76 lines
2.4 KiB
Ruby
76 lines
2.4 KiB
Ruby
Devise.setup do |config|
|
|
# ==> Security Extension
|
|
# Configure security extension for devise
|
|
|
|
# Should the password expire (e.g 3.months)
|
|
config.expire_password_after = 1.year
|
|
|
|
# Need 1 char each of: A-Z, a-z, 0-9, and a punctuation mark or symbol
|
|
# You may use "digits" in place of "digit" and "symbols" in place of
|
|
# "symbol" based on your preference
|
|
config.password_complexity = { digit: 0, lower: 0, symbol: 0, upper: 0 } # Overwritten in User model
|
|
|
|
# How many passwords to keep in archive
|
|
# config.password_archiving_count = 5
|
|
|
|
# Deny old passwords (true, false, number_of_old_passwords_to_check)
|
|
# Examples:
|
|
# config.deny_old_passwords = false # allow old passwords
|
|
# config.deny_old_passwords = true # will deny all the old passwords
|
|
# config.deny_old_passwords = 3 # will deny new passwords that matches with the last 3 passwords
|
|
|
|
# enable email validation for :secure_validatable. (true, false, validation_options)
|
|
# dependency: see https://github.com/devise-security/devise-security/blob/master/README.md#e-mail-validation
|
|
config.email_validation = false
|
|
|
|
# captcha integration for recover form
|
|
# config.captcha_for_recover = true
|
|
|
|
# captcha integration for sign up form
|
|
# config.captcha_for_sign_up = true
|
|
|
|
# captcha integration for sign in form
|
|
# config.captcha_for_sign_in = true
|
|
|
|
# captcha integration for unlock form
|
|
# config.captcha_for_unlock = true
|
|
|
|
# captcha integration for confirmation form
|
|
# config.captcha_for_confirmation = true
|
|
|
|
# Time period for account expiry from last_activity_at
|
|
# config.expire_after = 90.days
|
|
|
|
# Allow password to equal the email
|
|
config.allow_passwords_equal_to_email = true
|
|
end
|
|
|
|
module Devise
|
|
module Models
|
|
module PasswordExpirable
|
|
def need_change_password?
|
|
administrator? && password_expired?
|
|
end
|
|
|
|
def password_expired?
|
|
password_changed_at < expire_password_after.ago
|
|
end
|
|
end
|
|
|
|
module SecureValidatable
|
|
def current_equal_password_validation
|
|
if !new_record? && !encrypted_password_change.nil? && !erased?
|
|
dummy = self.class.new
|
|
dummy.encrypted_password = encrypted_password_change.first
|
|
|
|
if respond_to?(:password_salt_change) && !password_salt_change.nil?
|
|
dummy.password_salt = password_salt_change.first
|
|
end
|
|
|
|
errors.add(:password, :equal_to_current_password) if dummy.valid_password?(password)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|