summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/models/user.rb4
-rw-r--r--config/initializers/devise.rb8
-rw-r--r--db/migrate/20120706065612_add_lockable_to_users.rb6
-rw-r--r--db/schema.rb4
4 files changed, 15 insertions, 7 deletions
diff --git a/app/models/user.rb b/app/models/user.rb
index ccb1dddfef6..eaae6708922 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,11 +1,11 @@
class User < ActiveRecord::Base
include Account
- devise :database_authenticatable, :token_authenticatable,
+ devise :database_authenticatable, :token_authenticatable, :lockable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable
attr_accessible :email, :password, :password_confirmation, :remember_me, :bio,
- :name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme,
+ :name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme,
:theme_id, :force_random_password
attr_accessor :force_random_password
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index a778be5f929..54011ba5ea3 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -115,7 +115,7 @@ Devise.setup do |config|
# Defines which strategy will be used to lock an account.
# :failed_attempts = Locks an account after a number of failed attempts to sign in.
# :none = No lock strategy. You should handle locking by yourself.
- # config.lock_strategy = :failed_attempts
+ config.lock_strategy = :failed_attempts
# Defines which key will be used when locking and unlocking an account
# config.unlock_keys = [ :email ]
@@ -125,14 +125,14 @@ Devise.setup do |config|
# :time = Re-enables login after a certain amount of time (see :unlock_in below)
# :both = Enables both strategies
# :none = No unlock strategy. You should handle unlocking by yourself.
- # config.unlock_strategy = :both
+ config.unlock_strategy = :time
# Number of authentication tries before locking an account if lock_strategy
# is failed attempts.
- # config.maximum_attempts = 20
+ config.maximum_attempts = 10
# Time interval to unlock the account if :time is enabled as unlock_strategy.
- # config.unlock_in = 1.hour
+ config.unlock_in = 10.minutes
# ==> Configuration for :recoverable
#
diff --git a/db/migrate/20120706065612_add_lockable_to_users.rb b/db/migrate/20120706065612_add_lockable_to_users.rb
new file mode 100644
index 00000000000..cf86e660876
--- /dev/null
+++ b/db/migrate/20120706065612_add_lockable_to_users.rb
@@ -0,0 +1,6 @@
+class AddLockableToUsers < ActiveRecord::Migration
+ def change
+ add_column :users, :failed_attempts, :integer, :default => 0
+ add_column :users, :locked_at, :datetime
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index f2bb16937f4..f40ee260dc3 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20120627145613) do
+ActiveRecord::Schema.define(:version => 20120706065612) do
create_table "events", :force => true do |t|
t.string "target_type"
@@ -169,6 +169,8 @@ ActiveRecord::Schema.define(:version => 20120627145613) do
t.integer "theme_id", :default => 1, :null => false
t.string "bio"
t.boolean "blocked", :default => false, :null => false
+ t.integer "failed_attempts", :default => 0
+ t.datetime "locked_at"
end
add_index "users", ["email"], :name => "index_users_on_email", :unique => true