Home > Enterprise >  How to change the maximum number of records stored in old_passwords in Devise
How to change the maximum number of records stored in old_passwords in Devise

Time:12-11

Want to achieve

Ruby 2.6.5
Ruby on Rails 6.0.3

I am creating an application in Ruby on Rails.
I am also using devise to build the login relationship.

Currently, when a password is changed, the password and user_id before the change are inserted into the old_passwords table as a record.
If the password is changed more than 10 times, the old_passwords table will be deleted from the old one.

How do I keep track of up to 24 changes?

I would be grateful for your wisdom.

What I tried

config/initializers/devise-security.rb

Devise.setup do |config|
・・・
  config.password_archiving_count = 24
・・・
end

Even after changing it this way, it was only saved 10 times.

Installation status of devise

Gemfile.lock

    devise (4.7.1)
      bcrypt (~> 3.0)
      orm_adapter (~> 0.1)
      railties (>= 4.1.0)
      responders
      warden (~> 1.2.3)
    devise-security (0.14.3)
      devise (>= 4.3.0, < 5.0)
      rails (>= 4.2.0, < 7.0)
    devise-two-factor (3.1.0)
      activesupport (< 6.1)
      attr_encrypted (>= 1.3, < 4, != 2)
      devise (~> 4.0)
      railties (< 6.1)
      rotp (~> 2.0)
    devise_token_auth (1.1.3)
      bcrypt (~> 3.0)
      devise (> 3.5.2, < 5)
      rails (>= 4.2.0, < 6.1)

CodePudding user response:

Please check whether the devise_security_extension has installed or not.

https://github.com/kmohanraj/devise-password-archivable

CodePudding user response:

config/initializers/devise-security.rb

config.deny_old_passwords = 24

I was able to do this by changing the value to 24 as well.

  • Related