active_model-password_reset 1.0.5 → 1.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 455a1aa149c191af50e7aaf62a00ef3a907abf59
-  data.tar.gz: 1decd2207085c7804abc09f2eb01ca6e5be80f78
+  metadata.gz: fe553d4c6afbf0ce502eb50105ecc91493dd6c24
+  data.tar.gz: 599ef0754af598a6aab1087b0057c2dc409cd992
 SHA512:
-  metadata.gz: f8486978442fe76b46c2fbe71a8a9a0399c2d14858425e94ffd88281b71d673fce00e50c4044da196ea9f89ca04676e4b84223753ca22d34eebbf97b71208a3a
-  data.tar.gz: ad1b87d403b2a60cbce493a93b5ca0688233bf1b34f1d50046d95e90ed77101354580c31537e83a409d076f8e0294c235ad39f1ecfc88b3d312e847e06a53189
+  metadata.gz: 0cca77633cf6b5575f7460a033f3460dd2414b2cd6969e22967da7b66f560d1704811155de33903f6a9168ad5ebc3a07532bb9efb099556999fea7fd0837f595
+  data.tar.gz: ec47d803fff9273edacbbc3bc6ebb1106d85337d8ada551bcd1fe9e39beab4fb2849b6c5e309456812eaf36b2b7fd26adaf03cecb6c502bb985836805d2ba121

data/lib/active_model/password_reset.rb

@@ -25,11 +25,11 @@ module ActiveModel
       email = user.email
       digest = Digest::MD5.digest(user.password_digest)
       expires_at = Time.now.to_i + EXPIRATION_TIME
-      MessageVerifier.generate([email, digest, expires_at])
+      self.class.generate_token([email, digest, expires_at])
     end
 
     def self.find(token)
-      email, digest, expires_at = MessageVerifier.verify(token)
+      email, digest, expires_at = verify_token(token)
       raise TokenExpired if Time.now.to_i > expires_at.to_i
       new(email: email).tap do |password_reset|
         raise EmailInvalid if password_reset.invalid?
@@ -39,6 +39,20 @@ module ActiveModel
 
     private
 
+    def self.message_verifier
+      Rails.application.message_verifier("password reset salt")
+    end
+
+    def self.generate_token(*args)
+      Base64.urlsafe_encode64(message_verifier.generate(*args))
+    end
+
+    def self.verify_token(string)
+      message_verifier.verify(Base64.urlsafe_decode64(string))
+    rescue ActiveSupport::MessageVerifier::InvalidSignature, ArgumentError
+      raise TokenInvalid
+    end
+
     def digest
       Digest::MD5.digest(user.password_digest)
     end

data/lib/active_model/password_reset/version.rb

@@ -1,5 +1,5 @@
 module ActiveModel
   class PasswordReset
-    VERSION = "1.0.5"
+    VERSION = "1.0.6"
   end
 end

data/test/password_reset_test.rb

@@ -19,6 +19,14 @@ class User
   end
 end
 
+module ActiveModel
+  def PasswordReset.message_verifier
+    key_generator = ActiveSupport::KeyGenerator.new("12345678901234567890123456789012345678901234567890123456789012345678901234567890", iterations: 1000)
+    secret = key_generator.generate_key("password reset salt")
+    ActiveSupport::MessageVerifier.new(secret)
+  end
+end
+
 class PasswordResetTest < Test::Unit::TestCase
   include ActiveModel::Lint::Tests
 
@@ -50,7 +58,7 @@ class PasswordResetTest < Test::Unit::TestCase
   end
 
   def test_find_raises_exception_with_invalid_email
-    token = ActiveModel::PasswordReset::MessageVerifier.generate(["invalid@example.com", Digest::MD5.digest("alicedigest"), Time.now.to_i + 3600])
+    token = ActiveModel::PasswordReset.generate_token(["invalid@example.com", Digest::MD5.digest("alicedigest"), Time.now.to_i + 3600])
     assert_raises(ActiveModel::PasswordReset::EmailInvalid) { ActiveModel::PasswordReset.find(token) }
   end
 
@@ -63,12 +71,12 @@ class PasswordResetTest < Test::Unit::TestCase
   end
 
   def test_find_raises_exception_with_expired_token
-    token = ActiveModel::PasswordReset::MessageVerifier.generate(["alice@example.com", Digest::MD5.digest("alicedigest"), Time.now.to_i - 3600])
+    token = ActiveModel::PasswordReset.generate_token(["alice@example.com", Digest::MD5.digest("alicedigest"), Time.now.to_i - 3600])
     assert_raises(ActiveModel::PasswordReset::TokenExpired) { ActiveModel::PasswordReset.find(token) }
   end
 
   def test_find_raises_exception_with_changed_password
-    token = ActiveModel::PasswordReset::MessageVerifier.generate(["alice@example.com", Digest::MD5.digest("anotheralicedigest"), Time.now.to_i + 3600])
+    token = ActiveModel::PasswordReset.generate_token(["alice@example.com", Digest::MD5.digest("anotheralicedigest"), Time.now.to_i + 3600])
     assert_raises(ActiveModel::PasswordReset::PasswordChanged) { ActiveModel::PasswordReset.find(token) }
   end
 end

data/test/test_helper.rb

@@ -1,9 +1,3 @@
 require "test/unit"
 require "active_model/password_reset"
 require "ostruct"
-
-class Rails
-  def self.application
-    OpenStruct.new(secrets: OpenStruct.new(secret_key_base: "12345678901234567890123456789012345678901234567890123456789012345678901234567890"))
-  end
-end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active_model-password_reset
 version: !ruby/object:Gem::Version
-  version: 1.0.5
+  version: 1.0.6
 platform: ruby
 authors:
 - Kuba Kuźma
@@ -67,7 +67,6 @@ files:
 - active_model-password_reset.gemspec
 - lib/active_model/password_reset.rb
 - lib/active_model/password_reset/error.rb
-- lib/active_model/password_reset/message_verifier.rb
 - lib/active_model/password_reset/version.rb
 - test/password_reset_test.rb
 - test/test_helper.rb

data/lib/active_model/password_reset/message_verifier.rb

@@ -1,31 +0,0 @@
-require "singleton"
-
-module ActiveModel
-  class PasswordReset
-    class MessageVerifier
-      include Singleton
-
-      attr_reader :message_verifier
-
-      class << self
-        def generate(object)
-          token = instance.message_verifier.generate(object)
-          Base64.urlsafe_encode64(token)
-        end
-
-        def verify(string)
-          token = Base64.urlsafe_decode64(string)
-          instance.message_verifier.verify(token)
-        rescue ActiveSupport::MessageVerifier::InvalidSignature, ArgumentError
-          raise TokenInvalid
-        end
-      end
-
-      def initialize
-        key_generator = ActiveSupport::KeyGenerator.new(Rails.application.secrets.secret_key_base, iterations: 1000)
-        secret = key_generator.generate_key("password reset salt")
-        @message_verifier = ActiveSupport::MessageVerifier.new(secret)
-      end
-    end
-  end
-end