diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2010-12-19 14:58:14 -0200 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2010-12-19 15:01:29 -0200 |
commit | 08ccd29b5b1e3badc2176a8036fea138b774c38f (patch) | |
tree | 9cda3f80b5cad5d6cb525dffcf38bc1c6de17e72 /activemodel/lib | |
parent | 37e643120a5f4ba9fa15b74d6f489f7a0bb66c0d (diff) | |
download | rails-08ccd29b5b1e3badc2176a8036fea138b774c38f.tar.gz rails-08ccd29b5b1e3badc2176a8036fea138b774c38f.tar.bz2 rails-08ccd29b5b1e3badc2176a8036fea138b774c38f.zip |
Remove weak_passwords list and the length/strong password validator, leave that up to the programmer
Diffstat (limited to 'activemodel/lib')
-rw-r--r-- | activemodel/lib/active_model/locale/en.yml | 4 | ||||
-rw-r--r-- | activemodel/lib/active_model/secure_password.rb | 37 |
2 files changed, 6 insertions, 35 deletions
diff --git a/activemodel/lib/active_model/locale/en.yml b/activemodel/lib/active_model/locale/en.yml index 4a27355c6c..44425b4a28 100644 --- a/activemodel/lib/active_model/locale/en.yml +++ b/activemodel/lib/active_model/locale/en.yml @@ -25,7 +25,3 @@ en: less_than_or_equal_to: "must be less than or equal to %{count}" odd: "must be odd" even: "must be even" - - attributes: - password: - insecure: "is too weak and common" diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index 8da08f34ec..f4411cde80 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -1,22 +1,16 @@ -require 'active_support/core_ext/object/blank' -require 'active_support/core_ext/class/attribute' +require 'active_support/concern' require 'bcrypt' module ActiveModel module SecurePassword extend ActiveSupport::Concern - included do - class_attribute :weak_passwords - self.weak_passwords = %w( password qwerty 123456 ) - end - module ClassMethods # Adds methods to set and authenticate against a BCrypt password. # This mechanism requires you to have a password_digest attribute. # - # Validations for presence of password, confirmation of password (using a "password_confirmation" attribute), - # and strength of password (at least 6 chars, not "password", etc) are automatically added. + # Validations for presence of password, confirmation of password (using + # a "password_confirmation" attribute) are automatically added. # You can add more validations by hand if need be. # # Example using Active Record (which automatically includes ActiveModel::SecurePassword): @@ -26,8 +20,8 @@ module ActiveModel # has_secure_password # end # - # user = User.new(:name => "david", :password => "secret", :password_confirmation => "nomatch") - # user.save # => false, password not long enough + # user = User.new(:name => "david", :password => "", :password_confirmation => "nomatch") + # user.save # => false, password required # user.password = "mUc3m00RsqyRe" # user.save # => false, confirmation doesn't match # user.password_confirmation = "mUc3m00RsqyRe" @@ -44,16 +38,6 @@ module ActiveModel validates_confirmation_of :password validates_presence_of :password_digest - validate :password_must_be_strong - end - - # Specify the weak passwords to be used in the model: - # - # class User - # set_weak_passwords %w( password qwerty 123456 mypass ) - # end - def set_weak_passwords(values) - self.weak_passwords = values end end @@ -71,14 +55,5 @@ module ActiveModel @password = unencrypted_password self.password_digest = BCrypt::Password.create(unencrypted_password) end - - private - - def password_must_be_strong - if password.present? - errors.add(:password, :too_short, :count => 7) unless password.size > 6 - errors.add(:password, :insecure) if self.class.weak_passwords.include?(password) - end - end end -end
\ No newline at end of file +end |