Refactor Password Expireable #45
Conversation
| return @enabled if defined?(@enabled) | ||
| @enabled = expire_password_after.is_a?(1.class) || | ||
| expire_password_after.is_a?(Float) || | ||
| expire_password_after == true |
There was a problem hiding this comment.
Seems like you can use expire_on_demand? here
|
|
||
| self.password_changed_at | ||
| return unless enabled? | ||
| self.password_changed_at = nil |
There was a problem hiding this comment.
Seems like this is a logic change from the original, not just cleaning up CC. Is that intentional?
There was a problem hiding this comment.
This is a slightly different implementation. The original would make up a fake time that would cause the record to appear as if it needed to be changed. I didn't particularly care for that because it makes it look like the user changed their password at a time when they really didn't and it makes it impossible to distinguish between an administrative expiration of the password and a real one. Just setting the password_changed_at to nil has the same effect and it's possible to tell that the password was deliberately expired because that is the only way to get a nil in that column.
There was a problem hiding this comment.
Sounds good, we'll just want to make sure do a release that indicates there's a change here.
| else | ||
| # Expire when password_changed_at is nil or when the last time the | ||
| # password was changed is sufficiently old | ||
| password_changed_at.nil? || password_changed_at < expire_password_after.seconds.ago |
There was a problem hiding this comment.
Possibly extract this line into a private method to address the CC issue? It's borderline to me.
Pull Request Test Coverage Report for Build 149
💛 - Coveralls |
|
+1 on someone to review |
| @@ -1,5 +1,5 @@ | |||
| AllCops: | |||
| TargetRubyVersion: 2.3 | |||
| TargetRubyVersion: 2.2 | |||
There was a problem hiding this comment.
we claim to support 2.2, but rubocop was looking for 2.3 syntax.
There was a problem hiding this comment.
| ```erb | ||
| <p><%= captcha_tag %></p> | ||
| <p><%= text_field_tag :captcha %></p> | ||
| ``` | ||
|
|
||
| ## Schema | ||
|
|
||
| Note: Unlike Devise, devise-security does not currently support mongoid. Pull requests are welcome! | ||
| Note: Unlike Devise, devise-security does not currently support mongoid. Pull requests are welcome! |
There was a problem hiding this comment.
I'd like to remove the Pull requests are welcome! given that we've discussed on an issue recently about that being pretty complicated.
There was a problem hiding this comment.
This is just a reformatting, if we want to remove that line, I suggest a new PR.
| alias expire_password need_change_password | ||
| alias request_password_change need_change_password | ||
|
|
||
| # Set this value to a number of seconds to have passwords expire after a time |
There was a problem hiding this comment.
This comment is a little confusing because it's not a setter.
| # without a time limit. | ||
| # @return [Numeric, Boolean] | ||
| def expire_password_after | ||
| self.class.expire_password_after |
There was a problem hiding this comment.
Is this something you can use delegate for?
| end | ||
| # Enabled if configuration +expire_password_after+ is set to an {Integer}, {Float}, or {true} | ||
| def password_expiration_enabled? | ||
| expire_password_after.present? && |
There was a problem hiding this comment.
`` expire_password_after.present?is already part ofexpire_password_on_demand?`
test/test_helper.rb
Outdated
| Coveralls.wear! | ||
| SimpleCov.start do | ||
| add_filter 'gemfiles' | ||
| add_filter 'test' |
There was a problem hiding this comment.
If possible I like to only restrict certain files vs all of test, because simplecov will catch dead test code.
…y#47) * update default ruby version * add codeclimate config
olbrich
force-pushed
the
issue-44-deprecation-warning
branch
from
36b6e91 to
b5bf3e6
Compare
|
@devise-security/maintainers how about a new code review? |
.codeclimate.yml
Outdated
| - "**/tests/" | ||
| - "**/vendor/" | ||
| - "**/*.d.ts" | ||
| - "gemfiles/" |
.gitignore
Outdated
| @@ -38,4 +38,5 @@ test/tmp/* | |||
| *.gem | |||
| Gemfile.lock | |||
| *.lock | |||
| bin/ | |||
| bin/* | |||
| .yardoc | |||
Mostly this is a cleanup of the password expireable code that was started in part because of #44. I haven't yet been able to replicate the original issue, but it seemed like a good excuse to clean up some older code.