#3928 Added constants to define password min length & complexity

2019-06-19 12:28:32 -10:00 · 2019-06-19 12:28:32 -10:00 · 3703a71ea3
commit 3703a71ea3
parent 81c2aa365b
2 changed files with 12 additions and 2 deletions
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@ -1,4 +1,5 @@
-require_relative "contacts"
+require_relative 'contacts'
+require_relative 'passwords'

 # Use this hook to configure devise mailer, warden hooks and so forth.
 # Many of these configuration options can be set straight in your model.
@ -142,7 +143,7 @@ Devise.setup do |config|

  # ==> Configuration for :validatable
  # Range for password length.
-  config.password_length = 8..128
+  config.password_length = PASSWORD_MIN_LENGTH..128

  # Email regex used to validate email formats. It simply asserts that
  # one (and only one) @ exists in the given string. This is mainly
--- a/config/initializers/passwords.rb
+++ b/config/initializers/passwords.rb
@ -0,0 +1,9 @@
+# complexity of the required password for the three kinds of users (user, gestionnaire, admnistrateur)
+# valid values are from 0 to 4, 0 means very simple, 4 means high level of complexity.
+if !defined?(PASSWORD_MIN_LENGTH)
+  # PASSWORD_COMPLEXITY_FOR_USER = ENV.fetch('PASSWORD_COMPLEXITY_FOR_USER', '2').to_i
+  # PASSWORD_COMPLEXITY_FOR_GESTIONNAIRE = ENV.fetch('PASSWORD_COMPLEXITY_FOR_GESTIONNAIRE', '3').to_i
+  PASSWORD_COMPLEXITY_FOR_ADMIN = ENV.fetch('PASSWORD_COMPLEXITY_FOR_ADMIN', '4').to_i
+  # password minimum length
+  PASSWORD_MIN_LENGTH = ENV.fetch('PASSWORD_MIN_LENGTH', '8').to_i
+end