BCrypt has a limit of 72 characters for the password. Anything beyond 72
characters is truncated. This commit updates the validation to limit
passwords to less than 72 characters, keeping within the limitation.
- attr_accessible not set for test user model, making Serializable tests
inaccurate
- Mongoid does not `include_root_in_json` by default, so enable this for
consistency with AR tests
- Mark tests pending for Mongoid < 2.1 that fail there due to known bugs
- Add `:mongoid` key for i18n model labels
- Remove outdated shim of `update_attribute` that caused mass assignment
security to be applied (ugh, that took awhile to find)
The chance of someone to successfully guess a random token in the website is:
(number_of_users / 2388636399360109977557402041718133080829429159844757507642063199359529632522467783435119230976)
