authtools 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG +6 -0
- data/LICENSE +4 -0
- data/README.rdoc +29 -0
- data/Rakefile +52 -0
- data/authtools.gemspec +46 -0
- data/lib/authtools/common.rb +11 -0
- data/lib/authtools/password.rb +72 -0
- data/lib/authtools/token.rb +42 -0
- metadata +72 -0
data/CHANGELOG
ADDED
data/LICENSE
ADDED
data/README.rdoc
ADDED
@@ -0,0 +1,29 @@
|
|
1
|
+
Usefull stuff for tokens, passwords and authorization.
|
2
|
+
|
3
|
+
== Examples
|
4
|
+
|
5
|
+
# Generating unique token:
|
6
|
+
Authtools::Token.short
|
7
|
+
Authtools::Token.medium
|
8
|
+
Authtools::Token.new(Authtools::Token::LONG)
|
9
|
+
|
10
|
+
# Hashing password
|
11
|
+
store = Authtools::Password.generate('secret')
|
12
|
+
|
13
|
+
# Checking password
|
14
|
+
Authtools::Password.check('secret', store)
|
15
|
+
|
16
|
+
== Note on Patches/Pull Requests
|
17
|
+
|
18
|
+
* Fork the project.
|
19
|
+
* Make your feature addition or bug fix.
|
20
|
+
* Add tests for it. This is important so I don't break it in a
|
21
|
+
future version unintentionally.
|
22
|
+
* Commit, do not mess with rakefile, version, or history.
|
23
|
+
(if you want to have your own version, that is fine but bump version in a commit by it
|
24
|
+
self I can ignore when I pull)
|
25
|
+
* Send me a pull request. Bonus points for topic branches.
|
26
|
+
|
27
|
+
== Copyright
|
28
|
+
|
29
|
+
Copyright (c) 2010 Kris Kowalik. See LICENSE for details.
|
data/Rakefile
ADDED
@@ -0,0 +1,52 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'rake'
|
3
|
+
|
4
|
+
begin
|
5
|
+
require 'jeweler'
|
6
|
+
Jeweler::Tasks.new do |gemspec|
|
7
|
+
gemspec.name = "authtools"
|
8
|
+
gemspec.version = "0.1.3"
|
9
|
+
gemspec.summary = "Usefull staff for tokens, passwords and authorization"
|
10
|
+
gemspec.description = "Thanks to authtools you can easy generate salted password has
|
11
|
+
h or unique token and check if specified password string is valid for stored hash..."
|
12
|
+
gemspec.email = "kriss.kowalik@gmail.com"
|
13
|
+
gemspec.homepage = "http://github.com/kriss/authtools"
|
14
|
+
gemspec.authors = ["Kris Kowalik"]
|
15
|
+
end
|
16
|
+
rescue LoadError
|
17
|
+
puts "Jeweler not available. Install it with: gem install jeweler"
|
18
|
+
end
|
19
|
+
|
20
|
+
require 'rake/testtask'
|
21
|
+
Rake::TestTask.new(:test) do |test|
|
22
|
+
test.libs << 'lib' << 'test'
|
23
|
+
test.pattern = 'test/**/test_*.rb'
|
24
|
+
test.verbose = true
|
25
|
+
end
|
26
|
+
|
27
|
+
begin
|
28
|
+
require 'rcov/rcovtask'
|
29
|
+
Rcov::RcovTask.new do |test|
|
30
|
+
test.libs << 'test'
|
31
|
+
test.pattern = 'test/**/test_*.rb'
|
32
|
+
test.verbose = true
|
33
|
+
end
|
34
|
+
rescue LoadError
|
35
|
+
task :rcov do
|
36
|
+
abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
task :test => :check_dependencies
|
41
|
+
|
42
|
+
task :default => :test
|
43
|
+
|
44
|
+
require 'rake/rdoctask'
|
45
|
+
Rake::RDocTask.new do |rdoc|
|
46
|
+
version = File.exist?('VERSION') ? File.read('VERSION') : ""
|
47
|
+
|
48
|
+
rdoc.rdoc_dir = 'rdoc'
|
49
|
+
rdoc.title = "authtools2 #{version}"
|
50
|
+
rdoc.rdoc_files.include('README*')
|
51
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
52
|
+
end
|
data/authtools.gemspec
ADDED
@@ -0,0 +1,46 @@
|
|
1
|
+
# Generated by jeweler
|
2
|
+
# DO NOT EDIT THIS FILE DIRECTLY
|
3
|
+
# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
|
4
|
+
# -*- encoding: utf-8 -*-
|
5
|
+
|
6
|
+
Gem::Specification.new do |s|
|
7
|
+
s.name = %q{authtools}
|
8
|
+
s.version = "0.1.3"
|
9
|
+
|
10
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
|
+
s.authors = ["Kris Kowalik"]
|
12
|
+
s.date = %q{2010-03-23}
|
13
|
+
s.description = %q{Thanks to authtools you can easy generate salted password has
|
14
|
+
h or unique token and check if specified password string is valid for stored hash...}
|
15
|
+
s.email = %q{kriss.kowalik@gmail.com}
|
16
|
+
s.extra_rdoc_files = [
|
17
|
+
"LICENSE",
|
18
|
+
"README.rdoc"
|
19
|
+
]
|
20
|
+
s.files = [
|
21
|
+
"CHANGELOG",
|
22
|
+
"LICENSE",
|
23
|
+
"README.rdoc",
|
24
|
+
"Rakefile",
|
25
|
+
"authtools.gemspec",
|
26
|
+
"lib/authtools/common.rb",
|
27
|
+
"lib/authtools/password.rb",
|
28
|
+
"lib/authtools/token.rb"
|
29
|
+
]
|
30
|
+
s.homepage = %q{http://github.com/kriss/authtools}
|
31
|
+
s.rdoc_options = ["--charset=UTF-8"]
|
32
|
+
s.require_paths = ["lib"]
|
33
|
+
s.rubygems_version = %q{1.3.6}
|
34
|
+
s.summary = %q{Usefull staff for tokens, passwords and authorization}
|
35
|
+
|
36
|
+
if s.respond_to? :specification_version then
|
37
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
38
|
+
s.specification_version = 3
|
39
|
+
|
40
|
+
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
41
|
+
else
|
42
|
+
end
|
43
|
+
else
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
@@ -0,0 +1,72 @@
|
|
1
|
+
require 'digest/sha2'
|
2
|
+
require 'authtools/common'
|
3
|
+
|
4
|
+
module Authtools
|
5
|
+
module Password
|
6
|
+
# Generates a new salt and rehashes the password. Returns mixed hash.
|
7
|
+
#
|
8
|
+
# == Examples
|
9
|
+
# store = Authtools::Password.generate('mysecret')
|
10
|
+
# # => "f7d8f299e342168b7a8b0aeece32e090c4acced13a6bd7f2b26fc
|
11
|
+
# # 88251f550943820d190df00a87d20b7bc00cee332c48f9c4953793837
|
12
|
+
# # 2a6c4fbcbe5d3944ccr1x6DlrfTf6OUrwl6ohoivxN2fAQiblav1sLyd9
|
13
|
+
# # z7PFaQgQH3XxTA0BuMAbFRmMM"
|
14
|
+
#
|
15
|
+
def self.generate(password)
|
16
|
+
salt = Authtools::Common.salt
|
17
|
+
hash = self.hash(password, salt)
|
18
|
+
self.store(hash, salt)
|
19
|
+
end
|
20
|
+
|
21
|
+
# Alias for generate method
|
22
|
+
#
|
23
|
+
def new(password)
|
24
|
+
generate(password)
|
25
|
+
end
|
26
|
+
|
27
|
+
# Checks the password against the stored password.
|
28
|
+
#
|
29
|
+
# == Examples
|
30
|
+
# # In `store` is hash generated before (see `generate` method).
|
31
|
+
# Authtools::Password.check('mysecret', store) # => true
|
32
|
+
# Authtools::Password.check('fake', store) # => false
|
33
|
+
#
|
34
|
+
def self.check(password, store)
|
35
|
+
hash = self.get_hash(store)
|
36
|
+
salt = self.get_salt(store)
|
37
|
+
if self.hash(password, salt) == hash
|
38
|
+
true
|
39
|
+
else
|
40
|
+
false
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
protected
|
45
|
+
|
46
|
+
include Authtools::Common
|
47
|
+
|
48
|
+
# Generates a 128 character hash.
|
49
|
+
#
|
50
|
+
def self.hash(password, salt)
|
51
|
+
Digest::SHA512.hexdigest("#{password}:#{salt}")
|
52
|
+
end
|
53
|
+
|
54
|
+
# Mixes the hash and salt together for storage.
|
55
|
+
#
|
56
|
+
def self.store(hash, salt)
|
57
|
+
hash + salt
|
58
|
+
end
|
59
|
+
|
60
|
+
# Gets the hash from a stored password.
|
61
|
+
#
|
62
|
+
def self.get_hash(store)
|
63
|
+
store[0..127]
|
64
|
+
end
|
65
|
+
|
66
|
+
# Gets the salt from a stored password.
|
67
|
+
#
|
68
|
+
def self.get_salt(store)
|
69
|
+
store[128..192]
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
require 'digest/sha2'
|
2
|
+
require 'authtools/common'
|
3
|
+
|
4
|
+
module Authtools
|
5
|
+
module Token
|
6
|
+
SHORT = 256
|
7
|
+
MEDIUM = 384
|
8
|
+
LONG = 512
|
9
|
+
|
10
|
+
# Generates new token with specified size.
|
11
|
+
#
|
12
|
+
def self.generate(size=SHORT)
|
13
|
+
hash = Digest::SHA2.new(size)
|
14
|
+
hash << Authtools::Common.salt
|
15
|
+
hash.to_s
|
16
|
+
end
|
17
|
+
|
18
|
+
# Alias for generate method.
|
19
|
+
#
|
20
|
+
def new(size=SHORT)
|
21
|
+
generate(size)
|
22
|
+
end
|
23
|
+
|
24
|
+
# Shortcut for generate 256 bit token.
|
25
|
+
#
|
26
|
+
def self.short
|
27
|
+
self.generate(SHORT)
|
28
|
+
end
|
29
|
+
|
30
|
+
# Shortcut for generate 384 bit token.
|
31
|
+
#
|
32
|
+
def self.medium
|
33
|
+
self.generate(MEDIUM)
|
34
|
+
end
|
35
|
+
|
36
|
+
# Shortcut for generate 512 bit token.
|
37
|
+
#
|
38
|
+
def self.long
|
39
|
+
self.generate(LONG)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
metadata
ADDED
@@ -0,0 +1,72 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: authtools
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
prerelease: false
|
5
|
+
segments:
|
6
|
+
- 0
|
7
|
+
- 1
|
8
|
+
- 3
|
9
|
+
version: 0.1.3
|
10
|
+
platform: ruby
|
11
|
+
authors:
|
12
|
+
- Kris Kowalik
|
13
|
+
autorequire:
|
14
|
+
bindir: bin
|
15
|
+
cert_chain: []
|
16
|
+
|
17
|
+
date: 2010-03-23 00:00:00 +01:00
|
18
|
+
default_executable:
|
19
|
+
dependencies: []
|
20
|
+
|
21
|
+
description: |-
|
22
|
+
Thanks to authtools you can easy generate salted password has
|
23
|
+
h or unique token and check if specified password string is valid for stored hash...
|
24
|
+
email: kriss.kowalik@gmail.com
|
25
|
+
executables: []
|
26
|
+
|
27
|
+
extensions: []
|
28
|
+
|
29
|
+
extra_rdoc_files:
|
30
|
+
- LICENSE
|
31
|
+
- README.rdoc
|
32
|
+
files:
|
33
|
+
- CHANGELOG
|
34
|
+
- LICENSE
|
35
|
+
- README.rdoc
|
36
|
+
- Rakefile
|
37
|
+
- authtools.gemspec
|
38
|
+
- lib/authtools/common.rb
|
39
|
+
- lib/authtools/password.rb
|
40
|
+
- lib/authtools/token.rb
|
41
|
+
has_rdoc: true
|
42
|
+
homepage: http://github.com/kriss/authtools
|
43
|
+
licenses: []
|
44
|
+
|
45
|
+
post_install_message:
|
46
|
+
rdoc_options:
|
47
|
+
- --charset=UTF-8
|
48
|
+
require_paths:
|
49
|
+
- lib
|
50
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
segments:
|
55
|
+
- 0
|
56
|
+
version: "0"
|
57
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
segments:
|
62
|
+
- 0
|
63
|
+
version: "0"
|
64
|
+
requirements: []
|
65
|
+
|
66
|
+
rubyforge_project:
|
67
|
+
rubygems_version: 1.3.6
|
68
|
+
signing_key:
|
69
|
+
specification_version: 3
|
70
|
+
summary: Usefull staff for tokens, passwords and authorization
|
71
|
+
test_files: []
|
72
|
+
|