add lockable to User, Gestionnaire, administration, Administrateur

2019-05-22 18:33:00 +02:00 · 2019-05-22 18:33:00 +02:00 · 8d03a6747c
commit 8d03a6747c
parent e459eca16d
6 changed files with 33 additions and 10 deletions
--- a/app/models/administrateur.rb
+++ b/app/models/administrateur.rb
@ -4,7 +4,7 @@ class Administrateur < ApplicationRecord
  include ActiveRecord::SecureToken

  devise :database_authenticatable, :registerable, :async,
-    :recoverable, :rememberable, :trackable, :validatable
+    :recoverable, :rememberable, :trackable, :validatable, :lockable

  has_and_belongs_to_many :gestionnaires
  has_many :administrateurs_procedures
--- a/app/models/administration.rb
+++ b/app/models/administration.rb
@ -1,7 +1,7 @@
 class Administration < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
-  devise :database_authenticatable, :rememberable, :trackable, :validatable, :omniauthable, :async, omniauth_providers: [:github]
+  devise :database_authenticatable, :rememberable, :trackable, :validatable, :omniauthable, :lockable, :async, omniauth_providers: [:github]

  def self.from_omniauth(params)
    find_by(email: params["info"]["email"])
--- a/app/models/gestionnaire.rb
+++ b/app/models/gestionnaire.rb
@ -3,7 +3,7 @@ class Gestionnaire < ApplicationRecord
  include EmailSanitizableConcern

  devise :database_authenticatable, :registerable, :async,
-    :recoverable, :rememberable, :trackable, :validatable
+    :recoverable, :rememberable, :trackable, :validatable, :lockable

  has_and_belongs_to_many :administrateurs

--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -10,7 +10,7 @@ class User < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable, :async,
-    :recoverable, :rememberable, :trackable, :validatable, :confirmable
+    :recoverable, :rememberable, :trackable, :validatable, :confirmable, :lockable

  has_many :dossiers, dependent: :destroy
  has_many :invites, dependent: :destroy
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@ -161,27 +161,27 @@ Devise.setup do |config|
  # Defines which strategy will be used to lock an account.
  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
  # :none            = No lock strategy. You should handle locking by yourself.
-  # config.lock_strategy = :failed_attempts
+  config.lock_strategy = :failed_attempts

  # Defines which key will be used when locking and unlocking an account
-  # config.unlock_keys = [ :email ]
+  config.unlock_keys = [ :email ]

  # Defines which strategy will be used to unlock an account.
  # :email = Sends an unlock link to the user email
  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
  # :both  = Enables both strategies
  # :none  = No unlock strategy. You should handle unlocking by yourself.
-  # config.unlock_strategy = :both
+  config.unlock_strategy = :both

  # Number of authentication tries before locking an account if lock_strategy
  # is failed attempts.
-  # config.maximum_attempts = 20
+  config.maximum_attempts = 6

  # Time interval to unlock the account if :time is enabled as unlock_strategy.
-  # config.unlock_in = 1.hour
+  config.unlock_in = 1.hour

  # Warn on the last attempt before the account is locked.
-  # config.last_attempt_warning = true
+  config.last_attempt_warning = true

  # ==> Configuration for :recoverable
  #
--- a/db/migrate/20190522131959_add_lockable_to_devise.rb
+++ b/db/migrate/20190522131959_add_lockable_to_devise.rb
@ -0,0 +1,23 @@
+class AddLockableToDevise < ActiveRecord::Migration[5.2]
+  def change
+    add_column :users, :failed_attempts, :integer, default: 0, null: false
+    add_column :users, :unlock_token, :string
+    add_column :users, :locked_at, :datetime
+    add_index :users, :unlock_token, unique: true
+
+    add_column :gestionnaires, :failed_attempts, :integer, default: 0, null: false
+    add_column :gestionnaires, :unlock_token, :string
+    add_column :gestionnaires, :locked_at, :datetime
+    add_index :gestionnaires, :unlock_token, unique: true
+
+    add_column :administrateurs, :failed_attempts, :integer, default: 0, null: false
+    add_column :administrateurs, :unlock_token, :string
+    add_column :administrateurs, :locked_at, :datetime
+    add_index :administrateurs, :unlock_token, unique: true
+
+    add_column :administrations, :failed_attempts, :integer, default: 0, null: false
+    add_column :administrations, :unlock_token, :string
+    add_column :administrations, :locked_at, :datetime
+    add_index :administrations, :unlock_token, unique: true
+  end
+end