module Devise::Models::PasswordArchivable
Public Instance Methods
password_archive_included?()
click to toggle source
validate is the password used in the past
# File lib/devise_security_extension/models/password_archivable.rb, line 19 def password_archive_included? unless self.class.deny_old_passwords.is_a? Fixnum if self.class.deny_old_passwords.is_a? TrueClass and archive_count > 0 self.class.deny_old_passwords = archive_count else self.class.deny_old_passwords = 0 end end if self.class.deny_old_passwords > 0 and not self.password.nil? old_passwords_including_cur_change = self.old_passwords.order(:id).reverse_order.limit(self.class.deny_old_passwords) old_passwords_including_cur_change << OldPassword.new(old_password_params) # include most recent change in list, but don't save it yet! old_passwords_including_cur_change.each do |old_password| dummy = self.class.new dummy.encrypted_password = old_password.encrypted_password return true if dummy.valid_password?(self.password) end end false end
password_changed_to_same?()
click to toggle source
# File lib/devise_security_extension/models/password_archivable.rb, line 41 def password_changed_to_same? pass_change = encrypted_password_change pass_change && pass_change.first == pass_change.last end
validate_password_archive()
click to toggle source
# File lib/devise_security_extension/models/password_archivable.rb, line 14 def validate_password_archive self.errors.add(:password, :taken_in_past) if encrypted_password_changed? and password_archive_included? end
Private Instance Methods
archive_count()
click to toggle source
# File lib/devise_security_extension/models/password_archivable.rb, line 48 def archive_count self.class.password_archiving_count end
archive_password()
click to toggle source
archive the last password before save and delete all to old passwords from archive
# File lib/devise_security_extension/models/password_archivable.rb, line 53 def archive_password if self.encrypted_password_changed? if archive_count.to_i > 0 self.old_passwords.create! old_password_params self.old_passwords.order(:id).reverse_order.offset(archive_count).destroy_all else self.old_passwords.destroy_all end end end
old_password_params()
click to toggle source
# File lib/devise_security_extension/models/password_archivable.rb, line 64 def old_password_params { encrypted_password: self.encrypted_password_change.first } end