BioData · 2xG · Feb 14, 2019 · Feb 20, 2019 · Feb 22, 2019 · Feb 22, 2019
diff --git a/.codeclimate.yml b/.codeclimate.yml
@@ -43,7 +43,7 @@ checks:
 plugins:
  rubocop:
   enabled: true
-  channel: rubocop-0-59
+  channel: rubocop-0-66
  markdownlint:
   enabled: true
  brakeman:

diff --git a/.gitignore b/.gitignore
@@ -40,3 +40,4 @@ Gemfile.lock
 *.lock
 bin/*
 .yardoc
+.idea
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.3
+  TargetRubyVersion: 2.4
   Include:
     - '**/Rakefile'
     - '**/config.ru'

diff --git a/.ruby-version b/.ruby-version
@@ -1 +1 @@
-2.3
+2.4.6
diff --git a/.travis.yml b/.travis.yml
@@ -1,20 +1,39 @@
 language: ruby
-before_install: gem install bundler -v '1.17.3'
-install: bundle _1.17.3_ install --jobs=3 --retry=3
+dist: xenial
+before_install:
+  # install bundler < 2 because Rails 4.2 is incompatible with bundler >= 2
+  - gem install bundler -v '1.17.3'
+install: bundle _1.17.3_ install --jobs=2 --retry=2 --path=${BUNDLE_PATH:-vendor/bundle}
+cache: bundler
 script: bundle exec rake
 rvm:
-  - 2.3
   - 2.4
   - 2.5
   - 2.6
   - ruby-head
+env:
+  matrix:
+    - DEVISE_ORM=active_record
+    - DEVISE_ORM=mongoid
+services:
+  - mongodb
 matrix:
-  allow_failures:
-    - rvm: ruby-head
+  exclude:
+    # Skip these combinations because they have incompatible dependencies
+    # and will always fail.
     - rvm: 2.6
       gemfile: gemfiles/rails_4.2_stable.gemfile
+    - rvm: ruby-head
+      gemfile: gemfiles/rails_4.2_stable.gemfile
+    - rvm: 2.4
+      gemfile: gemfiles/rails_6.0_beta.gemfile
+  allow_failures:
+    # edge, not expected to pass
+    - rvm: ruby-head
+    - gemfile: gemfiles/rails_6.0_beta.gemfile
 gemfile:
   - gemfiles/rails_4.2_stable.gemfile
   - gemfiles/rails_5.0_stable.gemfile
   - gemfiles/rails_5.1_stable.gemfile
   - gemfiles/rails_5.2_stable.gemfile
+  - gemfiles/rails_6.0_beta.gemfile
diff --git a/Appraisals b/Appraisals
@@ -1,15 +1,35 @@
 appraise 'rails-4.2-stable' do
   gem 'rails', '~> 4.2.0'
+  gem 'bundler', '< 2'
+  group :mongoid do
+    gem "mongoid", "~> 4.0"
+  end
 end
 
 appraise 'rails-5.0-stable' do
   gem 'rails', '~> 5.0.0'
+  group :mongoid do
+    gem "mongoid", "~> 6.0"
+  end
 end
 
 appraise 'rails-5.1-stable' do
   gem 'rails', '~> 5.1.0'
+  group :mongoid do
+    gem "mongoid", "~> 6.0"
+  end
 end
 
 appraise 'rails-5.2-stable' do
   gem 'rails', '~> 5.2.0'
+  group :mongoid do
+    gem "mongoid", "~> 6.0"
+  end
+end
+
+appraise 'rails-6.0-beta' do
+  gem 'rails', '~> 6.0.0.beta3'
+  group :mongoid do
+    gem "mongoid", "~> 6.0"
+  end
 end
diff --git a/Gemfile b/Gemfile
@@ -1,6 +1,10 @@
 source "https://rubygems.org"
 gemspec
-gem 'omniauth'
-group :development do
-  gem 'wwtd'
+
+group :active_record do
+  gem 'sqlite3', '~> 1.3.0'
+end
+
+group :mongoid do
+  gem 'mongoid'
 end
diff --git a/README.md b/README.md
@@ -104,6 +104,37 @@ Devise.setup do |config|
 end
 ```
 
+## Other ORMs
+
+Devise-security supports [Mongoid](https://rubygems.org/gems/mongoid) as an alternative ORM to active_record.  To use this ORM, add this to your `Gemfile`.
+
+    gem 'mongoid'
+
+And then ensure that the environment variable `DEVISE_ORM=mongoid` is set.
+
+For local development you will need to have MongoDB installed locally.
+
+    brew install mongodb
+
+### Rails App setup example with Mongoid
+
+```ruby
+# inside config/application.rb
+require File.expand_path('../boot', __FILE__)
+#...
+DEVISE_ORM=:mongoid
+
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(*Rails.groups)
+
+module MyApp
+  class Application < Rails::Application
+    #...
+  end
+end  
+```
+
 ## Captcha-Support
 
 The captcha support depends on [EasyCaptcha](https://github.com/phatworx/easy_captcha). See further documentation there.
@@ -132,8 +163,6 @@ rails generate easy_captcha:install
 
 ## Schema
 
-Note: Unlike Devise, devise-security does not currently support mongoid. Pull requests are welcome!
-
 ### Password expirable
 
 ```ruby
@@ -157,7 +186,7 @@ create_table :old_passwords do |t|
   t.string :password_salt # Optional. bcrypt stores the salt in the encrypted password field so this column may not be necessary.
   t.datetime :created_at
 end
-add_index :old_passwords, [:password_archivable_type, :password_archivable_id], name: :index_password_archivable
+add_index :old_passwords, [:password_archivable_type, :password_archivable_id], name: 'index_password_archivable'
 ```
 
 ### Session limitable
@@ -166,7 +195,7 @@ add_index :old_passwords, [:password_archivable_type, :password_archivable_id],
 create_table :the_resources do |t|
   # other devise fields
 
-  t.string :unique_session_id, limit: 20
+  t.string :unique_session_id
 end
 ```
 
@@ -242,11 +271,13 @@ end
 
 ## Requirements
 
-- Devise (<https://github.com/plataformatec/devise>)
-- Rails 4.2 onwards (<http://github.com/rails/rails>)
-- recommendations:
-  - `autocomplete-off` (<http://github.com/phatworx/autocomplete-off>)
-  - `easy_captcha` (<http://github.com/phatworx/easy_captcha>)
+* Devise (<https://github.com/plataformatec/devise>)
+* Rails 4.2 onwards (<http://github.com/rails/rails>)
+* recommendations:
+    - `autocomplete-off` (<http://github.com/phatworx/autocomplete-off>)
+    - `easy_captcha` (<http://github.com/phatworx/easy_captcha>)
+    - `mongodb` (<https://www.mongodb.com/>)
+    - `rvm` (<https://rvm.io/>)
 
 ## Todo
 
@@ -282,6 +313,15 @@ See also [Github Releases](https://github.com/devise-security/devise-security/re
 - Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
 - Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
 
+## Running tests
+
+Standard tests can be invoked using `rake`.  To run the tests against the `mongoid` ORM, use `DEVISE_ORM=mongoid rake` while `mongodb` is running.
+
+To locally simulate what travis-ci will run when you push code use:
+
+    $ gem install bundler -v '1.17.3'
+    $ BUNDLER_VERSION=1.17.3 wwtd
+
 ## Copyright
 
 Copyright (c) 2011-2017 Marco Scholl. See LICENSE.txt for further details.
diff --git a/Rakefile b/Rakefile
@@ -1,8 +1,7 @@
 # frozen_string_literal: true
 
 $LOAD_PATH.unshift File.join(File.dirname(__FILE__), 'lib')
-require 'rubygems'
-require 'bundler'
+require 'bundler/gem_tasks'
 require 'rake/testtask'
 require 'rdoc/task'
 require 'devise-security/version'
@@ -13,7 +12,7 @@ task default: :test
 Rake::TestTask.new(:test) do |t|
   t.libs << 'lib'
   t.libs << 'test'
-  t.test_files = FileList['test/*test*.rb']
+  t.test_files = FileList['test/*test*.rb', 'test/**/*test*.rb']
   t.verbose = true
   t.warning = false
 end

diff --git a/app/views/devise/paranoid_verification_code/show.html.erb b/app/views/devise/paranoid_verification_code/show.html.erb
@@ -1,7 +1,7 @@
 <h2>Submit verification code</h2>
 
 <%= form_for(resource, as: resource_name, url: [resource_name, :paranoid_verification_code], html: { method: :put }) do |f| %>
-  <%= devise_error_messages! %>
+  <%= render partial: 'devise/shared/error_messages' %>
 
   <p><%= f.label :paranoid_verification_code, 'Verification code' %><br />
   <%= f.text_field :paranoid_verification_code, value: '' %></p>

diff --git a/app/views/devise/password_expired/show.html.erb b/app/views/devise/password_expired/show.html.erb
@@ -1,7 +1,7 @@
 <h2>Renew your password</h2>
 
 <%= form_for(resource, as: resource_name, url: [resource_name, :password_expired], html: { method: :put }) do |f| %>
-  <%= devise_error_messages! %>
+  <%= render partial: 'devise/shared/error_messages' %>
 
   <p><%= f.label :current_password, 'Current password' %><br />
   <%= f.password_field :current_password %></p>

diff --git a/config/locales/de.yml b/config/locales/de.yml
@@ -1,28 +1,28 @@
 de:
   errors:
     messages:
-      taken_in_past: 'wurde bereits in der Vergangenheit verwendet!'
-      equal_to_current_password: 'darf nicht dem aktuellen Passwort entsprechen!'
+      taken_in_past: 'wurde bereits in der Vergangenheit verwendet.'
+      equal_to_current_password: 'darf nicht dem aktuellen Passwort entsprechen.'
       password_complexity:
         digit:
-          one: muss mindestens eine Nummer enthalten
-          other: muss mindestens %{count} Zahlen enthalten
+          one: muss mindestens eine Ziffer enthalten
+          other: muss mindestens %{count} Ziffern enthalten
         lower:
-          one: muss mindestens eine Kleinbuchstabe enthalten
+          one: muss mindestens einen Kleinbuchstaben enthalten
           other: muss mindestens %{count} Kleinbuchstaben enthalten
         symbol:
-          one: muss mindestens eine Satzzeichen enthalten
+          one: muss mindestens ein Satzzeichen enthalten
           other: muss mindestens %{count} Satzzeichen enthalten
         upper:
-          one: muss mindestens eine Großbuchstabe enthalten
+          one: muss mindestens einen Großbuchstaben enthalten
           other: muss mindestens %{count} Großbuchstaben enthalten
   devise:
-    invalid_captcha: 'Die Captchaeingabe ist nicht gültig!'
+    invalid_captcha: 'Die Captcha-Eingabe ist nicht gültig.'
     paranoid_verify:
-      code_required: 'Bitte geben Sie den Code unser Support-Team zur Verfügung gestellt'
+      code_required: 'Bitte geben Sie den Code ein, den unser Support-Team zur Verfügung gestellt hat.'
     password_expired:
       updated: 'Das neue Passwort wurde übernommen.'
-      change_required: 'Ihr Passwort ist abgelaufen. Bitte vergeben sie ein neues Passwort!'
+      change_required: 'Ihr Passwort ist abgelaufen. Bitte vergeben Sie ein neues Passwort.'
     failure:
       session_limited: 'Ihre Anmeldedaten wurden in einem anderen Browser genutzt. Bitte melden Sie sich erneut an, um in diesem Browser fortzufahren.'
-      expired: 'Ihr Account ist aufgrund zu langer Inaktiviät abgelaufen. Bitte kontaktieren Sie den Administrator.'
+      expired: 'Ihr Account ist aufgrund zu langer Inaktivität abgelaufen. Bitte kontaktieren Sie den Administrator.'
diff --git a/devise-security.gemspec b/devise-security.gemspec
@@ -27,22 +27,24 @@ Gem::Specification.new do |s|
   s.required_ruby_version = '>= 2.3.0'
 
   if RUBY_VERSION >= '2.4'
-    s.add_runtime_dependency 'rails', '>= 4.2.0', '< 6.0'
+    s.add_runtime_dependency 'rails', '>= 4.2.0', '< 7.0'
   else
     s.add_runtime_dependency 'railties', '>= 4.2.0', '< 6.0'
   end
-  s.add_runtime_dependency 'devise', '>= 4.2.0', '< 5.0'
+  s.add_runtime_dependency 'devise', '>= 4.3.0', '< 5.0'
 
   s.add_development_dependency 'appraisal'
   s.add_development_dependency 'bundler'
   s.add_development_dependency 'coveralls'
+  s.add_development_dependency 'database_cleaner'
   s.add_development_dependency 'easy_captcha'
   s.add_development_dependency 'm'
   s.add_development_dependency 'minitest'
+  s.add_development_dependency 'omniauth'
   s.add_development_dependency 'pry-byebug'
   s.add_development_dependency 'pry-rescue'
-  s.add_development_dependency 'pry'
   s.add_development_dependency 'rails_email_validator'
-  s.add_development_dependency 'rubocop', '~> 0.59.2'
+  s.add_development_dependency 'rubocop', '~> 0.66.0'
   s.add_development_dependency 'sqlite3'
+  s.add_development_dependency 'wwtd'
 end
diff --git a/gemfiles/rails_4.2_stable.gemfile b/gemfiles/rails_4.2_stable.gemfile
@@ -2,7 +2,15 @@
 
 source "https://rubygems.org"
 
-gem "omniauth"
 gem "rails", "~> 4.2.0"
+gem "bundler", "< 2"
+
+group :active_record do
+  gem "sqlite3", "~> 1.3.0"
+end
+
+group :mongoid do
+  gem "mongoid", "~> 4.0"
+end
 
 gemspec path: "../"
diff --git a/gemfiles/rails_5.0_stable.gemfile b/gemfiles/rails_5.0_stable.gemfile
@@ -2,7 +2,14 @@
 
 source "https://rubygems.org"
 
-gem "omniauth"
 gem "rails", "~> 5.0.0"
 
+group :active_record do
+  gem "sqlite3", "~> 1.3.0"
+end
+
+group :mongoid do
+  gem "mongoid", "~> 6.0"
+end
+
 gemspec path: "../"
diff --git a/gemfiles/rails_5.1_stable.gemfile b/gemfiles/rails_5.1_stable.gemfile
@@ -2,7 +2,14 @@
 
 source "https://rubygems.org"
 
-gem "omniauth"
 gem "rails", "~> 5.1.0"
 
+group :active_record do
+  gem "sqlite3", "~> 1.3.0"
+end
+
+group :mongoid do
+  gem "mongoid", "~> 6.0"
+end
+
 gemspec path: "../"
diff --git a/gemfiles/rails_5.2_stable.gemfile b/gemfiles/rails_5.2_stable.gemfile
@@ -2,7 +2,14 @@
 
 source "https://rubygems.org"
 
-gem "omniauth"
 gem "rails", "~> 5.2.0"
 
+group :active_record do
+  gem "sqlite3", "~> 1.3.0"
+end
+
+group :mongoid do
+  gem "mongoid", "~> 6.0"
+end
+
 gemspec path: "../"
-Original file line number
+Diff line change
@@ Expand Up / @@ -40,3 +40,4 @@ Gemfile.lock @@
     *.lock
     bin/*
     .yardoc
+    .idea