devise_zxcvbn 0.0.1 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +11 -3
- data/devise_zxcvbn.gemspec +1 -1
- data/lib/devise_zxcvbn.rb +18 -1
- data/lib/devise_zxcvbn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 791b541aa154d0db414fe1bca70493812f8ade6a
|
|
4
|
+
data.tar.gz: 6e4b67dcfdb05334fcd0bc7363e39226fd49cec1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f1d1fe199f8bbd077a31d34ad57c0db6fdef89a71c16082d41f8adea48eaf961ce491c93265f0441a8dace87f5a4bdd2f420e1b6287f7539c3953ad64a427f44
|
|
7
|
+
data.tar.gz: c5a5483ade3b0b88bdcabf8925f0af0cc22b9c8c9d414104a203cff65d853fabf0c55221e8eae3a0b33c000d2f4a226a5ba51b5d21cfe046b27829be72f6b710
|
data/README.md
CHANGED
|
@@ -1,8 +1,12 @@
|
|
|
1
1
|
# devise_zxcvbn
|
|
2
2
|
|
|
3
|
+
[](http://badge.fury.io/rb/devise_zxcvbn)
|
|
4
|
+
|
|
3
5
|
Plugin for devise to reject weak passwords, using [zxcvbn-ruby](https://github.com/envato/zxcvbn-ruby) which is a ruby port of [zxcvbn: realistic password strength estimation](https://tech.dropbox.com/2012/04/zxcvbn-realistic-password-strength-estimation/).
|
|
4
6
|
The user's password will be rejected if the score is below 4 by default. It also uses the email as user input to zxcvbn, to downscore passwords containing the email.
|
|
5
7
|
|
|
8
|
+
The scores 0, 1, 2, 3 or 4 are given when the estimated crack time (seconds) is less than 10**2, 10**4, 10**6, 10**8, Infinity.
|
|
9
|
+
|
|
6
10
|
## Installation
|
|
7
11
|
|
|
8
12
|
Add this line to your application's Gemfile:
|
|
@@ -16,19 +20,23 @@ Add this line to your application's Gemfile:
|
|
|
16
20
|
devise :database_authenticatable, :zxcvbnable
|
|
17
21
|
end
|
|
18
22
|
|
|
19
|
-
Default parameters
|
|
23
|
+
### Default parameters
|
|
24
|
+
|
|
25
|
+
A score of less than 3 is not recommended.
|
|
20
26
|
|
|
21
27
|
Devise.setup do |config|
|
|
22
|
-
config.min_password_score = 4
|
|
28
|
+
config.min_password_score = 4
|
|
23
29
|
end
|
|
24
30
|
|
|
25
31
|
### Error Message
|
|
26
32
|
|
|
33
|
+
Example error message, the `score` and `min_password_score` variables are also passed through if you need them.
|
|
34
|
+
|
|
27
35
|
# config/locale/devise.en.yml
|
|
28
36
|
en:
|
|
29
37
|
errors:
|
|
30
38
|
messages:
|
|
31
|
-
weak_password: "not strong enough.
|
|
39
|
+
weak_password: "not strong enough. Consider adding a number, symbols or more letters to make it stronger"
|
|
32
40
|
|
|
33
41
|
|
|
34
42
|
## Contributing
|
data/devise_zxcvbn.gemspec
CHANGED
|
@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
|
|
|
10
10
|
spec.email = ["matt@bitzesty.com"]
|
|
11
11
|
spec.description = %q{It adds password strength checking via ruby-zxcvbn to reject weak passwords }
|
|
12
12
|
spec.summary = %q{Devise plugin to reject weak passwords}
|
|
13
|
-
spec.homepage = ""
|
|
13
|
+
spec.homepage = "https://github.com/bitzesty/devise_zxcvbn"
|
|
14
14
|
spec.license = "MIT"
|
|
15
15
|
|
|
16
16
|
spec.files = `git ls-files`.split($/)
|
data/lib/devise_zxcvbn.rb
CHANGED
|
@@ -3,8 +3,25 @@ require "devise"
|
|
|
3
3
|
require "zxcvbn"
|
|
4
4
|
|
|
5
5
|
module Devise
|
|
6
|
-
|
|
6
|
+
|
|
7
7
|
@@min_password_score = 4
|
|
8
|
+
|
|
9
|
+
def self.min_password_score
|
|
10
|
+
@@min_password_score
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def self.min_password_score=(score)
|
|
14
|
+
if score.is_a?(Integer) && (score >= 0 && score <=4)
|
|
15
|
+
if score >= 3
|
|
16
|
+
@@min_password_score = score
|
|
17
|
+
else
|
|
18
|
+
::Rails.logger.warn "[devise_zxcvbn] A score of less than 3 is not recommended."
|
|
19
|
+
@@min_password_score = score
|
|
20
|
+
end
|
|
21
|
+
else
|
|
22
|
+
raise "The min_password_score must be an integer and between 0..4"
|
|
23
|
+
end
|
|
24
|
+
end
|
|
8
25
|
end
|
|
9
26
|
|
|
10
27
|
Devise.add_module :zxcvbnable, :model => "devise_zxcvbn/model"
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_zxcvbn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matthew Ford
|
|
@@ -82,7 +82,7 @@ files:
|
|
|
82
82
|
- lib/devise_zxcvbn.rb
|
|
83
83
|
- lib/devise_zxcvbn/model.rb
|
|
84
84
|
- lib/devise_zxcvbn/version.rb
|
|
85
|
-
homepage:
|
|
85
|
+
homepage: https://github.com/bitzesty/devise_zxcvbn
|
|
86
86
|
licenses:
|
|
87
87
|
- MIT
|
|
88
88
|
metadata: {}
|