kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
36244 commits 72 branches 493 tags 355 MiB
Commit graph

19 commits

Author SHA1 Message Date
Yves Senn
8c1687bbf8 has_secure_password is not invalid when assigning empty Strings. 
Closes #9535.

With 692b3b6 the `password=` setter does no longer set blank passwords.
This triggered validation errors when assigning empty Strings to `password`
and `password_confirmation`.

This patch only sets the confirmation if it is not `blank?`.
 2013-03-04 18:56:05 +01:00
Carlos Antonio da Silva
c2c1ecb05e Use secure password min cost option in its own tests for a speed up 
Around 0.564359s => 0.092244s speed up in my machine.
 2012-11-21 19:34:55 -02:00
Trevor Turk
06faa6da80 Use BCrypt's MIN_COST in the test environment for speedier tests 2012-11-14 09:42:54 -06:00
dfens
ab9140ff02 Cleanup trailing whitespaces 2012-10-12 09:56:39 +02:00
Guillermo Iguaran
f8c9a4d3e8 Remove MassAssignmentSecurity from ActiveModel 
This will be moved out to protected_attributes gem
 2012-09-16 23:58:19 -05:00
Robby Grossman
ad7f9cdf00 has_secure_password should not raise a 'digest missing' error if the calling class has specified for validations to be skipped. 2012-07-31 16:16:21 -04:00
Erich Menge
f021377358 Updated tests for has_secure_password. 2012-05-08 18:08:55 -05:00
Oscar Del Ben
692b3b6b6a Fix secure_password setter 2012-04-24 19:16:01 +02:00
Vijay Dev
8dffc62a9b use variables from test setup 2011-10-17 19:15:24 +05:30
Josh Kalderimis
1054ebd613 AM mass assignment security attr_accessible and attr_protected now allow for scopes using :as => scope eg. 
attr_accessible :name
    attr_accessible :name, :admin, :as => :admin
 2011-04-24 09:53:18 +02:00
Aaron Patterson
3e23752236 bcrypt will encrypt anything, so validate_presence_of would not catch nil / blank passwords. Thank you to Aleksander Kamil Modzelewski for reporting this 2011-04-14 14:54:25 -07:00
Tsutomu Kuroda
ad31549ab3 Override attributes_protected_by_default when has_secure_password is called. 
attr_protected should not be called, because it nullifies the
mass assignment protection that has been set by attr_accessible.

Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
 2011-02-09 18:35:15 -02:00
Santiago Pastorino
08ccd29b5b Remove weak_passwords list and the length/strong password validator, leave that up to the programmer 2010-12-19 15:01:29 -02:00
Mikel Lindsaar
6c217f98db Add set_weak_passwords call in alignment with set_table_name. 2010-12-19 21:36:47 +11:00
Mikel Lindsaar
a39a333769 Added ability to specify which passwords you want as weak passwords 2010-12-19 20:39:54 +11:00
José Valim
432556b923 Make password messages translatable. 2010-12-19 09:34:31 +01:00
José Valim
d592fa946d Avoid warnings and fix small typo on SecurePassword. 2010-12-19 09:28:15 +01:00
David Heinemeier Hansson
bd9dc4ff23 BCrypt does its own salting, lovely! 2010-12-18 19:09:07 -08:00
David Heinemeier Hansson
bcf4e4f2b0 Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 13:38:05 -08:00