mlen / sequel_secure_password Goto Github PK
View Code? Open in Web Editor NEWPlugin that adds BCrypt authentication and password hashing to Sequel models.
Home Page: http://mlen.pl/sequel_secure_password/
License: MIT License
Plugin that adds BCrypt authentication and password hashing to Sequel models.
Home Page: http://mlen.pl/sequel_secure_password/
License: MIT License
Have you considered an option to not trigger password confirmation validation if no 'password_confirmation' is set?
RubyGems.org doesn't report a license for your gem. This is because it is not specified in the gemspec of your last release.
via e.g.
spec.license = 'MIT'
# or
spec.licenses = ['MIT', 'GPL-2']
Including a license in your gemspec is an easy way for rubygems.org and other tools to check how your gem is licensed. As you can imagine, scanning your repository for a LICENSE file or parsing the README, and then attempting to identify the license or licenses is much more difficult and more error prone. So, even for projects that already specify a license, including a license in your gemspec is a good practice. See, for example, how rubygems.org uses the gemspec to display the rails gem license.
There is even a License Finder gem to help companies/individuals ensure all gems they use meet their licensing needs. This tool depends on license information being available in the gemspec. This is an important enough issue that even Bundler now generates gems with a default 'MIT' license.
I hope you'll consider specifying a license in your gemspec. If not, please just close the issue with a nice message. In either case, I'll follow up. Thanks for your time!
Appendix:
If you need help choosing a license (sorry, I haven't checked your readme or looked for a license file), GitHub has created a license picker tool. Code without a license specified defaults to 'All rights reserved'-- denying others all rights to use of the code.
Here's a list of the license names I've found and their frequencies
p.s. In case you're wondering how I found you and why I made this issue, it's because I'm collecting stats on gems (I was originally looking for download data) and decided to collect license metadata,too, and make issues for gemspecs not specifying a license as a public service :). See the previous link or my blog post about this project for more information.
Can't use this with sequel 5.0?
Do you plan some update in order to compatibility with latest version of Sequel?
Hi,
in the validation, the following line checks if the password_digest is blank.
errors.add :password_digest, 'is not present' if blank? password_digest
Shouldn't the errror be attached to the :password
, rather than the :password_digest
attribute?
can you please relax the version to something like sequel-rails uses:
s.add_runtime_dependency "sequel", [">= 3.28", "< 5.0"]
Sequel 4.1.0 is out (fixes a crucial bug for me) and I cannot use it with this gem due to your version requirement.
Thanks!
/lib/sequel_secure_password mixes in an instance method named blank?
.
It's marked private. Is there a good reason for this?
I'm trying to integrate this with some Rails code that regularly calls blank? on model objects to avoid nils, and this of course fails for any model that includes this plugin. Your thoughts?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.