module DeviseSecurityExtension::Controllers::Helpers

Protected Instance Methods

ignore_password_expire?() click to toggle source

allow to overwrite for some special handlings

# File lib/devise_security_extension/controllers/helpers.rb, line 88
def ignore_password_expire?
  false
end

Private Instance Methods

change_password_required_path_for(resource_or_scope = nil) click to toggle source

path for change password

# File lib/devise_security_extension/controllers/helpers.rb, line 73
def change_password_required_path_for(resource_or_scope = nil)
  scope       = Devise::Mapping.find_scope!(resource_or_scope)
  change_path = "#{scope}_password_expired_path"
  send(change_path)
end
handle_paranoid_verification() click to toggle source

lookup if extra (paranoid) code verification is needed

# File lib/devise_security_extension/controllers/helpers.rb, line 49
def handle_paranoid_verification
  return if warden.nil?

  if !devise_controller? && !request.format.nil? && request.format.html?
    Devise.mappings.keys.flatten.any? do |scope|
      if signed_in?(scope) && warden.session(scope)['paranoid_verify']
        session["#{scope}_return_to"] = request.original_fullpath if request.get?
        redirect_for_paranoid_verification scope
        return
      end
    end
  end
end
handle_password_change() click to toggle source

lookup if an password change needed

# File lib/devise_security_extension/controllers/helpers.rb, line 29
def handle_password_change
  return if warden.nil?

  if not devise_controller? and not ignore_password_expire? and not request.format.nil? and request.format.html?
    Devise.mappings.keys.flatten.any? do |scope|
      if signed_in?(scope) and warden.session(scope)['password_expired']
        # re-check to avoid infinite loop if date changed after login attempt
        if send(:"current_#{scope}").try(:need_change_password?)
          session["#{scope}_return_to"] = request.original_fullpath if request.get?
          redirect_for_password_change scope
          return
        else
          warden.session(scope)[:password_expired] = false
        end
      end
    end
  end
end
paranoid_verification_code_path_for(resource_or_scope = nil) click to toggle source
# File lib/devise_security_extension/controllers/helpers.rb, line 79
def paranoid_verification_code_path_for(resource_or_scope = nil)
  scope       = Devise::Mapping.find_scope!(resource_or_scope)
  change_path = "#{scope}_paranoid_verification_code_path"
  send(change_path)
end
redirect_for_paranoid_verification(scope) click to toggle source
# File lib/devise_security_extension/controllers/helpers.rb, line 68
def redirect_for_paranoid_verification(scope)
  redirect_to paranoid_verification_code_path_for(scope), :alert => I18n.t('code_required', {:scope => 'devise.paranoid_verify'})
end
redirect_for_password_change(scope) click to toggle source

redirect for password update with alert message

# File lib/devise_security_extension/controllers/helpers.rb, line 64
def redirect_for_password_change(scope)
  redirect_to change_password_required_path_for(scope), :alert => I18n.t('change_required', {:scope => 'devise.password_expired'})
end