-
Notifications
You must be signed in to change notification settings - Fork 227
Changelog
NoamB edited this page Feb 6, 2011
·
32 revisions
TODO
TODO
Fixed bug with BCrypt not being used properly by the lib and thus not working for authentication.
TODO
- login/logout, optional redirect on login to where the user tried to reach before, configurable redirect for non-logged-in users.
- password encryption, algorithms: bcrypt(default), md5, sha1, sha256, sha512, aes256, custom(yours!), none. Configurable stretches and salt.
- configurable attribute names for username, password and email.
- User activation by email with optional success email.
- configurable attribute names.
- configurable mailer.
- Optionally prevent active users to login.
- Reset password with email verification.
- configurable mailer, method name, and attribute name.
- Remember me with configurable expiration.
- configurable attribute names.
- Configurable session timeout.
- Optionally session timeout will be calculated from last user action.
- Brute force login hammering protection.
- configurable logins before ban, logins within time period before ban, ban time and ban action.
Meta
Using Sorcery
- Activity Logging
- Brute Force Protection
- DataMapper Support
- DelayedJob Integration
- Distinguish login failure reasons
- External
- External---Microsoft-Graph-authentication
- Fetching Currently Active Users
- HTTP Basic Auth
- Integration Testing
- OAuth Landing Page
- Password-less Activation
- Remember Me
- Reset Password
- Routes Constraints
- Session Timeout
- Simple Password Authentication
- Single Table Inheritance Support
- Testing Rails
- User Activation
Contributing to Sorcery