Module: Devise::Models::PasswordArchivable
- Extended by:
- ActiveSupport::Concern
- Includes:
- Compatibility, DatabaseAuthenticatable
- Defined in:
- lib/devise-security/models/password_archivable.rb
Overview
PasswordArchivable, this depends on the DatabaseAuthenticatable module from devise
Defined Under Namespace
Modules: ClassMethods
Instance Method Summary collapse
- #archive_count ⇒ Object
- #deny_old_passwords ⇒ Object
- #deny_old_passwords=(count) ⇒ Object
-
#max_old_passwords ⇒ Integer
Max number of old passwords to store and check.
-
#password_archive_included? ⇒ true, false
validate is the password used in the past.
- #validate_password_archive ⇒ Object
Methods included from Compatibility
#encrypted_password_before_last_save, #saved_change_to_encrypted_password?, #will_save_change_to_encrypted_password?
Instance Method Details
#archive_count ⇒ Object
57 58 59 |
# File 'lib/devise-security/models/password_archivable.rb', line 57 def archive_count self.class.password_archiving_count end |
#deny_old_passwords ⇒ Object
49 50 51 |
# File 'lib/devise-security/models/password_archivable.rb', line 49 def deny_old_passwords self.class.deny_old_passwords end |
#deny_old_passwords=(count) ⇒ Object
53 54 55 |
# File 'lib/devise-security/models/password_archivable.rb', line 53 def deny_old_passwords=(count) self.class.deny_old_passwords = count end |
#max_old_passwords ⇒ Integer
Returns max number of old passwords to store and check.
26 27 28 29 30 31 32 33 34 35 |
# File 'lib/devise-security/models/password_archivable.rb', line 26 def max_old_passwords case deny_old_passwords when true [1, archive_count].max when false 0 else deny_old_passwords.to_i end end |
#password_archive_included? ⇒ true, false
validate is the password used in the past
40 41 42 43 44 45 46 47 |
# File 'lib/devise-security/models/password_archivable.rb', line 40 def password_archive_included? return false unless max_old_passwords > 0 old_passwords_including_cur_change = old_passwords.order(:id).reverse_order.limit(max_old_passwords).pluck(:encrypted_password) old_passwords_including_cur_change << encrypted_password_was # include most recent change in list, but don't save it yet! old_passwords_including_cur_change.any? do |old_password| self.class.new(encrypted_password: old_password).valid_password?(password) end end |
#validate_password_archive ⇒ Object
21 22 23 |
# File 'lib/devise-security/models/password_archivable.rb', line 21 def validate_password_archive errors.add(:password, :taken_in_past) if will_save_change_to_encrypted_password? && password_archive_included? end |