Karavel/fixin.me
0
0
Fork 0
forked from fixin.me/fixin.me
Code Pull Requests Activity

Configure Devise

Browse Source
This commit is contained in:
cryptogopher 2023-03-06 22:21:50 +01:00
parent d1b83d2373
commit c4bba4d2e8
1 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
config/initializers/devise.rb
View File

@ -24,7 +24,7 @@ Devise.setup do |config|
# Configure the e-mail address which will be shown in Devise::Mailer, # Configure the e-mail address which will be shown in Devise::Mailer,
# note that it will be overwritten if you use your own mailer class # note that it will be overwritten if you use your own mailer class
# with default "from" parameter. # with default "from" parameter.
config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com' config.mailer_sender = 'fixinme@noreply.me'
# Configure the class responsible to send e-mails. # Configure the class responsible to send e-mails.
# config.mailer = 'Devise::Mailer' # config.mailer = 'Devise::Mailer'
@ -46,14 +46,14 @@ Devise.setup do |config|
# session. If you need permissions, you should implement that in a before filter. # session. If you need permissions, you should implement that in a before filter.
# You can also supply a hash where the value is a boolean determining whether # You can also supply a hash where the value is a boolean determining whether
# or not authentication should be aborted when the value is not present. # or not authentication should be aborted when the value is not present.
# config.authentication_keys = [:email] config.authentication_keys = [:email]
# Configure parameters from the request object used for authentication. Each entry # Configure parameters from the request object used for authentication. Each entry
# given should be a request method and it will automatically be passed to the # given should be a request method and it will automatically be passed to the
# find_for_authentication method and considered in your model lookup. For instance, # find_for_authentication method and considered in your model lookup. For instance,
# if you set :request_keys to [:subdomain], :subdomain will be used on authentication. # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
# The same considerations mentioned for authentication_keys also apply to request_keys. # The same considerations mentioned for authentication_keys also apply to request_keys.
# config.request_keys = [] config.request_keys = []
# Configure which authentication keys should be case-insensitive. # Configure which authentication keys should be case-insensitive.
# These keys will be downcased upon creating or modifying a user and when used # These keys will be downcased upon creating or modifying a user and when used
@ -69,7 +69,7 @@ Devise.setup do |config|
# It can be set to an array that will enable params authentication only for the # It can be set to an array that will enable params authentication only for the
# given strategies, for example, `config.params_authenticatable = [:database]` will # given strategies, for example, `config.params_authenticatable = [:database]` will
# enable it only for database (email + password) authentication. # enable it only for database (email + password) authentication.
# config.params_authenticatable = true config.params_authenticatable = true
# Tell if authentication through HTTP Auth is enabled. False by default. # Tell if authentication through HTTP Auth is enabled. False by default.
# It can be set to an array that will enable http authentication only for the # It can be set to an array that will enable http authentication only for the
@ -79,7 +79,7 @@ Devise.setup do |config|
# enable this with :database unless you are using a custom strategy. # enable this with :database unless you are using a custom strategy.
# The supported strategies are: # The supported strategies are:
# :database = Support basic authentication with authentication key + password # :database = Support basic authentication with authentication key + password
# config.http_authenticatable = false config.http_authenticatable = false
# If 401 status code should be returned for AJAX requests. True by default. # If 401 status code should be returned for AJAX requests. True by default.
# config.http_authenticatable_on_xhr = true # config.http_authenticatable_on_xhr = true
@ -123,16 +123,16 @@ Devise.setup do |config|
# a value less than 10 in other environments. Note that, for bcrypt (the default # a value less than 10 in other environments. Note that, for bcrypt (the default
# algorithm), the cost increases exponentially with the number of stretches (e.g. # algorithm), the cost increases exponentially with the number of stretches (e.g.
# a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation). # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
config.stretches = Rails.env.test? ? 1 : 12 config.stretches = Rails.env.test? ? 1 : 14
# Set up a pepper to generate the hashed password. # Set up a pepper to generate the hashed password.
# config.pepper = '4b613a34882c292046bda36d39e618af7b84c55b4ee639da39ac1d6f3d7084cded267dccd69fa398e86ab2c16c2b69dba1170eb951e68be9d7003bd93b38f7e1' # config.pepper = '4b613a34882c292046bda36d39e618af7b84c55b4ee639da39ac1d6f3d7084cded267dccd69fa398e86ab2c16c2b69dba1170eb951e68be9d7003bd93b38f7e1'
# Send a notification to the original email when the user's email is changed. # Send a notification to the original email when the user's email is changed.
# config.send_email_changed_notification = false config.send_email_changed_notification = true
# Send a notification email when the user's password is changed. # Send a notification email when the user's password is changed.
# config.send_password_change_notification = false config.send_password_change_notification = true
# ==> Configuration for :confirmable # ==> Configuration for :confirmable
# A period that the user is allowed to access the website even without # A period that the user is allowed to access the website even without
@ -143,7 +143,7 @@ Devise.setup do |config|
# without confirming their account. # without confirming their account.
# Default is 0.days, meaning the user cannot access the website without # Default is 0.days, meaning the user cannot access the website without
# confirming their account. # confirming their account.
# config.allow_unconfirmed_access_for = 2.days config.allow_unconfirmed_access_for = 0.days
# A period that the user is allowed to confirm their account before their # A period that the user is allowed to confirm their account before their
# token becomes invalid. For example, if set to 3.days, the user can confirm # token becomes invalid. For example, if set to 3.days, the user can confirm
@ -151,7 +151,7 @@ Devise.setup do |config|
# their account can't be confirmed with the token any more. # their account can't be confirmed with the token any more.
# Default is nil, meaning there is no restriction on how long a user can take # Default is nil, meaning there is no restriction on how long a user can take
# before confirming their account. # before confirming their account.
# config.confirm_within = 3.days config.confirm_within = 3.hours
# If true, requires any email changes to be confirmed (exactly the same way as # If true, requires any email changes to be confirmed (exactly the same way as
# initial account confirmation) to be applied. Requires additional unconfirmed_email # initial account confirmation) to be applied. Requires additional unconfirmed_email
@ -160,17 +160,17 @@ Devise.setup do |config|
config.reconfirmable = true config.reconfirmable = true
# Defines which key will be used when confirming an account # Defines which key will be used when confirming an account
# config.confirmation_keys = [:email] config.confirmation_keys = [:email]
# ==> Configuration for :rememberable # ==> Configuration for :rememberable
# The time the user will be remembered without asking for credentials again. # The time the user will be remembered without asking for credentials again.
# config.remember_for = 2.weeks config.remember_for = 1.week
# Invalidates all the remember me tokens when the user signs out. # Invalidates all the remember me tokens when the user signs out.
config.expire_all_remember_me_on_sign_out = true config.expire_all_remember_me_on_sign_out = true
# If true, extends the user's remember period when remembered via cookie. # If true, extends the user's remember period when remembered via cookie.
# config.extend_remember_period = false config.extend_remember_period = true
# Options to be passed to the created cookie. For instance, you can set # Options to be passed to the created cookie. For instance, you can set
# secure: true in order to force SSL only cookies. # secure: true in order to force SSL only cookies.
@ -194,41 +194,41 @@ Devise.setup do |config|
# Defines which strategy will be used to lock an account. # Defines which strategy will be used to lock an account.
# :failed_attempts = Locks an account after a number of failed attempts to sign in. # :failed_attempts = Locks an account after a number of failed attempts to sign in.
# :none = No lock strategy. You should handle locking by yourself. # :none = No lock strategy. You should handle locking by yourself.
# config.lock_strategy = :failed_attempts config.lock_strategy = :failed_attempts
# Defines which key will be used when locking and unlocking an account # Defines which key will be used when locking and unlocking an account
# config.unlock_keys = [:email] config.unlock_keys = [:email]
# Defines which strategy will be used to unlock an account. # Defines which strategy will be used to unlock an account.
# :email = Sends an unlock link to the user email # :email = Sends an unlock link to the user email
# :time = Re-enables login after a certain amount of time (see :unlock_in below) # :time = Re-enables login after a certain amount of time (see :unlock_in below)
# :both = Enables both strategies # :both = Enables both strategies
# :none = No unlock strategy. You should handle unlocking by yourself. # :none = No unlock strategy. You should handle unlocking by yourself.
# config.unlock_strategy = :both config.unlock_strategy = :both
# Number of authentication tries before locking an account if lock_strategy # Number of authentication tries before locking an account if lock_strategy
# is failed attempts. # is failed attempts.
# config.maximum_attempts = 20 config.maximum_attempts = 10
# Time interval to unlock the account if :time is enabled as unlock_strategy. # Time interval to unlock the account if :time is enabled as unlock_strategy.
# config.unlock_in = 1.hour config.unlock_in = 6.hours
# Warn on the last attempt before the account is locked. # Warn on the last attempt before the account is locked.
# config.last_attempt_warning = true config.last_attempt_warning = true
# ==> Configuration for :recoverable # ==> Configuration for :recoverable
# #
# Defines which key will be used when recovering the password for an account # Defines which key will be used when recovering the password for an account
# config.reset_password_keys = [:email] config.reset_password_keys = [:email]
# Time interval you can reset your password with a reset password key. # Time interval you can reset your password with a reset password key.
# Don't put a too small interval or your users won't have the time to # Don't put a too small interval or your users won't have the time to
# change their passwords. # change their passwords.
config.reset_password_within = 6.hours config.reset_password_within = 1.hour
# When set to false, does not sign a user in automatically after their password is # When set to false, does not sign a user in automatically after their password is
# reset. Defaults to true, so a user is signed in automatically after a reset. # reset. Defaults to true, so a user is signed in automatically after a reset.
# config.sign_in_after_reset_password = true config.sign_in_after_reset_password = true
# ==> Configuration for :encryptable # ==> Configuration for :encryptable
# Allow you to use another hashing or encryption algorithm besides bcrypt (default). # Allow you to use another hashing or encryption algorithm besides bcrypt (default).
@ -244,7 +244,7 @@ Devise.setup do |config|
# Turn scoped views on. Before rendering "sessions/new", it will first check for # Turn scoped views on. Before rendering "sessions/new", it will first check for
# "users/sessions/new". It's turned off by default because it's slower if you # "users/sessions/new". It's turned off by default because it's slower if you
# are using only default views. # are using only default views.
# config.scoped_views = false config.scoped_views = false
# Configure the default scope given to Warden. By default it's the first # Configure the default scope given to Warden. By default it's the first
# devise role declared in your routes (usually :user). # devise role declared in your routes (usually :user).
@ -309,5 +309,5 @@ Devise.setup do |config|
# When set to false, does not sign a user in automatically after their password is # When set to false, does not sign a user in automatically after their password is
# changed. Defaults to true, so a user is signed in automatically after changing a password. # changed. Defaults to true, so a user is signed in automatically after changing a password.
# config.sign_in_after_change_password = true config.sign_in_after_change_password = true
end end