lib/authenticate/model/brute_force.rb in authenticate-0.1.0 vs lib/authenticate/model/brute_force.rb in authenticate-0.2.0

@@ -2,12 +2,31 @@
 
 module Authenticate
   module Model
 
 
-    # Protect from brute force attacks.
-    # Lock accounts that have too many failed consecutive logins.
-    # Todo: email user to allow faster unlocking via token.
+    # Protect from brute force attacks. Lock accounts that have too many failed consecutive logins.
+    # Todo: email user to allow unlocking via a token.
+    #
+    # = Columns
+    #
+    # * failed_logins_count - each consecutive failed login increments this counter. Set back to 0 on successful login.
+    # * lock_expires_at - datetime a locked account will again become available.
+    #
+    # = Configuration
+    #
+    # * max_consecutive_bad_logins_allowed - how many failed logins are allowed?
+    # * bad_login_lockout_period - how long is the user locked out? nil indicates forever.
+    #
+    # = Methods
+    #
+    # The following methods are added to your user model:
+    # * register_failed_login! - increment failed_logins_count, lock account if in violation
+    # * lock! - lock the account, setting the lock_expires_at attribute
+    # * unlock! - reset failed_logins_count to 0, lock_expires_at to nil
+    # * locked? - is the account locked? @return[Boolean]
+    # * unlocked? - is the account unlocked? @return[Boolean]
+    #
     module BruteForce
       extend ActiveSupport::Concern
 
       def self.required_fields(klass)
         [:failed_logins_count, :lock_expires_at]