adrianshort
/
apollo
mirror of https://github.com/adrianshort/apollo.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
GeoRSS aggregator and Layar augmented reality server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
169 Commits
1 Branch
288 KiB
Tree: 40ef6f143d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '40ef6f143d'
${ noResults }
apollo/config/initializers/sorcery.rb

sorcery.rb 11 KiB
Raw Normal View History

Added password system
12 years ago
Basic password reset setup
12 years ago
Added password system
12 years ago
Basic password reset setup
12 years ago
Added password system
12 years ago
Added basic password recovery emails
12 years ago
Added password system
12 years ago
Add remember me autologin feature
11 years ago
Added password system
12 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408 
  1. # The first thing you need to configure is which modules you need in your app.

  2. # The default is nothing which will include only core features (password encryption, login/logout).

  3. # Available submodules are: :user_activation, :http_basic_auth, :remember_me,

  4. # :reset_password, :session_timeout, :brute_force_protection, :activity_logging, :external

  5. # Rails.application.config.sorcery.submodules = [:remember_me, :reset_password]

  6. Rails.application.config.sorcery.submodules = [:remember_me, :reset_password]

  7. 

  8. # Here you can configure each submodule's features.

  9. Rails.application.config.sorcery.configure do |config|

  10.   # -- core --

  11.   # What controller action to call for non-authenticated users. You can also

  12.   # override the 'not_authenticated' method of course.

  13.   # Default: `:not_authenticated`

  14.   #

  15. #   config.not_authenticated_action = 

  16. 

  17. 

  18.   # When a non logged in user tries to enter a page that requires login, save

  19.   # the URL he wanted to reach, and send him there after login, using 'redirect_back_or_to'.

  20.   # Default: `true`

  21.   #

  22.   # config.save_return_to_url =

  23. 

  24. 

  25.   # Set domain option for cookies; Useful for remember_me submodule.

  26.   # Default: `nil`

  27.   #

  28.   # config.cookie_domain =

  29. 

  30.   # -- session timeout --

  31.   # How long in seconds to keep the session alive.

  32.   # Default: `3600`

  33.   #

  34.   # config.session_timeout =

  35. 

  36. 

  37.   # Use the last action as the beginning of session timeout.

  38.   # Default: `false`

  39.   #

  40.   # config.session_timeout_from_last_action =

  41. 

  42. 

  43.   # -- http_basic_auth --

  44.   # What realm to display for which controller name. For example {"My App" => "Application"}

  45.   # Default: `{"application" => "Application"}`

  46.   #

  47.   # config.controller_to_realm_map =

  48. 

  49. 

  50.   # -- activity logging --

  51.   # will register the time of last user login, every login.

  52.   # Default: `true`

  53.   #

  54.   # config.register_login_time =

  55. 

  56. 

  57.   # will register the time of last user logout, every logout.

  58.   # Default: `true`

  59.   #

  60.   # config.register_logout_time =

  61. 

  62. 

  63.   # will register the time of last user action, every action.

  64.   # Default: `true`

  65.   #

  66.   # config.register_last_activity_time =

  67. 

  68. 

  69.   # -- external --

  70.   # What providers are supported by this app, i.e. [:twitter, :facebook, :github, :google, :liveid] .

  71.   # Default: `[]`

  72.   #

  73.   # config.external_providers =

  74. 

  75. 

  76.   # You can change it by your local ca_file. i.e. '/etc/pki/tls/certs/ca-bundle.crt'

  77.   # Path to ca_file. By default use a internal ca-bundle.crt.

  78.   # Default: `'path/to/ca_file'`

  79.   #

  80.   # config.ca_file =

  81. 

  82. 

  83.   # Twitter wil not accept any requests nor redirect uri containing localhost,

  84.   # make sure you use 0.0.0.0:3000 to access your app in development

  85.   #

  86.   # config.twitter.key = ""

  87.   # config.twitter.secret = ""

  88.   # config.twitter.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=twitter"

  89.   # config.twitter.user_info_mapping = {:email => "screen_name"}

  90.   #

  91.   # config.facebook.key = ""

  92.   # config.facebook.secret = ""

  93.   # config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"

  94.   # config.facebook.user_info_mapping = {:email => "name"}

  95.   #

  96.   # config.github.key = ""

  97.   # config.github.secret = ""

  98.   # config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"

  99.   # config.github.user_info_mapping = {:email => "name"}

  100.   #

  101.   # config.google.key = ""

  102.   # config.google.secret = ""

  103.   # config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google"

  104.   # config.google.user_info_mapping = {:email => "email", :username => "name"}

  105.   #

  106.   # To use liveid in development mode you have to replace mydomain.com with

  107.   # a valid domain even in development. To use a valid domain in development

  108.   # simply add your domain in your /etc/hosts file in front of 127.0.0.1

  109.   #

  110.   # config.liveid.key = ""

  111.   # config.liveid.secret = ""

  112.   # config.liveid.callback_url = "http://mydomain.com:3000/oauth/callback?provider=liveid"

  113.   # config.liveid.user_info_mapping = {:username => "name"}

  114. 

  115. 

  116.   # --- user config ---

  117.   config.user_config do |user|

  118.     # -- core --

  119.     # specify username attributes, for example: [:username, :email].

  120.     # Default: `[:username]`

  121.     #

  122.     user.username_attribute_names = [:email]

  123. 

  124. 

  125.     # change *virtual* password attribute, the one which is used until an encrypted one is generated.

  126.     # Default: `:password`

  127.     #

  128.     # user.password_attribute_name =

  129. 

  130. 

  131.     # downcase the username before trying to authenticate, default is false

  132.     # Default: `false`

  133.     #

  134.     # user.downcase_username_before_authenticating =

  135. 

  136. 

  137.     # change default email attribute.

  138.     # Default: `:email`

  139.     #

  140.     # user.email_attribute_name =

  141. 

  142. 

  143.     # change default crypted_password attribute.

  144.     # Default: `:crypted_password`

  145.     #

  146.     # user.crypted_password_attribute_name =

  147. 

  148. 

  149.     # what pattern to use to join the password with the salt

  150.     # Default: `""`

  151.     #

  152.     # user.salt_join_token =

  153. 

  154. 

  155.     # change default salt attribute.

  156.     # Default: `:salt`

  157.     #

  158.     # user.salt_attribute_name =

  159. 

  160. 

  161.     # how many times to apply encryption to the password.

  162.     # Default: `nil`

  163.     #

  164.     # user.stretches =

  165. 

  166. 

  167.     # encryption key used to encrypt reversible encryptions such as AES256.

  168.     # WARNING: If used for users' passwords, changing this key will leave passwords undecryptable!

  169.     # Default: `nil`

  170.     #

  171.     # user.encryption_key =

  172. 

  173. 

  174.     # use an external encryption class.

  175.     # Default: `nil`

  176.     #

  177.     # user.custom_encryption_provider =

  178. 

  179. 

  180.     # encryption algorithm name. See 'encryption_algorithm=' for available options.

  181.     # Default: `:bcrypt`

  182.     #

  183.     # user.encryption_algorithm =

  184. 

  185. 

  186.     # make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.

  187.     # Default: `false`

  188.     #

  189.     # user.subclasses_inherit_config =

  190. 

  191. 

  192.     # -- user_activation --

  193.     # the attribute name to hold activation state (active/pending).

  194.     # Default: `:activation_state`

  195.     #

  196.     # user.activation_state_attribute_name =

  197. 

  198. 

  199.     # the attribute name to hold activation code (sent by email).

  200.     # Default: `:activation_token`

  201.     #

  202.     # user.activation_token_attribute_name =

  203. 

  204. 

  205.     # the attribute name to hold activation code expiration date.

  206.     # Default: `:activation_token_expires_at`

  207.     #

  208.     # user.activation_token_expires_at_attribute_name =

  209. 

  210. 

  211.     # how many seconds before the activation code expires. nil for never expires.

  212.     # Default: `nil`

  213.     #

  214.     # user.activation_token_expiration_period =

  215. 

  216. 

  217.     # your mailer class. Required.

  218.     # Default: `nil`

  219.     #

  220.     # user.user_activation_mailer =

  221.     

  222.     

  223.     # when true sorcery will not automatically

  224.     # email activation details and allow you to

  225.     # manually handle how and when email is sent.

  226.     # Default: `false`

  227.     #

  228.     # user.activation_mailer_disabled = 

  229. 

  230. 

  231.     # activation needed email method on your mailer class.

  232.     # Default: `:activation_needed_email`

  233.     #

  234.     # user.activation_needed_email_method_name =

  235. 

  236. 

  237.     # activation success email method on your mailer class.

  238.     # Default: `:activation_success_email`

  239.     #

  240.     # user.activation_success_email_method_name =

  241. 

  242. 

  243.     # do you want to prevent or allow users that did not activate by email to login?

  244.     # Default: `true`

  245.     #

  246.     # user.prevent_non_active_users_to_login =

  247. 

  248. 

  249.     # -- reset_password --

  250.     # reset password code attribute name.

  251.     # Default: `:reset_password_token`

  252.     #

  253.     # user.reset_password_token_attribute_name =

  254. 

  255. 

  256.     # expires at attribute name.

  257.     # Default: `:reset_password_token_expires_at`

  258.     #

  259.     # user.reset_password_token_expires_at_attribute_name =

  260. 

  261. 

  262.     # when was email sent, used for hammering protection.

  263.     # Default: `:reset_password_email_sent_at`

  264.     #

  265.     # user.reset_password_email_sent_at_attribute_name =

  266. 

  267. 

  268.     # mailer class. Needed.

  269.     # Default: `nil`

  270.     #

  271.     user.reset_password_mailer = UserMailer

  272. 

  273. 

  274.     # reset password email method on your mailer class.

  275.     # Default: `:reset_password_email`

  276.     #

  277.     # user.reset_password_email_method_name =

  278. 

  279. 

  280.     # when true sorcery will not automatically

  281.     # email password reset details and allow you to

  282.     # manually handle how and when email is sent

  283.     # Default: `false`

  284.     #

  285. 

  286. 

  287.     # how many seconds before the reset request expires. nil for never expires.

  288.     # Default: `nil`

  289.     #

  290.     # user.reset_password_expiration_period =

  291. 

  292. 

  293.     # hammering protection, how long to wait before allowing another email to be sent.

  294.     # Default: `5 * 60`

  295.     #

  296.     user.reset_password_time_between_emails = 1 * 60

  297. 

  298. 

  299.     # -- brute_force_protection --

  300.     # Failed logins attribute name.

  301.     # Default: `:failed_logins_count`

  302.     #

  303.     # user.failed_logins_count_attribute_name =

  304. 

  305. 

  306.     # This field indicates whether user is banned and when it will be active again.

  307.     # Default: `:lock_expires_at`

  308.     #

  309.     # user.lock_expires_at_attribute_name =

  310. 

  311. 

  312.     # How many failed logins allowed.

  313.     # Default: `50`

  314.     #

  315.     # user.consecutive_login_retries_amount_limit =

  316. 

  317. 

  318.     # How long the user should be banned. in seconds. 0 for permanent.

  319.     # Default: `60 * 60`

  320.     #

  321.     # user.login_lock_time_period =

  322. 

  323.     # Unlock token attribute name

  324.     # Default: `:unlock_token`

  325.     #

  326.     # user.unlock_token_attribute_name =

  327. 

  328.     # Unlock token mailer method

  329.     # Default: `:send_unlock_token_email`

  330.     #

  331.     # user.unlock_token_email_method_name =

  332. 

  333.     # when true sorcery will not automatically

  334.     # send email with unlock token

  335.     # Default: `false`

  336.     #

  337.     # user.unlock_token_mailer_disabled = true

  338. 

  339.     # Unlock token mailer class

  340.     # Default: `nil`

  341.     # 

  342.     # user.unlock_token_mailer = UserMailer

  343. 

  344.     # -- activity logging --

  345.     # Last login attribute name.

  346.     # Default: `:last_login_at`

  347.     #

  348.     # user.last_login_at_attribute_name =

  349. 

  350. 

  351.     # Last logout attribute name.

  352.     # Default: `:last_logout_at`

  353.     #

  354.     # user.last_logout_at_attribute_name =

  355. 

  356. 

  357.     # Last activity attribute name.

  358.     # Default: `:last_activity_at`

  359.     #

  360.     # user.last_activity_at_attribute_name =

  361. 

  362. 

  363.     # How long since last activity is he user defined logged out?

  364.     # Default: `10 * 60`

  365.     #

  366.     # user.activity_timeout =

  367. 

  368. 

  369.     # -- external --

  370.     # Class which holds the various external provider data for this user.

  371.     # Default: `nil`

  372.     #

  373.     # user.authentications_class =

  374. 

  375. 

  376.     # User's identifier in authentications class.

  377.     # Default: `:user_id`

  378.     #

  379.     # user.authentications_user_id_attribute_name =

  380. 

  381. 

  382.     # Provider's identifier in authentications class.

  383.     # Default: `:provider`

  384.     #

  385.     # user.provider_attribute_name =

  386. 

  387. 

  388.     # User's external unique identifier in authentications class.

  389.     # Default: `:uid`

  390.     #

  391.     # user.provider_uid_attribute_name =

  392. 

  393.     # -- remember_me --

  394.     # allow the remember_me cookie to settable through AJAX

  395.     # Default: `true`

  396.     #

  397.     # user.remember_me_httponly =

  398.     

  399.     # How long in seconds the session length will be

  400.     # Default: `604800`

  401.     #

  402.     user.remember_me_for = 60 * 60 * 24 * 7 # 1 week

  403.   end

  404. 

  405.   # This line must come after the 'user config' block.

  406.   # Define which model authenticates with sorcery.

  407.   config.user_class = "User"

  408. end