Sha256: 70199dbe12fdff7af5db6b889e5c5b77a886ba30215a11f8cf63b50e2b15a34c

Contents?: true

Size: 1.19 KB

Versions: 35

Compression:

Stored size: 1.19 KB

Contents

= Require password confirmation for certain actions

You might want to require the user to enter their password before accessing
sensitive sections of the app. This functionality is provided by the confirm
password feature, which accompanied with the password grace period feature will
remember the entered password for a period of time:

  plugin :rodauth do
    enable :confirm_password, :password_grace_period

    # Remember the password for 1 hour
    password_grace_period 60*60
  end

  route do |r|
    r.rodauth

    r.is 'some-action' do
      # Require password authentication if the password has not been
      # input recently.
      rodauth.require_password_authentication

      # ...
    end
  end

You can also do this for Rodauth actions that normally require a password.
Which essentially moves the password confirmation into a separate step, as
Rodauth's behavior with the password grace period feature is to ask for the
password on the same form.

  plugin :rodauth do
    enable :confirm_password, :password_grace_period, :change_login, :change_password

    before_change_login_route    { require_password_authentication }
    before_change_password_route { require_password_authentication }
  end

Version data entries

35 entries across 35 versions & 1 rubygems

Version Path
rodauth-2.16.0 doc/guides/password_confirmation.rdoc
rodauth-2.15.0 doc/guides/password_confirmation.rdoc
rodauth-2.14.0 doc/guides/password_confirmation.rdoc
rodauth-2.13.0 doc/guides/password_confirmation.rdoc
rodauth-2.12.0 doc/guides/password_confirmation.rdoc
rodauth-2.11.0 doc/guides/password_confirmation.rdoc
rodauth-2.10.0 doc/guides/password_confirmation.rdoc
rodauth-2.9.0 doc/guides/password_confirmation.rdoc
rodauth-2.8.0 doc/guides/password_confirmation.rdoc
rodauth-2.7.0 doc/guides/password_confirmation.rdoc
rodauth-2.6.0 doc/guides/password_confirmation.rdoc
rodauth-2.5.0 doc/guides/password_confirmation.rdoc
rodauth-2.4.0 doc/guides/password_confirmation.rdoc
rodauth-2.3.0 doc/guides/password_confirmation.rdoc
rodauth-2.2.0 doc/guides/password_confirmation.rdoc