Module: Devise::Models::PasswordArchivable

Extended by:
ActiveSupport::Concern
Defined in:
lib/devise_security_extension/models/password_archivable.rb

Overview

PasswordArchivable

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Instance Method Details

#password_archive_included?Boolean

validate is the password used in the past

Returns:

  • (Boolean)


19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# File 'lib/devise_security_extension/models/password_archivable.rb', line 19

def password_archive_included?
  unless self.class.deny_old_passwords.is_a? Fixnum
    if self.class.deny_old_passwords.is_a? TrueClass and archive_count > 0
      self.class.deny_old_passwords = archive_count
    else
      self.class.deny_old_passwords = 0
    end
  end

  if self.class.deny_old_passwords > 0 and not self.password.nil?
    old_passwords_including_cur_change = self.old_passwords.order(:id).reverse_order.limit(self.class.deny_old_passwords)
    old_passwords_including_cur_change << OldPassword.new(old_password_params)  # include most recent change in list, but don't save it yet!
    old_passwords_including_cur_change.each do |old_password|
      dummy                    = self.class.new
      dummy.encrypted_password = old_password.encrypted_password
      return true if dummy.valid_password?(self.password)
    end
  end

  false
end

#password_changed_to_same?Boolean

Returns:

  • (Boolean)


41
42
43
44
# File 'lib/devise_security_extension/models/password_archivable.rb', line 41

def password_changed_to_same?
  pass_change = encrypted_password_change
  pass_change && pass_change.first == pass_change.last
end

#validate_password_archiveObject



14
15
16
# File 'lib/devise_security_extension/models/password_archivable.rb', line 14

def validate_password_archive
  self.errors.add(:password, :taken_in_past) if encrypted_password_changed? and password_archive_included?
end