Module: Devise::Models::PasswordArchivable
- Extended by:
- ActiveSupport::Concern
- Includes:
- Compatibility, DatabaseAuthenticatable
- Defined in:
- lib/devise-security/models/password_archivable.rb
Overview
PasswordArchivable, this depends on the DatabaseAuthenticatable module from devise
Defined Under Namespace
Modules: ClassMethods
Instance Method Summary collapse
- #archive_count ⇒ Object
- #deny_old_passwords ⇒ Object
- #deny_old_passwords=(count) ⇒ Object
-
#max_old_passwords ⇒ Integer
Max number of old passwords to store and check.
-
#password_archive_included? ⇒ true, false
validate is the password used in the past.
- #validate_password_archive ⇒ Object
Instance Method Details
#archive_count ⇒ Object
62 63 64 |
# File 'lib/devise-security/models/password_archivable.rb', line 62 def archive_count self.class.password_archiving_count end |
#deny_old_passwords ⇒ Object
54 55 56 |
# File 'lib/devise-security/models/password_archivable.rb', line 54 def deny_old_passwords self.class.deny_old_passwords end |
#deny_old_passwords=(count) ⇒ Object
58 59 60 |
# File 'lib/devise-security/models/password_archivable.rb', line 58 def deny_old_passwords=(count) self.class.deny_old_passwords = count end |
#max_old_passwords ⇒ Integer
Returns max number of old passwords to store and check.
27 28 29 30 31 32 33 34 35 36 |
# File 'lib/devise-security/models/password_archivable.rb', line 27 def max_old_passwords case deny_old_passwords when true [1, archive_count].max when false 0 else deny_old_passwords.to_i end end |
#password_archive_included? ⇒ true, false
validate is the password used in the past
41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/devise-security/models/password_archivable.rb', line 41 def password_archive_included? return false unless max_old_passwords.positive? old_passwords_including_cur_change = old_passwords.order(created_at: :desc).limit(max_old_passwords).pluck(:encrypted_password) old_passwords_including_cur_change << encrypted_password_was # include most recent change in list, but don't save it yet! old_passwords_including_cur_change.any? do |old_password| # NOTE: we deliberately do not do mass assignment here so that users that # rely on `protected_attributes_continued` gem can still use this extension. # See issue #68 self.class.new.tap { |object| object.encrypted_password = old_password }.valid_password?(password) end end |
#validate_password_archive ⇒ Object
22 23 24 |
# File 'lib/devise-security/models/password_archivable.rb', line 22 def validate_password_archive errors.add(:password, :taken_in_past) if will_save_change_to_encrypted_password? && password_archive_included? end |