Update Devise configuration after update to 3.5.1
The most notable change is the reduction of the maximum length of the passwords. See Devise's CHANGELOG.md for more information: https://github.com/plataformatec/devise/blob/master/CHANGELOG.md#351---2015-05-24
This commit is contained in:
Petko Bordjukov
parent
dfb2d1e793
commit
83c6b12d8b
|
|
@ -4,6 +4,8 @@ Devise.setup do |config|
|
||||||
# The secret key used by Devise. Devise uses this key to generate
|
# The secret key used by Devise. Devise uses this key to generate
|
||||||
# random tokens. Changing this key will render invalid all existing
|
# random tokens. Changing this key will render invalid all existing
|
||||||
# confirmation, reset password and unlock tokens in the database.
|
# confirmation, reset password and unlock tokens in the database.
|
||||||
|
# Devise will use the `secret_key_base` on Rails 4+ applications as its `secret_key`
|
||||||
|
# by default. You can change it below and use your own secret key.
|
||||||
# config.secret_key = 'generate with `rake secret`'
|
# config.secret_key = 'generate with `rake secret`'
|
||||||
|
|
||||||
# ==> Mailer Configuration
|
# ==> Mailer Configuration
|
||||||
|
|
@ -29,7 +31,7 @@ Devise.setup do |config|
|
||||||
# session. If you need permissions, you should implement that in a before filter.
|
# session. If you need permissions, you should implement that in a before filter.
|
||||||
# You can also supply a hash where the value is a boolean determining whether
|
# You can also supply a hash where the value is a boolean determining whether
|
||||||
# or not authentication should be aborted when the value is not present.
|
# or not authentication should be aborted when the value is not present.
|
||||||
# config.authentication_keys = [ :email ]
|
# config.authentication_keys = [:email]
|
||||||
|
|
||||||
# Configure parameters from the request object used for authentication. Each entry
|
# Configure parameters from the request object used for authentication. Each entry
|
||||||
# given should be a request method and it will automatically be passed to the
|
# given should be a request method and it will automatically be passed to the
|
||||||
|
|
@ -41,12 +43,12 @@ Devise.setup do |config|
|
||||||
# Configure which authentication keys should be case-insensitive.
|
# Configure which authentication keys should be case-insensitive.
|
||||||
# These keys will be downcased upon creating or modifying a user and when used
|
# These keys will be downcased upon creating or modifying a user and when used
|
||||||
# to authenticate or find a user. Default is :email.
|
# to authenticate or find a user. Default is :email.
|
||||||
config.case_insensitive_keys = [ :email ]
|
config.case_insensitive_keys = [:email]
|
||||||
|
|
||||||
# Configure which authentication keys should have whitespace stripped.
|
# Configure which authentication keys should have whitespace stripped.
|
||||||
# These keys will have whitespace before and after removed upon creating or
|
# These keys will have whitespace before and after removed upon creating or
|
||||||
# modifying a user and when used to authenticate or find a user. Default is :email.
|
# modifying a user and when used to authenticate or find a user. Default is :email.
|
||||||
config.strip_whitespace_keys = [ :email ]
|
config.strip_whitespace_keys = [:email]
|
||||||
|
|
||||||
# Tell if authentication through request.params is enabled. True by default.
|
# Tell if authentication through request.params is enabled. True by default.
|
||||||
# It can be set to an array that will enable params authentication only for the
|
# It can be set to an array that will enable params authentication only for the
|
||||||
|
|
@ -61,7 +63,7 @@ Devise.setup do |config|
|
||||||
# :database = Support basic authentication with authentication key + password
|
# :database = Support basic authentication with authentication key + password
|
||||||
# config.http_authenticatable = false
|
# config.http_authenticatable = false
|
||||||
|
|
||||||
# If http headers should be returned for AJAX requests. True by default.
|
# If 401 status code should be returned for AJAX requests. True by default.
|
||||||
# config.http_authenticatable_on_xhr = true
|
# config.http_authenticatable_on_xhr = true
|
||||||
|
|
||||||
# The realm used in Http Basic Authentication. 'Application' by default.
|
# The realm used in Http Basic Authentication. 'Application' by default.
|
||||||
|
|
@ -122,12 +124,15 @@ Devise.setup do |config|
|
||||||
config.reconfirmable = true
|
config.reconfirmable = true
|
||||||
|
|
||||||
# Defines which key will be used when confirming an account
|
# Defines which key will be used when confirming an account
|
||||||
# config.confirmation_keys = [ :email ]
|
# config.confirmation_keys = [:email]
|
||||||
|
|
||||||
# ==> Configuration for :rememberable
|
# ==> Configuration for :rememberable
|
||||||
# The time the user will be remembered without asking for credentials again.
|
# The time the user will be remembered without asking for credentials again.
|
||||||
# config.remember_for = 2.weeks
|
# config.remember_for = 2.weeks
|
||||||
|
|
||||||
|
# Invalidates all the remember me tokens when the user signs out.
|
||||||
|
config.expire_all_remember_me_on_sign_out = true
|
||||||
|
|
||||||
# If true, extends the user's remember period when remembered via cookie.
|
# If true, extends the user's remember period when remembered via cookie.
|
||||||
# config.extend_remember_period = false
|
# config.extend_remember_period = false
|
||||||
|
|
||||||
|
|
@ -137,7 +142,7 @@ Devise.setup do |config|
|
||||||
|
|
||||||
# ==> Configuration for :validatable
|
# ==> Configuration for :validatable
|
||||||
# Range for password length.
|
# Range for password length.
|
||||||
config.password_length = 8..128
|
config.password_length = 8..72
|
||||||
|
|
||||||
# Email regex used to validate email formats. It simply asserts that
|
# Email regex used to validate email formats. It simply asserts that
|
||||||
# one (and only one) @ exists in the given string. This is mainly
|
# one (and only one) @ exists in the given string. This is mainly
|
||||||
|
|
@ -159,7 +164,7 @@ Devise.setup do |config|
|
||||||
# config.lock_strategy = :failed_attempts
|
# config.lock_strategy = :failed_attempts
|
||||||
|
|
||||||
# Defines which key will be used when locking and unlocking an account
|
# Defines which key will be used when locking and unlocking an account
|
||||||
# config.unlock_keys = [ :email ]
|
# config.unlock_keys = [:email]
|
||||||
|
|
||||||
# Defines which strategy will be used to unlock an account.
|
# Defines which strategy will be used to unlock an account.
|
||||||
# :email = Sends an unlock link to the user email
|
# :email = Sends an unlock link to the user email
|
||||||
|
|
@ -176,18 +181,22 @@ Devise.setup do |config|
|
||||||
# config.unlock_in = 1.hour
|
# config.unlock_in = 1.hour
|
||||||
|
|
||||||
# Warn on the last attempt before the account is locked.
|
# Warn on the last attempt before the account is locked.
|
||||||
# config.last_attempt_warning = false
|
# config.last_attempt_warning = true
|
||||||
|
|
||||||
# ==> Configuration for :recoverable
|
# ==> Configuration for :recoverable
|
||||||
#
|
#
|
||||||
# Defines which key will be used when recovering the password for an account
|
# Defines which key will be used when recovering the password for an account
|
||||||
# config.reset_password_keys = [ :email ]
|
# config.reset_password_keys = [:email]
|
||||||
|
|
||||||
# Time interval you can reset your password with a reset password key.
|
# Time interval you can reset your password with a reset password key.
|
||||||
# Don't put a too small interval or your users won't have the time to
|
# Don't put a too small interval or your users won't have the time to
|
||||||
# change their passwords.
|
# change their passwords.
|
||||||
config.reset_password_within = 6.hours
|
config.reset_password_within = 6.hours
|
||||||
|
|
||||||
|
# When set to false, does not sign a user in automatically after their password is
|
||||||
|
# reset. Defaults to true, so a user is signed in automatically after a reset.
|
||||||
|
# config.sign_in_after_reset_password = true
|
||||||
|
|
||||||
# ==> Configuration for :encryptable
|
# ==> Configuration for :encryptable
|
||||||
# Allow you to use another encryption algorithm besides bcrypt (default). You can use
|
# Allow you to use another encryption algorithm besides bcrypt (default). You can use
|
||||||
# :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
|
# :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
|
||||||
|
|
@ -250,7 +259,7 @@ Devise.setup do |config|
|
||||||
# The router that invoked `devise_for`, in the example above, would be:
|
# The router that invoked `devise_for`, in the example above, would be:
|
||||||
# config.router_name = :my_engine
|
# config.router_name = :my_engine
|
||||||
#
|
#
|
||||||
# When using omniauth, Devise cannot automatically set Omniauth path,
|
# When using OmniAuth, Devise cannot automatically set OmniAuth path,
|
||||||
# so you need to do it manually. For the users scope, it would be:
|
# so you need to do it manually. For the users scope, it would be:
|
||||||
# config.omniauth_path_prefix = '/my_engine/users/auth'
|
# config.omniauth_path_prefix = '/my_engine/users/auth'
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue