Open TylerRick opened 4 years ago
TylerRick
commented
4 years ago It would be nice if we could simply call it Devise::PwnedPassword.enabled, but using top-level Devise config, Devise.pwned_password_check_enabled, seemed to be the most consistent with what this gem is already doing.
ndbroadbent
commented
4 years ago Amazing, I was just looking for this!
I have some specific feature specs and VCR recordings that test that devise-pwned_password is working properly, but I only want to selectively enable it for these tests. The with_pwned_password_check test helper is also super awesome, so thanks for including that!
I will use your fork for now and try it out.
UPDATE: This works perfectly! Thanks for your work!
ndbroadbent
commented
3 years ago @michaelbanfield Sorry to bother you! But I'm just going through my Gemfile and looking at different forks I'm using, and I'm still using @TylerRick's branch for this PR. I was wondering if it might be possible to merge this and release a new version of the gem?
If you are no longer maintaining the gem, then I'd be happy to take over maintenance and releasing new versions, since my company is using it (https://github.com/docspring).
ndbroadbent
commented
1 year ago Update: We're still using this fork and would be keen to see support for this in the official release. But no worries if not!
erikbrannstrom
commented
3 months ago We also have cases where we are currently doing some less-than-elegant workarounds. For example, when seeding data, we skip all validations when creating users to avoid errors (since seed passwords tend to be pretty basic), and in our test suite we are using webmock to stub requests to the API, since we can't disable it completely due to some tests that verify the password validation process.
Let me know if there's anything I can do to help get this improvement released! We really appreciate your work on this gem @michaelbanfield! 🙏
Resolves #30
(Also resolves/supersedes #27)
Currently based on #29 but could be rebased.