devise: use password_complexity in User::PasswordsController
This fixes the password strength meter no longer being displayed when an admin changes their password.
This commit is contained in:
Pierre de La Morinerie
parent
ed8b19d2eb
commit
62e4f7ee32
3 changed files with 22 additions and 32 deletions
|
|
@ -1,4 +1,6 @@
|
||||||
class Users::PasswordsController < Devise::PasswordsController
|
class Users::PasswordsController < Devise::PasswordsController
|
||||||
|
include DevisePopulatedResource
|
||||||
|
|
||||||
after_action :try_to_authenticate_instructeur, only: [:update]
|
after_action :try_to_authenticate_instructeur, only: [:update]
|
||||||
after_action :try_to_authenticate_administrateur, only: [:update]
|
after_action :try_to_authenticate_administrateur, only: [:update]
|
||||||
|
|
||||||
|
|
@ -8,19 +10,9 @@ class Users::PasswordsController < Devise::PasswordsController
|
||||||
# end
|
# end
|
||||||
|
|
||||||
# POST /resource/password
|
# POST /resource/password
|
||||||
def create
|
# def create
|
||||||
# Check the credentials associated to the mail to generate a correct reset link
|
# super
|
||||||
email = params[:user][:email]
|
# end
|
||||||
if Administrateur.by_email(email)
|
|
||||||
@devise_mapping = Devise.mappings[:administrateur]
|
|
||||||
params[:administrateur] = params[:user]
|
|
||||||
# uncomment to check password complexity for Instructeur
|
|
||||||
# elsif Instructeur.by_email(email)
|
|
||||||
# @devise_mapping = Devise.mappings[:instructeur]
|
|
||||||
# params[:instructeur] = params[:user]
|
|
||||||
end
|
|
||||||
super
|
|
||||||
end
|
|
||||||
|
|
||||||
# GET /resource/password/edit?reset_password_token=abcdef
|
# GET /resource/password/edit?reset_password_token=abcdef
|
||||||
# def edit
|
# def edit
|
||||||
|
|
@ -67,15 +59,4 @@ class Users::PasswordsController < Devise::PasswordsController
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def test_strength
|
|
||||||
@score, @words, @length = ZxcvbnService.new(password_params[:password]).complexity
|
|
||||||
@min_length = PASSWORD_MIN_LENGTH
|
|
||||||
@min_complexity = PASSWORD_COMPLEXITY_FOR_USER
|
|
||||||
render 'shared/password/test_strength'
|
|
||||||
end
|
|
||||||
|
|
||||||
def password_params
|
|
||||||
params.require(:user).permit(:reset_password_token, :password)
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -14,9 +14,9 @@
|
||||||
= f.hidden_field :reset_password_token
|
= f.hidden_field :reset_password_token
|
||||||
|
|
||||||
= f.label 'Nouveau mot de passe'
|
= f.label 'Nouveau mot de passe'
|
||||||
= f.password_field :password, autofocus: true, autocomplete: 'off'
|
= render 'password_complexity/field', { form: f, test_complexity: populated_resource.validate_password_complexity? }
|
||||||
|
|
||||||
= f.label 'Confirmez le nouveau mot de passe'
|
= f.label 'Confirmez le nouveau mot de passe'
|
||||||
= f.password_field :password_confirmation, autocomplete: 'off'
|
= f.password_field :password_confirmation, autocomplete: 'off'
|
||||||
|
|
||||||
= f.submit 'Changer le mot de passe', class: 'button primary'
|
= f.submit 'Changer le mot de passe', class: 'button large primary expand', id: "submit-password", data: { disable_with: "Envoi…" }
|
||||||
|
|
|
||||||
|
|
@ -27,11 +27,12 @@ feature 'Managing password:' do
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'for admins' do
|
context 'for admins' do
|
||||||
let(:user) { create(:user) }
|
let(:administrateur) { create(:administrateur) }
|
||||||
let(:administrateur) { create(:administrateur, user: user) }
|
let(:user) { administrateur.user }
|
||||||
let(:new_password) { 'a new, long, and complicated password!' }
|
let(:weak_password) { '12345678' }
|
||||||
|
let(:strong_password) { 'a new, long, and complicated password!' }
|
||||||
|
|
||||||
scenario 'an admin can reset their password' do
|
scenario 'an admin can reset their password', js: true do
|
||||||
visit root_path
|
visit root_path
|
||||||
click_on 'Connexion'
|
click_on 'Connexion'
|
||||||
click_on 'Mot de passe oublié ?'
|
click_on 'Mot de passe oublié ?'
|
||||||
|
|
@ -48,8 +49,16 @@ feature 'Managing password:' do
|
||||||
|
|
||||||
expect(page).to have_content 'Changement de mot de passe'
|
expect(page).to have_content 'Changement de mot de passe'
|
||||||
|
|
||||||
fill_in 'user_password', with: new_password
|
fill_in 'user_password', with: weak_password
|
||||||
fill_in 'user_password_confirmation', with: new_password
|
fill_in 'user_password_confirmation', with: weak_password
|
||||||
|
expect(page).to have_text('Mot de passe très vulnérable')
|
||||||
|
expect(page).to have_button('Changer le mot de passe', disabled: true)
|
||||||
|
|
||||||
|
fill_in 'user_password', with: strong_password
|
||||||
|
fill_in 'user_password_confirmation', with: strong_password
|
||||||
|
expect(page).to have_text('Mot de passe suffisamment fort et sécurisé')
|
||||||
|
expect(page).to have_button('Changer le mot de passe', disabled: false)
|
||||||
|
|
||||||
click_on 'Changer le mot de passe'
|
click_on 'Changer le mot de passe'
|
||||||
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
expect(page).to have_content('Votre mot de passe a bien été modifié.')
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue