Module: Devise::Models::PasswordArchivable

Extended by:

ActiveSupport::Concern

Includes:

Compatibility, DatabaseAuthenticatable

Defined in:

lib/devise-security/models/password_archivable.rb

Overview

PasswordArchivable, this depends on the DatabaseAuthenticatable module from devise

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary

• #archive_count ⇒ Object
• #deny_old_passwords ⇒ Object
• #deny_old_passwords=(count) ⇒ Object
• #max_old_passwords ⇒ Integer

  Max number of old passwords to store and check.

• #password_archive_included? ⇒ true, false

  validate is the password used in the past.

• #validate_password_archive ⇒ Object

Methods included from Compatibility

#encrypted_password_before_last_save, #saved_change_to_encrypted_password?, #will_save_change_to_encrypted_password?

Instance Method Details

#archive_count ⇒ Object

# File 'lib/devise-security/models/password_archivable.rb', line 57

def archive_count
  self.class.password_archiving_count
end

#deny_old_passwords ⇒ Object

# File 'lib/devise-security/models/password_archivable.rb', line 49

def deny_old_passwords
  self.class.deny_old_passwords
end

#deny_old_passwords=(count) ⇒ Object

# File 'lib/devise-security/models/password_archivable.rb', line 53

def deny_old_passwords=(count)
  self.class.deny_old_passwords = count
end

#max_old_passwords ⇒ Integer

Returns max number of old passwords to store and check.

Returns:

• (Integer) —

  max number of old passwords to store and check

# File 'lib/devise-security/models/password_archivable.rb', line 26

def max_old_passwords
  case deny_old_passwords
  when true
    [1, archive_count].max
  when false
    0
  else
    deny_old_passwords.to_i
  end
end

#password_archive_included? ⇒ true, false

validate is the password used in the past

Returns:

• (true) —

  if current password was used previously

• (false) —

  if disabled or not previously used

# File 'lib/devise-security/models/password_archivable.rb', line 40

def password_archive_included?
  return false unless max_old_passwords > 0
  old_passwords_including_cur_change = old_passwords.order(:id).reverse_order.limit(max_old_passwords).pluck(:encrypted_password)
  old_passwords_including_cur_change << encrypted_password_was # include most recent change in list, but don't save it yet!
  old_passwords_including_cur_change.any? do |old_password|
    self.class.new(encrypted_password: old_password).valid_password?(password)
  end
end

#validate_password_archive ⇒ Object

# File 'lib/devise-security/models/password_archivable.rb', line 21

def validate_password_archive
  errors.add(:password, :taken_in_past) if will_save_change_to_encrypted_password? && password_archive_included?
end