Module: Devise::Models::SecureValidatable

Defined in:: lib/devise_security_extension/models/secure_validatable.rb

Overview

SecureValidatable creates better validations with more validation for security

Options

SecureValidatable adds the following options to devise_for:

* +email_regexp+: the regular expression used to validate e-mails;
* +password_length+: a range expressing password length. Defaults from devise
* +password_regex+: need strong password. Defaults to /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Instance Method Summary collapse

#current_equal_password_validation ⇒ Object

Class Method Details

.assert_secure_validations_api!(base) ⇒ `Object`

:nodoc:



38
39
40

# File 'lib/devise_security_extension/models/secure_validatable.rb', line 38

def self.assert_secure_validations_api!(base) #:nodoc:
  raise "Could not use SecureValidatable on #{base}" unless base.respond_to?(:validates)
end

.included(base) ⇒ `Object`

# File 'lib/devise_security_extension/models/secure_validatable.rb', line 17

def self.included(base)
  base.extend ClassMethods
  assert_secure_validations_api!(base)

  base.class_eval do

    # uniq login
    validates authentication_keys[0], :uniqueness => {:scope => authentication_keys[1..-1]} #, :case_sensitive => case_insensitive_keys.exclude?(authentication_keys[0])

    # validates email
    validates :email, :presence => true, :if => :email_required?
    validates :email, :email => true # use rails_email_validator

    # validates password
    validates :password, :presence => true, :length => password_length, :format => password_regex, :confirmation => true, :if => :password_required?

    # don't allow use same password
    validate :current_equal_password_validation
  end
end

Instance Method Details

#current_equal_password_validation ⇒ `Object`

# File 'lib/devise_security_extension/models/secure_validatable.rb', line 42

def current_equal_password_validation
  unless self.encrypted_password_change.nil?
    dummy = self.class.new
    dummy.encrypted_password = self.encrypted_password_change.first
    dummy.password_salt = self.password_salt_change.first if self.respond_to?(:password_salt_change)
    self.errors.add(:password, :equal_to_current_password) if dummy.valid_password?(self.password)
  end
end

Module: Devise::Models::SecureValidatable

Overview

Options

Defined Under Namespace

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.assert_secure_validations_api!(base) ⇒ Object

.included(base) ⇒ Object

Instance Method Details

#current_equal_password_validation ⇒ Object

.assert_secure_validations_api!(base) ⇒ `Object`

.included(base) ⇒ `Object`

#current_equal_password_validation ⇒ `Object`