Sha256: 70199dbe12fdff7af5db6b889e5c5b77a886ba30215a11f8cf63b50e2b15a34c
Contents?: true
Size: 1.19 KB
Versions: 35
Compression:
Stored size: 1.19 KB
Contents
= Require password confirmation for certain actions
You might want to require the user to enter their password before accessing
sensitive sections of the app. This functionality is provided by the confirm
password feature, which accompanied with the password grace period feature will
remember the entered password for a period of time:
plugin :rodauth do
enable :confirm_password, :password_grace_period
# Remember the password for 1 hour
password_grace_period 60*60
end
route do |r|
r.rodauth
r.is 'some-action' do
# Require password authentication if the password has not been
# input recently.
rodauth.require_password_authentication
# ...
end
end
You can also do this for Rodauth actions that normally require a password.
Which essentially moves the password confirmation into a separate step, as
Rodauth's behavior with the password grace period feature is to ask for the
password on the same form.
plugin :rodauth do
enable :confirm_password, :password_grace_period, :change_login, :change_password
before_change_login_route { require_password_authentication }
before_change_password_route { require_password_authentication }
end
Version data entries
35 entries across 35 versions & 1 rubygems