diff options
-rw-r--r-- | app/models/user.rb | 4 | ||||
-rw-r--r-- | config/initializers/devise.rb | 8 | ||||
-rw-r--r-- | db/migrate/20120706065612_add_lockable_to_users.rb | 6 | ||||
-rw-r--r-- | db/schema.rb | 4 |
4 files changed, 15 insertions, 7 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index ccb1dddfef6..eaae6708922 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,11 +1,11 @@ class User < ActiveRecord::Base include Account - devise :database_authenticatable, :token_authenticatable, + devise :database_authenticatable, :token_authenticatable, :lockable, :recoverable, :rememberable, :trackable, :validatable, :omniauthable attr_accessible :email, :password, :password_confirmation, :remember_me, :bio, - :name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme, + :name, :projects_limit, :skype, :linkedin, :twitter, :dark_scheme, :theme_id, :force_random_password attr_accessor :force_random_password diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index a778be5f929..54011ba5ea3 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -115,7 +115,7 @@ Devise.setup do |config| # Defines which strategy will be used to lock an account. # :failed_attempts = Locks an account after a number of failed attempts to sign in. # :none = No lock strategy. You should handle locking by yourself. - # config.lock_strategy = :failed_attempts + config.lock_strategy = :failed_attempts # Defines which key will be used when locking and unlocking an account # config.unlock_keys = [ :email ] @@ -125,14 +125,14 @@ Devise.setup do |config| # :time = Re-enables login after a certain amount of time (see :unlock_in below) # :both = Enables both strategies # :none = No unlock strategy. You should handle unlocking by yourself. - # config.unlock_strategy = :both + config.unlock_strategy = :time # Number of authentication tries before locking an account if lock_strategy # is failed attempts. - # config.maximum_attempts = 20 + config.maximum_attempts = 10 # Time interval to unlock the account if :time is enabled as unlock_strategy. - # config.unlock_in = 1.hour + config.unlock_in = 10.minutes # ==> Configuration for :recoverable # diff --git a/db/migrate/20120706065612_add_lockable_to_users.rb b/db/migrate/20120706065612_add_lockable_to_users.rb new file mode 100644 index 00000000000..cf86e660876 --- /dev/null +++ b/db/migrate/20120706065612_add_lockable_to_users.rb @@ -0,0 +1,6 @@ +class AddLockableToUsers < ActiveRecord::Migration + def change + add_column :users, :failed_attempts, :integer, :default => 0 + add_column :users, :locked_at, :datetime + end +end diff --git a/db/schema.rb b/db/schema.rb index f2bb16937f4..f40ee260dc3 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20120627145613) do +ActiveRecord::Schema.define(:version => 20120706065612) do create_table "events", :force => true do |t| t.string "target_type" @@ -169,6 +169,8 @@ ActiveRecord::Schema.define(:version => 20120627145613) do t.integer "theme_id", :default => 1, :null => false t.string "bio" t.boolean "blocked", :default => false, :null => false + t.integer "failed_attempts", :default => 0 + t.datetime "locked_at" end add_index "users", ["email"], :name => "index_users_on_email", :unique => true |