|
|
33
32
|
version: '0'
|
34
33
|
type: :runtime
|
35
34
|
prerelease: false
|
36
|
-
version_requirements: *
|
35
|
+
version_requirements: *8706740
|
37
36
|
- !ruby/object:Gem::Dependency
|
38
37
|
name: rails_email_validator
|
39
|
-
requirement: &
|
38
|
+
requirement: &8705420 !ruby/object:Gem::Requirement
|
40
39
|
none: false
|
41
40
|
requirements:
|
42
41
|
- - ! '>='
|
@@ -44,10 +43,10 @@ dependencies:
|
|
44
43
|
version: '0'
|
45
44
|
type: :development
|
46
45
|
prerelease: false
|
47
|
-
version_requirements: *
|
46
|
+
version_requirements: *8705420
|
48
47
|
- !ruby/object:Gem::Dependency
|
49
48
|
name: easy_captcha
|
50
|
-
requirement: &
|
49
|
+
requirement: &8703760 !ruby/object:Gem::Requirement
|
51
50
|
none: false
|
52
51
|
requirements:
|
53
52
|
- - ! '>='
|
@@ -55,10 +54,10 @@ dependencies:
|
|
55
54
|
version: '0'
|
56
55
|
type: :development
|
57
56
|
prerelease: false
|
58
|
-
version_requirements: *
|
57
|
+
version_requirements: *8703760
|
59
58
|
- !ruby/object:Gem::Dependency
|
60
59
|
name: bundler
|
61
|
-
requirement: &
|
60
|
+
requirement: &8721740 !ruby/object:Gem::Requirement
|
62
61
|
none: false
|
63
62
|
requirements:
|
64
63
|
- - ~>
|
@@ -66,10 +65,10 @@ dependencies:
|
|
66
65
|
version: 1.0.0
|
67
66
|
type: :development
|
68
67
|
prerelease: false
|
69
|
-
version_requirements: *
|
68
|
+
version_requirements: *8721740
|
70
69
|
- !ruby/object:Gem::Dependency
|
71
70
|
name: jeweler
|
72
|
-
requirement: &
|
71
|
+
requirement: &8719720 !ruby/object:Gem::Requirement
|
73
72
|
none: false
|
74
73
|
requirements:
|
75
74
|
- - ~>
|
@@ -77,18 +76,7 @@ dependencies:
|
|
77
76
|
version: 1.5.2
|
78
77
|
type: :development
|
79
78
|
prerelease: false
|
80
|
-
version_requirements: *
|
81
|
-
- !ruby/object:Gem::Dependency
|
82
|
-
name: rcov
|
83
|
-
requirement: &14757260 !ruby/object:Gem::Requirement
|
84
|
-
none: false
|
85
|
-
requirements:
|
86
|
-
- - ! '>='
|
87
|
-
- !ruby/object:Gem::Version
|
88
|
-
version: '0'
|
89
|
-
type: :development
|
90
|
-
prerelease: false
|
91
|
-
version_requirements: *14757260
|
79
|
+
version_requirements: *8719720
|
92
80
|
description: a gem for extend devise for more password security
|
93
81
|
email: team@phatworx.de
|
94
82
|
executables: []
|
@@ -112,10 +100,12 @@ files:
|
|
112
100
|
- lib/devise_security_extension.rb
|
113
101
|
- lib/devise_security_extension/controllers/helpers.rb
|
114
102
|
- lib/devise_security_extension/hooks/password_expirable.rb
|
103
|
+
- lib/devise_security_extension/hooks/session_limitable.rb
|
115
104
|
- lib/devise_security_extension/models/old_password.rb
|
116
105
|
- lib/devise_security_extension/models/password_archivable.rb
|
117
106
|
- lib/devise_security_extension/models/password_expirable.rb
|
118
107
|
- lib/devise_security_extension/models/secure_validatable.rb
|
108
|
+
- lib/devise_security_extension/models/session_limitable.rb
|
119
109
|
- lib/devise_security_extension/orm/active_record.rb
|
120
110
|
- lib/devise_security_extension/patches.rb
|
121
111
|
- lib/devise_security_extension/patches/controller_captcha.rb
|
@@ -125,7 +115,6 @@ files:
|
|
125
115
|
- lib/generators/devise_security_extension/install_generator.rb
|
126
116
|
- test/helper.rb
|
127
117
|
- test/test_devise_security_extension.rb
|
128
|
-
has_rdoc: true
|
129
118
|
homepage: http://github.com/phatworx/devise_security_extension
|
130
119
|
licenses:
|
131
120
|
- MIT
|
@@ -141,7 +130,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
141
130
|
version: '0'
|
142
131
|
segments:
|
143
132
|
- 0
|
144
|
-
hash:
|
133
|
+
hash: -1699892809294021618
|
145
134
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
146
135
|
none: false
|
147
136
|
requirements:
|
@@ -150,7 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
150
139
|
version: '0'
|
151
140
|
requirements: []
|
152
141
|
rubyforge_project:
|
153
|
-
rubygems_version: 1.
|
142
|
+
rubygems_version: 1.8.10
|
154
143
|
signing_key:
|
155
144
|
specification_version: 3
|
156
145
|
summary: an security extension for devise
|