validate is the password used in the past
# File lib/devise_security_extension/models/password_archivable.rb, line 19 def password_archive_included? unless self.class.deny_old_passwords.is_a? Fixnum if self.class.deny_old_passwords.is_a? TrueClass and self.class.password_archiving_count > 0 self.class.deny_old_passwords = self.class.password_archiving_count else self.class.deny_old_passwords = 0 end end if self.class.deny_old_passwords > 0 and not self.password.nil? old_passwords_including_cur_change = self.old_passwords.order(:id).reverse_order.limit(self.class.deny_old_passwords) old_passwords_including_cur_change << OldPassword.new(old_password_params) # include most recent change in list, but don't save it yet! old_passwords_including_cur_change.each do |old_password| dummy = self.class.new dummy.encrypted_password = old_password.encrypted_password dummy.password_salt = old_password.password_salt if dummy.respond_to?(:password_salt) return true if dummy.valid_password?(self.password) end end false end
# File lib/devise_security_extension/models/password_archivable.rb, line 42 def password_changed_to_same? pass_change = encrypted_password_change pass_change && pass_change.first == pass_change.last end
# File lib/devise_security_extension/models/password_archivable.rb, line 14 def validate_password_archive self.errors.add(:password, :taken_in_past) if encrypted_password_changed? and password_archive_included? end