Add Password Expiration feature#535
Conversation
|
Hey @merhard, thanks for contributing to Sorcery! 💛 As we're now in process of rewriting some parts of the library, I'm not sure if this code should be part of the core gem or it should be maintained as separate plugin. Anyway, I'll review the code and let you know if I have any questions, and when we decide about the infrastructure of the future gem version, I'll let you know. |
Use SVG badges
Add Gem Version/Downloads Badges Move Gitter Badge
|
What is the status of this? This would be a great feature for enterprise apps. :) |
joshbuker
left a comment
There was a problem hiding this comment.
Rails 3 has been deprecated for the upcoming Sorcery version. Can this be updated to support Rails 4 & 5?
|
This code seems Rails agnostic and should be usable on all 3 versions (Rails 3, 4, and 5). I would be willing to update this pull request for the current Sorcery code base if there is interest |
|
Ah, I saw references to rails_3 which is what concerned me. Currently Sorcery is in the middle of transitioning to a new maintainer, so it might be a little while before the code can be fully merged in. I think this would definitely be a useful submodule however, so if you want to update the PR it would be appreciated. |
Update Badges / README.md
Slack auth
|
please resolve the conflict 👯 |
|
Please open a new PR in Sorcery/sorcery, per README this one is deprecated. |
|
Also @maysam, per updated NIST guidelines, periodic password expiration is no longer a recommended best practice. This proposed plugin/submodule should no longer be of benefit. Please see: https://pages.nist.gov/800-63-FAQ/#q-b05 |
This is code to add a submodule for easier Password Expiration, a security concern requiring app users to periodically change their password.
The submodule API adds:
Thoughts?