Module: Devise::Models::PasswordArchivable

Extended by:: ActiveSupport::Concern

Defined in:: lib/devise-security/models/password_archivable.rb

Overview

PasswordArchivable

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

#archive_count ⇒ Object
#deny_old_passwords ⇒ Object
#deny_old_passwords=(count) ⇒ Object
#password_archive_included? ⇒ Boolean

validate is the password used in the past.
#password_changed_to_same? ⇒ Boolean
#validate_password_archive ⇒ Object

Instance Method Details

#archive_count ⇒ `Object`



53
54
55

# File 'lib/devise-security/models/password_archivable.rb', line 53

def archive_count
  self.class.password_archiving_count
end

#deny_old_passwords ⇒ `Object`



45
46
47

# File 'lib/devise-security/models/password_archivable.rb', line 45

def deny_old_passwords
  self.class.deny_old_passwords
end

#deny_old_passwords=(count) ⇒ `Object`



49
50
51

# File 'lib/devise-security/models/password_archivable.rb', line 49

def deny_old_passwords=(count)
  self.class.deny_old_passwords = count
end

#password_archive_included? ⇒ `Boolean`

validate is the password used in the past

Returns:

(Boolean)

# File 'lib/devise-security/models/password_archivable.rb', line 18

def password_archive_included?
  unless deny_old_passwords.is_a? 1.class
    if deny_old_passwords.is_a?(TrueClass) && archive_count > 0
      self.deny_old_passwords = archive_count
    else
      self.deny_old_passwords = 0
    end
  end

  if self.class.deny_old_passwords > 0 && !self.password.nil?
    old_passwords_including_cur_change = self.old_passwords.order(:id).reverse_order.limit(self.class.deny_old_passwords).to_a
    old_passwords_including_cur_change << OldPassword.new(old_password_params)  # include most recent change in list, but don't save it yet!
    old_passwords_including_cur_change.each do |old_password|
      dummy                    = self.class.new
      dummy.encrypted_password = old_password.encrypted_password
      return true if dummy.valid_password?(password)
    end
  end

  false
end

#password_changed_to_same? ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/devise-security/models/password_archivable.rb', line 40

def password_changed_to_same?
  pass_change = encrypted_password_change
  pass_change && pass_change.first == pass_change.last
end

#validate_password_archive ⇒ `Object`



13
14
15

# File 'lib/devise-security/models/password_archivable.rb', line 13

def validate_password_archive
  errors.add(:password, :taken_in_past) if encrypted_password_changed? && password_archive_included?
end

Module: Devise::Models::PasswordArchivable

Overview

Defined Under Namespace

Instance Method Summary collapse

Instance Method Details

#archive_count ⇒ Object

#deny_old_passwords ⇒ Object

#deny_old_passwords=(count) ⇒ Object

#password_archive_included? ⇒ Boolean

#password_changed_to_same? ⇒ Boolean

#validate_password_archive ⇒ Object

#archive_count ⇒ `Object`

#deny_old_passwords ⇒ `Object`

#deny_old_passwords=(count) ⇒ `Object`

#password_archive_included? ⇒ `Boolean`

#password_changed_to_same? ⇒ `Boolean`

#validate_password_archive ⇒ `Object`