devise: use password_complexity in User::PasswordsController
This fixes the password strength meter no longer being displayed when an admin changes their password.
This commit is contained in:
parent
ed8b19d2eb
commit
62e4f7ee32
3 changed files with 22 additions and 32 deletions
|
@ -1,4 +1,6 @@
|
|||
class Users::PasswordsController < Devise::PasswordsController
|
||||
include DevisePopulatedResource
|
||||
|
||||
after_action :try_to_authenticate_instructeur, only: [:update]
|
||||
after_action :try_to_authenticate_administrateur, only: [:update]
|
||||
|
||||
|
@ -8,19 +10,9 @@ class Users::PasswordsController < Devise::PasswordsController
|
|||
# end
|
||||
|
||||
# POST /resource/password
|
||||
def create
|
||||
# Check the credentials associated to the mail to generate a correct reset link
|
||||
email = params[:user][:email]
|
||||
if Administrateur.by_email(email)
|
||||
@devise_mapping = Devise.mappings[:administrateur]
|
||||
params[:administrateur] = params[:user]
|
||||
# uncomment to check password complexity for Instructeur
|
||||
# elsif Instructeur.by_email(email)
|
||||
# @devise_mapping = Devise.mappings[:instructeur]
|
||||
# params[:instructeur] = params[:user]
|
||||
end
|
||||
super
|
||||
end
|
||||
# def create
|
||||
# super
|
||||
# end
|
||||
|
||||
# GET /resource/password/edit?reset_password_token=abcdef
|
||||
# def edit
|
||||
|
@ -67,15 +59,4 @@ class Users::PasswordsController < Devise::PasswordsController
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
def test_strength
|
||||
@score, @words, @length = ZxcvbnService.new(password_params[:password]).complexity
|
||||
@min_length = PASSWORD_MIN_LENGTH
|
||||
@min_complexity = PASSWORD_COMPLEXITY_FOR_USER
|
||||
render 'shared/password/test_strength'
|
||||
end
|
||||
|
||||
def password_params
|
||||
params.require(:user).permit(:reset_password_token, :password)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -14,9 +14,9 @@
|
|||
= f.hidden_field :reset_password_token
|
||||
|
||||
= f.label 'Nouveau mot de passe'
|
||||
= f.password_field :password, autofocus: true, autocomplete: 'off'
|
||||
= render 'password_complexity/field', { form: f, test_complexity: populated_resource.validate_password_complexity? }
|
||||
|
||||
= f.label 'Confirmez le nouveau mot de passe'
|
||||
= f.password_field :password_confirmation, autocomplete: 'off'
|
||||
|
||||
= f.submit 'Changer le mot de passe', class: 'button primary'
|
||||
= f.submit 'Changer le mot de passe', class: 'button large primary expand', id: "submit-password", data: { disable_with: "Envoi…" }
|
||||
|
|
|
@ -27,11 +27,12 @@ feature 'Managing password:' do
|
|||
end
|
||||
|
||||
context 'for admins' do
|
||||
let(:user) { create(:user) }
|
||||
let(:administrateur) { create(:administrateur, user: user) }
|
||||
let(:new_password) { 'a new, long, and complicated password!' }
|
||||
let(:administrateur) { create(:administrateur) }
|
||||
let(:user) { administrateur.user }
|
||||
let(:weak_password) { '12345678' }
|
||||
let(:strong_password) { 'a new, long, and complicated password!' }
|
||||
|
||||
scenario 'an admin can reset their password' do
|
||||
scenario 'an admin can reset their password', js: true do
|
||||
visit root_path
|
||||
click_on 'Connexion'
|
||||
click_on 'Mot de passe oublié ?'
|
||||
|
@ -48,8 +49,16 @@ feature 'Managing password:' do
|
|||
|
||||
expect(page).to have_content 'Changement de mot de passe'
|
||||
|
||||
fill_in 'user_password', with: new_password
|
||||
fill_in 'user_password_confirmation', with: new_password
|
||||
fill_in 'user_password', with: weak_password
|
||||
fill_in 'user_password_confirmation', with: weak_password
|
||||
expect(page).to have_text('Mot de passe très vulnérable')
|
||||
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
||||
|
||||
fill_in 'user_password', with: strong_password
|
||||
fill_in 'user_password_confirmation', with: strong_password
|
||||
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
||||
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
||||
|
||||
click_on 'Changer le mot de passe'
|
||||
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue