Produced by Araxis Merge on 12/14/2017 1:27:58 PM Eastern Standard Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | CUI-CPP-v2.3.2-source.zip\config\initializers | devise.rb | Mon Nov 20 23:19:07 2017 UTC |
| 2 | CUI-CPP-v2.3.2-source.zip\config\initializers | devise.rb | Thu Dec 14 14:59:29 2017 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 2 | 560 |
| Changed | 1 | 2 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | # Use this hook to c onfigure d evise mail er, warden hooks and so forth. | |
| 2 | # Many of these conf iguration options ca n be set s traight in your mode l. | |
| 3 | Devise.set up do |con fig| | |
| 4 | # The se cret key u sed by Dev ise. Devis e uses thi s key to g enerate | |
| 5 | # random tokens. C hanging th is key wil l render i nvalid all existing | |
| 6 | # confir mation, re set passwo rd and unl ock tokens in the da tabase. | |
| 7 | # config .secret_ke y = '9e4d4 f2cb0b64a8 0959c006db bb95336b1e 44168cd5c6 cffc858d64 66d8e61717 c9d0124566 d7e28f2c8e 0fb752902b 557d2322f5 fb74c9af1e 0c090fd8bf b56' | |
| 8 | ||
| 9 | config.s ecret_key = 'AI' | |
| 10 | ||
| 11 | config.o mniauth :s aml, | |
| 12 | as sertion_co nsumer_ser vice_url: ENV["CALLB ACK_URL"], | |
| 13 | is suer: ENV[ "ISSUER"], | |
| 14 | id p_sso_targ et_url: EN V["IDP_TAR GET_URL"], | |
| 15 | id p_cert_fin gerprint: ENV["IDP_C ERT_FINGER PRINT"], | |
| 16 | na me_identif ier_format : ENV["NAM E_IDENTIFI ER_FORMAT" ], | |
| 17 | ce rtificate: ENV["CERT IFICATE"], | |
| 18 | pr ivate_key: ENV["PRIV ATE_KEY"], | |
| 19 | ||
| 20 | ||
| 21 | se curity: { | |
| 22 | authn_re quests_sig ned: true, | |
| 23 | logout_r equests_si gned: true , | |
| 24 | logout_r esponses_s igned: tru e, | |
| 25 | metadata _signed: t rue, | |
| 26 | digest_m ethod: XML Security:: Document:: SHA256, | |
| 27 | signatur e_method: XMLSecurit y::Documen t::RSA_SHA 256, | |
| 28 | embed_si gn: false | |
| 29 | } | |
| 30 | ||
| 31 | # ==> Ma iler Confi guration | |
| 32 | # Config ure the e- mail addre ss which w ill be sho wn in Devi se::Mailer , | |
| 33 | # note t hat it wil l be overw ritten if you use yo ur own mai ler class | |
| 34 | # with d efault "fr om" parame ter. | |
| 35 | config.m ailer_send er = 'plea se-change- me-at-conf ig-initial izers-devi se@example .com' | |
| 36 | ||
| 37 | # Config ure the cl ass respon sible to s end e-mail s. | |
| 38 | # config .mailer = 'Devise::M ailer' | |
| 39 | ||
| 40 | # ==> OR M configur ation | |
| 41 | # Load a nd configu re the ORM . Supports :active_r ecord (def ault) and | |
| 42 | # :mongo id (bson_e xt recomme nded) by d efault. Ot her ORMs m ay be | |
| 43 | # availa ble as add itional ge ms. | |
| 44 | require 'devise/or m/active_r ecord' | |
| 45 | ||
| 46 | # ==> Co nfiguratio n for any authentica tion mecha nism | |
| 47 | # Config ure which keys are u sed when a uthenticat ing a user . The defa ult is | |
| 48 | # just : email. You can confi gure it to use [:use rname, :su bdomain], so for | |
| 49 | # authen ticating a user, bot h paramete rs are req uired. Rem ember that those | |
| 50 | # parame ters are u sed only w hen authen ticating a nd not whe n retrievi ng from | |
| 51 | # sessio n. If you need permi ssions, yo u should i mplement t hat in a b efore filt er. | |
| 52 | # You ca n also sup ply a hash where the value is a boolean determinin g whether | |
| 53 | # or not authentic ation shou ld be abor ted when t he value i s not pres ent. | |
| 54 | # config .authentic ation_keys = [ :emai l ] | |
| 55 | ||
| 56 | # Config ure parame ters from the reques t object u sed for au thenticati on. Each e ntry | |
| 57 | # given should be a request method and it will a utomatical ly be pass ed to the | |
| 58 | # find_f or_authent ication me thod and c onsidered in your mo del lookup . For inst ance, | |
| 59 | # if you set :requ est_keys t o [:subdom ain], :sub domain wil l be used on authent ication. | |
| 60 | # The sa me conside rations me ntioned fo r authenti cation_key s also app ly to requ est_keys. | |
| 61 | # config .request_k eys = [] | |
| 62 | ||
| 63 | # Config ure which authentica tion keys should be case-insen sitive. | |
| 64 | # These keys will be downcas ed upon cr eating or modifying a user and when used | |
| 65 | # to aut henticate or find a user. Defa ult is :em ail. | |
| 66 | config.c ase_insens itive_keys = [ :emai l ] | |
| 67 | ||
| 68 | ||
| 69 | # Config ure which authentica tion keys should hav e whitespa ce strippe d. | |
| 70 | # These keys will have white space befo re and aft er removed upon crea ting or | |
| 71 | # modify ing a user and when used to au thenticate or find a user. Def ault is :e mail. | |
| 72 | config.s trip_white space_keys = [ :emai l ] | |
| 73 | ||
| 74 | # Tell i f authenti cation thr ough reque st.params is enabled . True by default. | |
| 75 | # It can be set to an array that will enable par ams authen tication o nly for th e | |
| 76 | # given strategies , for exam ple, `conf ig.params_ authentica table = [: database]` will | |
| 77 | # enable it only f or databas e (email + password) authentic ation. | |
| 78 | # config .params_au thenticata ble = true | |
| 79 | ||
| 80 | # Tell i f authenti cation thr ough HTTP Auth is en abled. Fal se by defa ult. | |
| 81 | # It can be set to an array that will enable htt p authenti cation onl y for the | |
| 82 | # given strategies , for exam ple, `conf ig.http_au thenticata ble = [:da tabase]` w ill | |
| 83 | # enable it only f or databas e authenti cation. Th e supporte d strategi es are: | |
| 84 | # :datab ase = Support b asic authe ntication with authe ntication key + pass word | |
| 85 | # config .http_auth enticatabl e = false | |
| 86 | ||
| 87 | # If htt p headers should be returned f or AJAX re quests. Tr ue by defa ult. | |
| 88 | # config .http_auth enticatabl e_on_xhr = true | |
| 89 | ||
| 90 | # The re alm used i n Http Bas ic Authent ication. ' Applicatio n' by defa ult. | |
| 91 | # config .http_auth entication _realm = ' Applicatio n' | |
| 92 | ||
| 93 | # It wil l change c onfirmatio n, passwor d recovery and other workflows | |
| 94 | # to beh ave the sa me regardl ess if the e-mail pr ovided was right or wrong. | |
| 95 | # Does n ot affect registerab le. | |
| 96 | # config .paranoid = true | |
| 97 | ||
| 98 | # By def ault Devis e will sto re the use r in sessi on. You ca n skip sto rage for | |
| 99 | # partic ular strat egies by s etting thi s option. | |
| 100 | # Notice that if y ou are ski pping stor age for al l authenti cation pat hs, you | |
| 101 | # may wa nt to disa ble genera ting route s to Devis e's sessio ns control ler by | |
| 102 | # passin g skip: :s essions to `devise_f or` in you r config/r outes.rb | |
| 103 | config.s kip_sessio n_storage = [:http_a uth] | |
| 104 | ||
| 105 | # By def ault, Devi se cleans up the CSR F token on authentic ation to | |
| 106 | # avoid CSRF token fixation attacks. T his means that, when using AJA X | |
| 107 | # reques ts for sig n in and s ign up, yo u need to get a new CSRF token | |
| 108 | # from t he server. You can d isable thi s option a t your own risk. | |
| 109 | # config .clean_up_ csrf_token _on_authen tication = true | |
| 110 | ||
| 111 | # ==> Co nfiguratio n for :dat abase_auth enticatabl e | |
| 112 | # For bc rypt, this is the co st for has hing the p assword an d defaults to 10. If | |
| 113 | # using other encr yptors, it sets how many times you want the passwo rd re-encr ypted. | |
| 114 | # | |
| 115 | # Limiti ng the str etches to just one i n testing will incre ase the pe rformance of | |
| 116 | # your t est suite dramatical ly. Howeve r, it is S TRONGLY RE COMMENDED to not use | |
| 117 | # a valu e less tha n 10 in ot her enviro nments. No te that, f or bcrypt (the defau lt | |
| 118 | # encryp tor), the cost incre ases expon entially w ith the nu mber of st retches (e .g. | |
| 119 | # a valu e of 20 is already e xtremely s low: appro x. 60 seco nds for 1 calculatio n). | |
| 120 | config.s tretches = Rails.env .test? ? 1 : 10 | |
| 121 | ||
| 122 | # Setup a pepper t o generate the encry pted passw ord. | |
| 123 | # config .pepper = 'c943fbab2 053dc9ab4f 388381365f a741f65004 3757a57755 c02e9c3165 c83ad9dba8 f6f566af1a 41335bb5f0 800adf7700 38a9c0b854 8d15603c4a 166ffce5a' | |
| 124 | ||
| 125 | # ==> Co nfiguratio n for :con firmable | |
| 126 | # A peri od that th e user is allowed to access th e website even witho ut | |
| 127 | # confir ming their account. For instan ce, if set to 2.days , the user will be | |
| 128 | # able t o access t he website for two d ays withou t confirmi ng their a ccount, | |
| 129 | # access will be b locked jus t in the t hird day. Default is 0.days, m eaning | |
| 130 | # the us er cannot access the website w ithout con firming th eir accoun t. | |
| 131 | # config .allow_unc onfirmed_a ccess_for = 2.days | |
| 132 | ||
| 133 | # A peri od that th e user is allowed to confirm t heir accou nt before their | |
| 134 | # token becomes in valid. For example, if set to 3.days, th e user can confirm | |
| 135 | # their account wi thin 3 day s after th e mail was sent, but on the fo urth day | |
| 136 | # their account ca n't be con firmed wit h the toke n any more . | |
| 137 | # Defaul t is nil, meaning th ere is no restrictio n on how l ong a user can take | |
| 138 | # before confirmin g their ac count. | |
| 139 | # config .confirm_w ithin = 3. days | |
| 140 | ||
| 141 | # If tru e, require s any emai l changes to be conf irmed (exa ctly the s ame way as | |
| 142 | # initia l account confirmati on) to be applied. R equires ad ditional u nconfirmed _email | |
| 143 | # db fie ld (see mi grations). Until con firmed, ne w email is stored in | |
| 144 | # unconf irmed_emai l column, and copied to email column on successful confirmat ion. | |
| 145 | config.r econfirmab le = true | |
| 146 | ||
| 147 | # Define s which ke y will be used when confirming an accoun t | |
| 148 | # config .confirmat ion_keys = [ :email ] | |
| 149 | ||
| 150 | # ==> Co nfiguratio n for :rem emberable | |
| 151 | # The ti me the use r will be remembered without a sking for credential s again. | |
| 152 | # config .remember_ for = 2.we eks | |
| 153 | ||
| 154 | # Invali dates all the rememb er me toke ns when th e user sig ns out. | |
| 155 | config.e xpire_all_ remember_m e_on_sign_ out = true | |
| 156 | ||
| 157 | # If tru e, extends the user' s remember period wh en remembe red via co okie. | |
| 158 | # config .extend_re member_per iod = fals e | |
| 159 | ||
| 160 | # Option s to be pa ssed to th e created cookie. Fo r instance , you can set | |
| 161 | # secure : true in order to f orce SSL o nly cookie s. | |
| 162 | # config .remembera ble_option s = {} | |
| 163 | ||
| 164 | # ==> Co nfiguratio n for :val idatable | |
| 165 | # Range for passwo rd length. | |
| 166 | config.p assword_le ngth = 12. .128 | |
| 167 | ||
| 168 | # Email regex used to valida te email f ormats. It simply as serts that | |
| 169 | # one (a nd only on e) @ exist s in the g iven strin g. This is mainly | |
| 170 | # to giv e user fee dback and not to ass ert the e- mail valid ity. | |
| 171 | # config .email_reg exp = /\A[ ^@]+@[^@]+ \z/ | |
| 172 | ||
| 173 | # ==> Co nfiguratio n for :tim eoutable | |
| 174 | # The ti me you wan t to timeo ut the use r session without ac tivity. Af ter this | |
| 175 | # time t he user wi ll be aske d for cred entials ag ain. Defau lt is 30 m inutes. | |
| 176 | config.t imeout_in = 30.minut es | |
| 177 | ||
| 178 | # If tru e, expires auth toke n on sessi on timeout . | |
| 179 | # config .expire_au th_token_o n_timeout = false | |
| 180 | ||
| 181 | # ==> Co nfiguratio n for :loc kable | |
| 182 | # Define s which st rategy wil l be used to lock an account. | |
| 183 | # :faile d_attempts = Locks a n account after a nu mber of fa iled attem pts to sig n in. | |
| 184 | # :none = No lock strategy. You shoul d handle l ocking by yourself. | |
| 185 | config.l ock_strate gy = :fail ed_attempt s | |
| 186 | ||
| 187 | # Define s which ke y will be used when locking an d unlockin g an accou nt | |
| 188 | config.u nlock_keys = [ :emai l ] | |
| 189 | ||
| 190 | # Define s which st rategy wil l be used to unlock an account . | |
| 191 | # :email = Sends a n unlock l ink to the user emai l | |
| 192 | # :time = Re-enab les login after a ce rtain amou nt of time (see :unl ock_in bel ow) | |
| 193 | # :both = Enables both stra tegies | |
| 194 | # :none = No unlo ck strateg y. You sho uld handle unlocking by yourse lf. | |
| 195 | config.u nlock_stra tegy = :em ail | |
| 196 | ||
| 197 | # Number of authen tication t ries befor e locking an account if lock_s trategy | |
| 198 | # is fai led attemp ts. | |
| 199 | config.m aximum_att empts = 5 | |
| 200 | ||
| 201 | # Time i nterval to unlock th e account if :time i s enabled as unlock_ strategy. | |
| 202 | # config .unlock_in = 1.hour | |
| 203 | ||
| 204 | # Warn o n the last attempt b efore the account is locked. | |
| 205 | config.l ast_attemp t_warning = true | |
| 206 | ||
| 207 | # ==> Co nfiguratio n for :rec overable | |
| 208 | # | |
| 209 | # Define s which ke y will be used when recovering the passw ord for an account | |
| 210 | # config .reset_pas sword_keys = [ :emai l ] | |
| 211 | ||
| 212 | # Time i nterval yo u can rese t your pas sword with a reset p assword ke y. | |
| 213 | # Don't put a too small inte rval or yo ur users w on't have the time t o | |
| 214 | # change their pas swords. | |
| 215 | config.r eset_passw ord_within = 6.hours | |
| 216 | ||
| 217 | # ==> Co nfiguratio n for :enc ryptable | |
| 218 | # Allow you to use another e ncryption algorithm besides bc rypt (defa ult). You can use | |
| 219 | # :authl ogic_sha51 2 (then yo u should s et stretch es above t o 20 for d efault beh avior) | |
| 220 | # and :r estful_aut henticatio n_sha1 (th en you sho uld set st retches to 10, and c opy | |
| 221 | # REST_A UTH_SITE_K EY to pepp er). | |
| 222 | # | |
| 223 | # Requir e the `dev ise-encryp table` gem when usin g anything other tha n bcrypt | |
| 224 | # config .encryptor = :sha512 | |
| 225 | ||
| 226 | # ==> Sc opes confi guration | |
| 227 | # Turn s coped view s on. Befo re renderi ng "sessio ns/new", i t will fir st check f or | |
| 228 | # "users /sessions/ new". It's turned of f by defau lt because it's slow er if you | |
| 229 | # are us ing only d efault vie ws. | |
| 230 | # config .scoped_vi ews = fals e | |
| 231 | ||
| 232 | # Config ure the de fault scop e given to Warden. B y default it's the f irst | |
| 233 | # devise role decl ared in yo ur routes (usually : user). | |
| 234 | # config .default_s cope = :us er | |
| 235 | ||
| 236 | # Set th is configu ration to false if y ou want /u sers/sign_ out to sig n out | |
| 237 | # only t he current scope. By default, Devise sig ns out all scopes. | |
| 238 | # config .sign_out_ all_scopes = true | |
| 239 | ||
| 240 | # ==> Na vigation c onfigurati on | |
| 241 | # Lists the format s that sho uld be tre ated as na vigational . Formats like | |
| 242 | # :html, should re direct to the sign i n page whe n the user does not have | |
| 243 | # access , but form ats like : xml or :js on, should return 40 1. | |
| 244 | # | |
| 245 | # If you have any extra navi gational f ormats, li ke :iphone or :mobil e, you | |
| 246 | # should add them to the nav igational formats li sts. | |
| 247 | # | |
| 248 | # The "* /*" below is require d to match Internet Explorer r equests. | |
| 249 | # config .navigatio nal_format s = ['*/*' , :html] | |
| 250 | ||
| 251 | # The de fault HTTP method us ed to sign out a res ource. Def ault is :d elete. | |
| 252 | config.s ign_out_vi a = :delet e | |
| 253 | ||
| 254 | # ==> Om niAuth | |
| 255 | # Add a new OmniAu th provide r. Check t he wiki fo r more inf ormation o n setting | |
| 256 | # up on your model s and hook s. | |
| 257 | # config .omniauth :github, ' APP_ID', ' APP_SECRET ', scope: 'user,publ ic_repo' | |
| 258 | ||
| 259 | # ==> Wa rden confi guration | |
| 260 | # If you want to u se other s trategies, that are not suppor ted by Dev ise, or | |
| 261 | # change the failu re app, yo u can conf igure them inside th e config.w arden bloc k. | |
| 262 | # | |
| 263 | # config .warden do |manager| | |
| 264 | # mana ger.interc ept_401 = false | |
| 265 | # mana ger.defaul t_strategi es(scope: :user).uns hift :some _external_ strategy | |
| 266 | # end | |
| 267 | ||
| 268 | # ==> Mo untable en gine confi gurations | |
| 269 | # When u sing Devis e inside a n engine, let's call it `MyEng ine`, and this engin e | |
| 270 | # is mou ntable, th ere are so me extra c onfigurati ons to be taken into account. | |
| 271 | # The fo llowing op tions are available, assuming the engine is mounte d as: | |
| 272 | # | |
| 273 | # mo unt MyEngi ne, at: '/ my_engine' | |
| 274 | # | |
| 275 | # The ro uter that invoked `d evise_for` , in the e xample abo ve, would be: | |
| 276 | # config .router_na me = :my_e ngine | |
| 277 | # | |
| 278 | # When u sing omnia uth, Devis e cannot a utomatical ly set Omn iauth path , | |
| 279 | # so you need to d o it manua lly. For t he users s cope, it w ould be: | |
| 280 | # config .omniauth_ path_prefi x = '/my_e ngine/user s/auth' | |
| 281 | end |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.