Changeset 451

Show
Ignore:
Timestamp:
08/25/06 03:07:49 (2 years ago)
Author:
snowblink
Message:

Ticket #213: Passwords cannot match the last n passwords

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • login_engine/trunk/README

    r446 r451  
    240240+password_minimum+:: Set your minimum password length. 
    241241                     Defaults to 5. 
     242+password_expiry+:: Number of days until passwords expire. 
     243                    0 means never expire. 
     244                    Defaults to 0 
     245+password_recyclable_after+:: Cannot reuse the last n passwords. 
     246                              Defaults to 0 
    242247 
    243248== Overriding controllers and views 

  • login_engine/trunk/lib/login_engine.rb

    r449 r451  
    6161  # 0 means it will not expire 
    6262  config :password_expiry, 0 
     63 
     64  # password cannot be one of the last n passwords 
     65  # specify here n 
     66  # 0 means there is no limit 
     67  config :password_recyclable_after, 0 
    6368   
    6469  # controls whether or not email is used 

  • login_engine/trunk/lib/login_engine/authenticated_user.rb

    r449 r451  
    2727        validates_length_of :password, { :maximum => 40, :if => :validate_password? } 
    2828   
     29        validates_each :password, {:if => :validate_password? } do |record, attr, value| 
     30          if LoginEngine.config(:password_recyclable_after) > 0 && record.passwords[0, LoginEngine.config(:password_recyclable_after)].any?{|p| p.salted_password == AuthenticatedUser.salted_password(p.salt, AuthenticatedUser.hashed(value)) } 
     31            record.errors.add attr, "You cannot reuse any of the last #{LoginEngine.config(:password_recyclable_after)} passwords" 
     32          end 
     33        end 
     34       
    2935        protected  
    3036       
     
    5662        u 
    5763      end 
    58        
     64 
    5965    end 
    6066   

  • login_engine/trunk/test/functional/user_controller_test.rb

    r450 r451  
    435435  def test_forgot_password 
    436436    LoginEngine::CONFIG[:use_email_notification] = true 
     437    LoginEngine::CONFIG[:password_recyclable_after] = 0 
    437438 
    438439    do_forgot_password(false, false, false) 

  • login_engine/trunk/test/unit/user_test.rb

    r449 r451  
    148148    u.passwords.first.save 
    149149    assert u.password_expired?, "Password should have expired" 
    150      
    151      
    152150  end 
     151 
     152  def test_should_not_be_able_to_change_password_to_any_of_the_last_n_passwords 
     153    require 'pp' 
     154    LoginEngine::CONFIG[:password_recyclable_after] = 4 
     155 
     156    u = User.new 
     157    u.login = 'bob_changer' 
     158    u.email = 'bob_changer@email.com' 
     159    u.change_password('password') 
     160    assert u.save 
     161    u.reload 
     162 
     163    u.change_password('password') 
     164    assert !u.save, "Password saved even though it was not recyclable yet" 
     165 
     166    1.upto(10) do |i| 
     167      if i < LoginEngine::config(:password_recyclable_after) 
     168        u.change_password('password') 
     169        assert !u.save, "Password saved #{i} even though it was not recyclable yet" 
     170        assert_match /cannot reuse/, u.errors[:password] 
     171      else 
     172        u.change_password("password#{i}") 
     173        assert u.save, "Password not saved" 
     174      end 
     175    end 
     176 
     177 
     178 
     179  end 
     180 
    153181end