Update Devise configuration after update to 3.5.1

The most notable change is the reduction of the maximum length of the
passwords. See Devise's CHANGELOG.md for more information:

https://github.com/plataformatec/devise/blob/master/CHANGELOG.md#351---2015-05-24
This commit is contained in:
Petko Bordjukov 2015-05-30 14:37:16 +03:00
parent dfb2d1e793
commit 83c6b12d8b
1 changed files with 19 additions and 10 deletions

View File

@ -4,6 +4,8 @@ Devise.setup do |config|
# The secret key used by Devise. Devise uses this key to generate # The secret key used by Devise. Devise uses this key to generate
# random tokens. Changing this key will render invalid all existing # random tokens. Changing this key will render invalid all existing
# confirmation, reset password and unlock tokens in the database. # confirmation, reset password and unlock tokens in the database.
# Devise will use the `secret_key_base` on Rails 4+ applications as its `secret_key`
# by default. You can change it below and use your own secret key.
# config.secret_key = 'generate with `rake secret`' # config.secret_key = 'generate with `rake secret`'
# ==> Mailer Configuration # ==> Mailer Configuration
@ -61,7 +63,7 @@ Devise.setup do |config|
# :database = Support basic authentication with authentication key + password # :database = Support basic authentication with authentication key + password
# config.http_authenticatable = false # config.http_authenticatable = false
# If http headers should be returned for AJAX requests. True by default. # If 401 status code should be returned for AJAX requests. True by default.
# config.http_authenticatable_on_xhr = true # config.http_authenticatable_on_xhr = true
# The realm used in Http Basic Authentication. 'Application' by default. # The realm used in Http Basic Authentication. 'Application' by default.
@ -128,6 +130,9 @@ Devise.setup do |config|
# The time the user will be remembered without asking for credentials again. # The time the user will be remembered without asking for credentials again.
# config.remember_for = 2.weeks # config.remember_for = 2.weeks
# Invalidates all the remember me tokens when the user signs out.
config.expire_all_remember_me_on_sign_out = true
# If true, extends the user's remember period when remembered via cookie. # If true, extends the user's remember period when remembered via cookie.
# config.extend_remember_period = false # config.extend_remember_period = false
@ -137,7 +142,7 @@ Devise.setup do |config|
# ==> Configuration for :validatable # ==> Configuration for :validatable
# Range for password length. # Range for password length.
config.password_length = 8..128 config.password_length = 8..72
# Email regex used to validate email formats. It simply asserts that # Email regex used to validate email formats. It simply asserts that
# one (and only one) @ exists in the given string. This is mainly # one (and only one) @ exists in the given string. This is mainly
@ -176,7 +181,7 @@ Devise.setup do |config|
# config.unlock_in = 1.hour # config.unlock_in = 1.hour
# Warn on the last attempt before the account is locked. # Warn on the last attempt before the account is locked.
# config.last_attempt_warning = false # config.last_attempt_warning = true
# ==> Configuration for :recoverable # ==> Configuration for :recoverable
# #
@ -188,6 +193,10 @@ Devise.setup do |config|
# change their passwords. # change their passwords.
config.reset_password_within = 6.hours config.reset_password_within = 6.hours
# When set to false, does not sign a user in automatically after their password is
# reset. Defaults to true, so a user is signed in automatically after a reset.
# config.sign_in_after_reset_password = true
# ==> Configuration for :encryptable # ==> Configuration for :encryptable
# Allow you to use another encryption algorithm besides bcrypt (default). You can use # Allow you to use another encryption algorithm besides bcrypt (default). You can use
# :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1, # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
@ -250,7 +259,7 @@ Devise.setup do |config|
# The router that invoked `devise_for`, in the example above, would be: # The router that invoked `devise_for`, in the example above, would be:
# config.router_name = :my_engine # config.router_name = :my_engine
# #
# When using omniauth, Devise cannot automatically set Omniauth path, # When using OmniAuth, Devise cannot automatically set OmniAuth path,
# so you need to do it manually. For the users scope, it would be: # so you need to do it manually. For the users scope, it would be:
# config.omniauth_path_prefix = '/my_engine/users/auth' # config.omniauth_path_prefix = '/my_engine/users/auth'
end end