Josh Kalderimis
1054ebd613
AM mass assignment security attr_accessible and attr_protected now allow for scopes using :as => scope eg.
...
attr_accessible :name
attr_accessible :name, :admin, :as => :admin
2011-04-24 09:53:18 +02:00
Aaron Patterson
3e23752236
bcrypt will encrypt anything, so validate_presence_of would not catch nil / blank passwords. Thank you to Aleksander Kamil Modzelewski for reporting this
2011-04-14 14:54:25 -07:00
Tsutomu Kuroda
ad31549ab3
Override attributes_protected_by_default when has_secure_password is called.
...
attr_protected should not be called, because it nullifies the
mass assignment protection that has been set by attr_accessible.
Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
2011-02-09 18:35:15 -02:00
Santiago Pastorino
08ccd29b5b
Remove weak_passwords list and the length/strong password validator, leave that up to the programmer
2010-12-19 15:01:29 -02:00
Mikel Lindsaar
6c217f98db
Add set_weak_passwords call in alignment with set_table_name.
2010-12-19 21:36:47 +11:00
Mikel Lindsaar
a39a333769
Added ability to specify which passwords you want as weak passwords
2010-12-19 20:39:54 +11:00
José Valim
432556b923
Make password messages translatable.
2010-12-19 09:34:31 +01:00
José Valim
d592fa946d
Avoid warnings and fix small typo on SecurePassword.
2010-12-19 09:28:15 +01:00
David Heinemeier Hansson
bd9dc4ff23
BCrypt does its own salting, lovely!
2010-12-18 19:09:07 -08:00
David Heinemeier Hansson
bcf4e4f2b0
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting
2010-12-18 13:38:05 -08:00
