authlogic 3.3.0 → 3.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (43) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +3 -1
  3. data/.travis.yml +27 -0
  4. data/CONTRIBUTING.md +10 -0
  5. data/Gemfile.lock +46 -28
  6. data/History +10 -0
  7. data/README.rdoc +2 -0
  8. data/Rakefile +0 -13
  9. data/authlogic.gemspec +8 -7
  10. data/lib/authlogic/acts_as_authentic/email.rb +1 -1
  11. data/lib/authlogic/acts_as_authentic/login.rb +12 -13
  12. data/lib/authlogic/acts_as_authentic/password.rb +47 -47
  13. data/lib/authlogic/acts_as_authentic/perishable_token.rb +1 -1
  14. data/lib/authlogic/acts_as_authentic/persistence_token.rb +1 -1
  15. data/lib/authlogic/authenticates_many/base.rb +1 -1
  16. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +1 -1
  17. data/lib/authlogic/crypto_providers/bcrypt.rb +19 -18
  18. data/lib/authlogic/crypto_providers/scrypt.rb +7 -6
  19. data/lib/authlogic/regex.rb +3 -2
  20. data/lib/authlogic/session/activation.rb +5 -3
  21. data/lib/authlogic/session/active_record_trickery.rb +23 -1
  22. data/lib/authlogic/session/callbacks.rb +8 -3
  23. data/lib/authlogic/session/cookies.rb +52 -17
  24. data/lib/authlogic/session/foundation.rb +1 -9
  25. data/lib/authlogic/session/magic_columns.rb +3 -3
  26. data/lib/authlogic/session/scopes.rb +11 -4
  27. data/lib/authlogic/session/session.rb +8 -8
  28. data/lib/authlogic/test_case.rb +7 -5
  29. data/lib/authlogic/test_case/mock_cookie_jar.rb +25 -0
  30. data/lib/authlogic/test_case/mock_request.rb +2 -2
  31. data/test/acts_as_authentic_test/logged_in_status_test.rb +3 -3
  32. data/test/acts_as_authentic_test/password_test.rb +16 -7
  33. data/test/crypto_provider_test/bcrypt_test.rb +1 -9
  34. data/test/fixtures/users.yml +13 -1
  35. data/test/gemfiles/Gemfile.rails-3.2.x +5 -0
  36. data/test/gemfiles/Gemfile.rails-4.0.x +5 -0
  37. data/test/gemfiles/Gemfile.rails-4.1.x +5 -0
  38. data/test/session_test/active_record_trickery_test.rb +29 -0
  39. data/test/session_test/cookies_test.rb +26 -1
  40. data/test/session_test/session_test.rb +7 -7
  41. data/test/test_helper.rb +3 -1
  42. metadata +59 -55
  43. data/lib/authlogic/controller_adapters/rack_adapter.rb +0 -63
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 4fed624511b6b7a6b441cb6dd3147085b19ffb04
4
+ data.tar.gz: 9b7d99ff708b9f25edb9abdae86e854f19fc47e6
5
+ SHA512:
6
+ metadata.gz: 53b498bb6fd6de0e49988fac47604ec34ffe5fb2beacb2520450e512133c1e7dd4cd70c91373414baa9b6cb4d4098e01921719b8a2e1e8d00ead21a3c8d8a9e8
7
+ data.tar.gz: 158dcd58ebf39d0c24806178c709344f8b12e85b6ad58fbb67d0f12103343ce9c6b2ab2045f0a76aa8c8acb1e6c6057626f44191cee63522f8a263ca7080c487
data/.gitignore CHANGED
@@ -7,4 +7,6 @@ coverage/*
7
7
  doc/*
8
8
  benchmarks/*
9
9
  .specification
10
- .rvmrc
10
+ .rvmrc
11
+ test/gemfiles/Gemfile*.lock
12
+ .bundle
@@ -0,0 +1,27 @@
1
+ language: ruby
2
+ rvm:
3
+ - 1.8.7
4
+ - 1.9.3
5
+ - 2.0.0
6
+ - 2.1.0
7
+ - ree
8
+ - jruby
9
+
10
+ gemfile:
11
+ - test/gemfiles/Gemfile.rails-3.2.x
12
+ - test/gemfiles/Gemfile.rails-4.0.x
13
+ - test/gemfiles/Gemfile.rails-4.1.x
14
+
15
+ matrix:
16
+ exclude:
17
+ - rvm: 1.8.7
18
+ gemfile: test/gemfiles/Gemfile.rails-4.0.x
19
+ - rvm: ree
20
+ gemfile: test/gemfiles/Gemfile.rails-4.0.x
21
+ - rvm: 1.8.7
22
+ gemfile: test/gemfiles/Gemfile.rails-4.1.x
23
+ - rvm: ree
24
+ gemfile: test/gemfiles/Gemfile.rails-4.1.x
25
+ allow_failures:
26
+ - gemfile: test/gemfiles/Gemfile.rails-4.1.x
27
+ fast_finish: true
@@ -0,0 +1,10 @@
1
+
2
+ ### Testing
3
+
4
+ Tests can be ran against different versions of Rails like so:
5
+
6
+ ```
7
+ BUNDLE_GEMFILE=test/gemfiles/Gemfile.rails-3.2.x bundle install
8
+ BUNDLE_GEMFILE=test/gemfiles/Gemfile.rails-3.2.x bundle exec rake test
9
+ ```
10
+
@@ -1,43 +1,61 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authlogic (3.3.0)
4
+ authlogic (3.4.0)
5
5
  activerecord (>= 3.2)
6
6
  activesupport (>= 3.2)
7
+ request_store (~> 1.0.5)
7
8
 
8
9
  GEM
9
10
  remote: https://rubygems.org/
10
11
  specs:
11
- activemodel (3.2.13)
12
- activesupport (= 3.2.13)
13
- builder (~> 3.0.0)
14
- activerecord (3.2.13)
15
- activemodel (= 3.2.13)
16
- activesupport (= 3.2.13)
17
- arel (~> 3.0.2)
18
- tzinfo (~> 0.3.29)
19
- activesupport (3.2.13)
20
- i18n (= 0.6.1)
21
- multi_json (~> 1.0)
22
- arel (3.0.2)
23
- bcrypt-ruby (3.0.1)
24
- builder (3.0.4)
25
- i18n (0.6.1)
26
- multi_json (1.7.2)
27
- rake (10.0.4)
28
- scrypt (1.1.0)
29
- sqlite3 (1.3.7)
30
- timecop (0.6.1)
31
- tzinfo (0.3.37)
12
+ activemodel (4.0.3)
13
+ activesupport (= 4.0.3)
14
+ builder (~> 3.1.0)
15
+ activerecord (4.0.3)
16
+ activemodel (= 4.0.3)
17
+ activerecord-deprecated_finders (~> 1.0.2)
18
+ activesupport (= 4.0.3)
19
+ arel (~> 4.0.0)
20
+ activerecord-deprecated_finders (1.0.3)
21
+ activesupport (4.0.3)
22
+ i18n (~> 0.6, >= 0.6.4)
23
+ minitest (~> 4.2)
24
+ multi_json (~> 1.3)
25
+ thread_safe (~> 0.1)
26
+ tzinfo (~> 0.3.37)
27
+ arel (4.0.2)
28
+ atomic (1.1.15)
29
+ bcrypt (3.1.7)
30
+ bcrypt-ruby (3.1.5)
31
+ bcrypt (>= 3.1.3)
32
+ builder (3.1.4)
33
+ ffi (1.9.3)
34
+ ffi-compiler (0.1.3)
35
+ ffi (>= 1.0.0)
36
+ rake
37
+ i18n (0.6.9)
38
+ minitest (4.7.5)
39
+ multi_json (1.8.4)
40
+ rake (10.1.1)
41
+ request_store (1.0.5)
42
+ scrypt (1.2.0)
43
+ ffi-compiler (>= 0.0.2)
44
+ rake
45
+ sqlite3 (1.3.9)
46
+ thread_safe (0.2.0)
47
+ atomic (>= 1.1.7, < 2)
48
+ timecop (0.7.1)
49
+ tzinfo (0.3.38)
32
50
 
33
51
  PLATFORMS
34
52
  ruby
35
53
 
36
54
  DEPENDENCIES
37
55
  authlogic!
38
- bcrypt-ruby
39
- i18n
40
- rake
41
- scrypt
42
- sqlite3
43
- timecop
56
+ bcrypt-ruby (>= 3.1.5)
57
+ i18n (>= 0.6.9)
58
+ rake (>= 10.1.1)
59
+ scrypt (>= 1.2.0)
60
+ sqlite3 (>= 1.3.9)
61
+ timecop (>= 0.7.1)
data/History ADDED
@@ -0,0 +1,10 @@
1
+ == 3.4.0 2014-03-03
2
+
3
+ * new
4
+ * added cookie signing
5
+ * added request store for better concurency for threaded environments
6
+
7
+ * changes
8
+ * made SCrpyt the default crypto provider from SHA512
9
+ * ditched appraisal
10
+ * officially support rails 4 (still supporting rails 3)
@@ -162,3 +162,5 @@ Interested in how all of this all works? Think about an ActiveRecord model. A da
162
162
 
163
163
 
164
164
  Copyright (c) 2012 {Ben Johnson of Binary Logic}[http://www.binarylogic.com], released under the MIT license
165
+
166
+ {<img src="https://codeclimate.com/github/binarylogic/authlogic.png" />}[https://codeclimate.com/github/binarylogic/authlogic]
data/Rakefile CHANGED
@@ -10,17 +10,4 @@ Rake::TestTask.new(:test) do |test|
10
10
  test.verbose = true
11
11
  end
12
12
 
13
- begin
14
- require 'rcov/rcovtask'
15
- Rcov::RcovTask.new do |test|
16
- test.libs << 'test'
17
- test.pattern = 'test/**/*_test.rb'
18
- test.verbose = true
19
- end
20
- rescue LoadError
21
- task :rcov do
22
- abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
23
- end
24
- end
25
-
26
13
  task :default => :test
@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
3
3
 
4
4
  Gem::Specification.new do |s|
5
5
  s.name = "authlogic"
6
- s.version = "3.3.0"
6
+ s.version = "3.4.0"
7
7
  s.platform = Gem::Platform::RUBY
8
8
  s.authors = ["Ben Johnson"]
9
9
  s.email = ["bjohnson@binarylogic.com"]
@@ -13,12 +13,13 @@ Gem::Specification.new do |s|
13
13
 
14
14
  s.add_dependency 'activerecord', '>= 3.2'
15
15
  s.add_dependency 'activesupport', '>= 3.2'
16
- s.add_development_dependency 'rake'
17
- s.add_development_dependency 'bcrypt-ruby'
18
- s.add_development_dependency 'scrypt'
19
- s.add_development_dependency 'sqlite3'
20
- s.add_development_dependency 'timecop'
21
- s.add_development_dependency 'i18n'
16
+ s.add_dependency 'request_store', '~>1.0.5'
17
+ s.add_development_dependency 'rake', '>= 10.1.1'
18
+ s.add_development_dependency 'bcrypt-ruby', '>= 3.1.5'
19
+ s.add_development_dependency 'scrypt', '>= 1.2.0'
20
+ s.add_development_dependency 'sqlite3', '>= 1.3.9'
21
+ s.add_development_dependency 'timecop', '>= 0.7.1'
22
+ s.add_development_dependency 'i18n', '>= 0.6.9'
22
23
 
23
24
  s.files = `git ls-files`.split("\n")
24
25
  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
@@ -62,7 +62,7 @@ module Authlogic
62
62
  # merge options into it. Checkout the convenience function merge_validates_format_of_email_field_options to merge
63
63
  # options.</b>
64
64
  #
65
- # * <tt>Default:</tt> {:with => Authlogic::Regex.email, :message => Proc.new {I18n.t('error_messages.email_invalid', :default => "should look like an email address.")}}
65
+ # * <tt>Default:</tt> {:with => Authlogic::Regex.email, :message => lambda {I18n.t('error_messages.email_invalid', :default => "should look like an email address.")}}
66
66
  # * <tt>Accepts:</tt> Hash of options accepted by validates_format_of
67
67
  def validates_format_of_email_field_options(value = nil)
68
68
  rw_config(:validates_format_of_email_field_options, value, {:with => Authlogic::Regex.email, :message => Proc.new{I18n.t('error_messages.email_invalid', :default => "should look like an email address.")}})
@@ -90,19 +90,21 @@ module Authlogic
90
90
  end
91
91
 
92
92
  # This method allows you to find a record with the given login. If you notice, with Active Record you have the
93
- # UniquenessValidator class. They give you a :case_sensitive option. I handle this in the same
94
- # manner that they handle that. If you are using the login field, set false for the :case_sensitive option in
95
- # validates_uniqueness_of_login_field_options and the column doesn't have a case-insensitive collation,
96
- # this method will modify the query to look something like:
93
+ # validates_uniqueness_of validation function. They give you a :case_sensitive option. I handle this in the same
94
+ # manner that they handle that. If you are using the login field and set false for the :case_sensitive option in
95
+ # validates_uniqueness_of_login_field_options this method will modify the query to look something like:
97
96
  #
98
- # "LOWER(#{quoted_table_name}.#{login_field}) = LOWER(#{login})"
97
+ # where("LOWER(#{quoted_table_name}.#{login_field}) = ?", login.downcase).first
99
98
  #
100
- # If you don't specify this it just uses a regular case-sensitive search (with the binary modifier if necessary):
99
+ # If you don't specify this it calls the good old find_by_* method:
101
100
  #
102
- # "BINARY #{login_field} = #{login}"
101
+ # find_by_login(login)
103
102
  #
104
103
  # The above also applies for using email as your login, except that you need to set the :case_sensitive in
105
104
  # validates_uniqueness_of_email_field_options to false.
105
+ #
106
+ # The only reason I need to do the above is for Postgres and SQLite since they perform case sensitive searches with the
107
+ # find_by_* methods.
106
108
  def find_by_smart_case_login_field(login)
107
109
  if login_field
108
110
  find_with_case(login_field, login, validates_uniqueness_of_login_field_options[:case_sensitive] != false)
@@ -113,14 +115,11 @@ module Authlogic
113
115
 
114
116
  private
115
117
  def find_with_case(field, value, sensitivity = true)
116
- relation = if not sensitivity
117
- connection.case_insensitive_comparison(arel_table, field.to_s, columns_hash[field.to_s], value)
118
+ if sensitivity
119
+ send("find_by_#{field}", value)
118
120
  else
119
- value = connection.case_sensitive_modifier(value) if value
120
- relation = arel_table[field.to_s].eq(value)
121
+ where("LOWER(#{quoted_table_name}.#{field}) = ?", value.mb_chars.downcase).first
121
122
  end
122
-
123
- where(relation).first
124
123
  end
125
124
  end
126
125
 
@@ -10,7 +10,7 @@ module Authlogic
10
10
  add_acts_as_authentic_module(Methods)
11
11
  end
12
12
  end
13
-
13
+
14
14
  # All configuration for the password aspect of acts_as_authentic.
15
15
  module Config
16
16
  # The name of the crypted_password field in the database.
@@ -21,7 +21,7 @@ module Authlogic
21
21
  rw_config(:crypted_password_field, value, first_column_to_exist(nil, :crypted_password, :encrypted_password, :password_hash, :pw_hash))
22
22
  end
23
23
  alias_method :crypted_password_field=, :crypted_password_field
24
-
24
+
25
25
  # The name of the password_salt field in the database.
26
26
  #
27
27
  # * <tt>Default:</tt> :password_salt, :pw_salt, :salt, nil if none exist
@@ -30,7 +30,7 @@ module Authlogic
30
30
  rw_config(:password_salt_field, value, first_column_to_exist(nil, :password_salt, :pw_salt, :salt))
31
31
  end
32
32
  alias_method :password_salt_field=, :password_salt_field
33
-
33
+
34
34
  # Whether or not to require a password confirmation. If you don't want your users to confirm their password
35
35
  # just set this to false.
36
36
  #
@@ -40,7 +40,7 @@ module Authlogic
40
40
  rw_config(:require_password_confirmation, value, true)
41
41
  end
42
42
  alias_method :require_password_confirmation=, :require_password_confirmation
43
-
43
+
44
44
  # By default passwords are required when a record is new or the crypted_password is blank, but if both of these things
45
45
  # are met a password is not required. In this case, blank passwords are ignored.
46
46
  #
@@ -56,7 +56,7 @@ module Authlogic
56
56
  rw_config(:ignore_blank_passwords, value, true)
57
57
  end
58
58
  alias_method :ignore_blank_passwords=, :ignore_blank_passwords
59
-
59
+
60
60
  # When calling valid_password?("some pass") do you want to check that password against what's in that object or whats in
61
61
  # the database. Take this example:
62
62
  #
@@ -73,7 +73,7 @@ module Authlogic
73
73
  rw_config(:check_passwords_against_database, value, true)
74
74
  end
75
75
  alias_method :check_passwords_against_database=, :check_passwords_against_database
76
-
76
+
77
77
  # Whether or not to validate the password field.
78
78
  #
79
79
  # * <tt>Default:</tt> true
@@ -82,7 +82,7 @@ module Authlogic
82
82
  rw_config(:validate_password_field, value, true)
83
83
  end
84
84
  alias_method :validate_password_field=, :validate_password_field
85
-
85
+
86
86
  # A hash of options for the validates_length_of call for the password field. Allows you to change this however you want.
87
87
  #
88
88
  # <b>Keep in mind this is ruby. I wanted to keep this as flexible as possible, so you can completely replace the hash or
@@ -95,7 +95,7 @@ module Authlogic
95
95
  rw_config(:validates_length_of_password_field_options, value, {:minimum => 4, :if => :require_password?})
96
96
  end
97
97
  alias_method :validates_length_of_password_field_options=, :validates_length_of_password_field_options
98
-
98
+
99
99
  # A convenience function to merge options into the validates_length_of_login_field_options. So intead of:
100
100
  #
101
101
  # self.validates_length_of_password_field_options = validates_length_of_password_field_options.merge(:my_option => my_value)
@@ -106,7 +106,7 @@ module Authlogic
106
106
  def merge_validates_length_of_password_field_options(options = {})
107
107
  self.validates_length_of_password_field_options = validates_length_of_password_field_options.merge(options)
108
108
  end
109
-
109
+
110
110
  # A hash of options for the validates_confirmation_of call for the password field. Allows you to change this however you want.
111
111
  #
112
112
  # <b>Keep in mind this is ruby. I wanted to keep this as flexible as possible, so you can completely replace the hash or
@@ -119,12 +119,12 @@ module Authlogic
119
119
  rw_config(:validates_confirmation_of_password_field_options, value, {:if => :require_password?})
120
120
  end
121
121
  alias_method :validates_confirmation_of_password_field_options=, :validates_confirmation_of_password_field_options
122
-
122
+
123
123
  # See merge_validates_length_of_password_field_options. The same thing, except for validates_confirmation_of_password_field_options
124
124
  def merge_validates_confirmation_of_password_field_options(options = {})
125
125
  self.validates_confirmation_of_password_field_options = validates_confirmation_of_password_field_options.merge(options)
126
126
  end
127
-
127
+
128
128
  # A hash of options for the validates_length_of call for the password_confirmation field. Allows you to change this however you want.
129
129
  #
130
130
  # <b>Keep in mind this is ruby. I wanted to keep this as flexible as possible, so you can completely replace the hash or
@@ -137,22 +137,22 @@ module Authlogic
137
137
  rw_config(:validates_length_of_password_confirmation_field_options, value, validates_length_of_password_field_options)
138
138
  end
139
139
  alias_method :validates_length_of_password_confirmation_field_options=, :validates_length_of_password_confirmation_field_options
140
-
140
+
141
141
  # See merge_validates_length_of_password_field_options. The same thing, except for validates_length_of_password_confirmation_field_options
142
142
  def merge_validates_length_of_password_confirmation_field_options(options = {})
143
143
  self.validates_length_of_password_confirmation_field_options = validates_length_of_password_confirmation_field_options.merge(options)
144
144
  end
145
-
145
+
146
146
  # The class you want to use to encrypt and verify your encrypted passwords. See the Authlogic::CryptoProviders module for more info
147
147
  # on the available methods and how to create your own.
148
148
  #
149
- # * <tt>Default:</tt> CryptoProviders::Sha512
149
+ # * <tt>Default:</tt> CryptoProviders::SCrypt
150
150
  # * <tt>Accepts:</tt> Class
151
151
  def crypto_provider(value = nil)
152
- rw_config(:crypto_provider, value, CryptoProviders::Sha512)
152
+ rw_config(:crypto_provider, value, CryptoProviders::SCrypt)
153
153
  end
154
154
  alias_method :crypto_provider=, :crypto_provider
155
-
155
+
156
156
  # Let's say you originally encrypted your passwords with Sha1. Sha1 is starting to join the party with MD5 and you want to switch
157
157
  # to something stronger. No problem, just specify your new and improved algorithm with the crypt_provider option and then let
158
158
  # Authlogic know you are transitioning from Sha1 using this option. Authlogic will take care of everything, including transitioning
@@ -169,18 +169,18 @@ module Authlogic
169
169
  end
170
170
  alias_method :transition_from_crypto_providers=, :transition_from_crypto_providers
171
171
  end
172
-
172
+
173
173
  # Callbacks / hooks to allow other modules to modify the behavior of this module.
174
174
  module Callbacks
175
175
  METHODS = [
176
176
  "before_password_set", "after_password_set",
177
177
  "before_password_verification", "after_password_verification"
178
178
  ]
179
-
179
+
180
180
  def self.included(klass)
181
181
  return if klass.crypted_password_field.nil?
182
182
  klass.define_callbacks *METHODS
183
-
183
+
184
184
  # If Rails 3, support the new callback syntax
185
185
  if klass.send(klass.respond_to?(:singleton_class) ? :singleton_class : :metaclass).method_defined?(:set_callback)
186
186
  METHODS.each do |method|
@@ -192,7 +192,7 @@ module Authlogic
192
192
  end
193
193
  end
194
194
  end
195
-
195
+
196
196
  private
197
197
  METHODS.each do |method|
198
198
  class_eval <<-"end_eval", __FILE__, __LINE__
@@ -202,34 +202,34 @@ module Authlogic
202
202
  end_eval
203
203
  end
204
204
  end
205
-
205
+
206
206
  # The methods related to the password field.
207
207
  module Methods
208
208
  def self.included(klass)
209
209
  return if klass.crypted_password_field.nil?
210
-
210
+
211
211
  klass.class_eval do
212
212
  include InstanceMethods
213
-
213
+
214
214
  if validate_password_field
215
215
  validates_length_of :password, validates_length_of_password_field_options
216
-
216
+
217
217
  if require_password_confirmation
218
218
  validates_confirmation_of :password, validates_confirmation_of_password_field_options
219
219
  validates_length_of :password_confirmation, validates_length_of_password_confirmation_field_options
220
220
  end
221
221
  end
222
-
222
+
223
223
  after_save :reset_password_changed
224
224
  end
225
225
  end
226
-
226
+
227
227
  module InstanceMethods
228
228
  # The password
229
229
  def password
230
230
  @password
231
231
  end
232
-
232
+
233
233
  # This is a virtual method. Once a password is passed to it, it will create new password salt as well as encrypt
234
234
  # the password.
235
235
  def password=(pass)
@@ -241,7 +241,7 @@ module Authlogic
241
241
  @password_changed = true
242
242
  after_password_set
243
243
  end
244
-
244
+
245
245
  # Accepts a raw password to determine if it is the correct password or not. Notice the second argument. That defaults to the value of
246
246
  # check_passwords_against_database. See that method for more information, but basically it just tells Authlogic to check the password
247
247
  # against the value in the database or the value in the object.
@@ -249,23 +249,23 @@ module Authlogic
249
249
  crypted = check_against_database && send("#{crypted_password_field}_changed?") ? send("#{crypted_password_field}_was") : send(crypted_password_field)
250
250
  return false if attempted_password.blank? || crypted.blank?
251
251
  before_password_verification
252
-
252
+
253
253
  crypto_providers.each_with_index do |encryptor, index|
254
254
  # The arguments_type of for the transitioning from restful_authentication
255
255
  arguments_type = (act_like_restful_authentication? && index == 0) ||
256
256
  (transition_from_restful_authentication? && index > 0 && encryptor == Authlogic::CryptoProviders::Sha1) ?
257
257
  :restful_authentication : nil
258
-
258
+
259
259
  if encryptor.matches?(crypted, *encrypt_arguments(attempted_password, check_against_database, arguments_type))
260
260
  transition_password(attempted_password) if transition_password?(index, encryptor, crypted, check_against_database)
261
261
  after_password_verification
262
262
  return true
263
263
  end
264
264
  end
265
-
265
+
266
266
  false
267
267
  end
268
-
268
+
269
269
  # Resets the password to a random friendly token.
270
270
  def reset_password
271
271
  friendly_token = Authlogic::Random.friendly_token
@@ -273,27 +273,27 @@ module Authlogic
273
273
  self.password_confirmation = friendly_token
274
274
  end
275
275
  alias_method :randomize_password, :reset_password
276
-
276
+
277
277
  # Resets the password to a random friendly token and then saves the record.
278
278
  def reset_password!
279
279
  reset_password
280
280
  save_without_session_maintenance(:validate => false)
281
281
  end
282
282
  alias_method :randomize_password!, :reset_password!
283
-
283
+
284
284
  private
285
285
  def check_passwords_against_database?
286
286
  self.class.check_passwords_against_database == true
287
287
  end
288
-
288
+
289
289
  def crypto_providers
290
290
  [crypto_provider] + transition_from_crypto_providers
291
291
  end
292
-
292
+
293
293
  def encrypt_arguments(raw_password, check_against_database, arguments_type = nil)
294
294
  salt = nil
295
295
  salt = (check_against_database && send("#{password_salt_field}_changed?") ? send("#{password_salt_field}_was") : send(password_salt_field)) if password_salt_field
296
-
296
+
297
297
  case arguments_type
298
298
  when :restful_authentication
299
299
  [REST_AUTH_SITE_KEY, salt, raw_password, REST_AUTH_SITE_KEY].compact
@@ -301,7 +301,7 @@ module Authlogic
301
301
  [raw_password, salt].compact
302
302
  end
303
303
  end
304
-
304
+
305
305
  # Determines if we need to tranisiton the password.
306
306
  # If the index > 0 then we are using an "transition from" crypto provider.
307
307
  # If the encryptor has a cost and the cost it outdated.
@@ -311,40 +311,40 @@ module Authlogic
311
311
  (index > 0 || (encryptor.respond_to?(:cost_matches?) && !encryptor.cost_matches?(send(crypted_password_field)))) &&
312
312
  (!check_against_database || !send("#{crypted_password_field}_changed?"))
313
313
  end
314
-
314
+
315
315
  def transition_password(attempted_password)
316
316
  self.password = attempted_password
317
317
  save(:validate => false)
318
318
  end
319
-
319
+
320
320
  def require_password?
321
321
  new_record? || password_changed? || send(crypted_password_field).blank?
322
322
  end
323
-
323
+
324
324
  def ignore_blank_passwords?
325
325
  self.class.ignore_blank_passwords == true
326
326
  end
327
-
327
+
328
328
  def password_changed?
329
329
  @password_changed == true
330
330
  end
331
-
331
+
332
332
  def reset_password_changed
333
333
  @password_changed = nil
334
334
  end
335
-
335
+
336
336
  def crypted_password_field
337
337
  self.class.crypted_password_field
338
338
  end
339
-
339
+
340
340
  def password_salt_field
341
341
  self.class.password_salt_field
342
342
  end
343
-
343
+
344
344
  def crypto_provider
345
345
  self.class.crypto_provider
346
346
  end
347
-
347
+
348
348
  def transition_from_crypto_providers
349
349
  self.class.transition_from_crypto_providers
350
350
  end