authtools 0.1.3

data/CHANGELOG

@@ -0,0 +1,6 @@
+Authtools changelog.
+
+v0.1 [23.03.2010]
+* Generating password hash
+* Comparing password strings with stored hash 
+* Generating unique tokens

data/LICENSE

@@ -0,0 +1,4 @@
+DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+0. You just DO WHAT THE FUCK YOU WANT TO.

data/README.rdoc

@@ -0,0 +1,29 @@
+Usefull stuff for tokens, passwords and authorization.
+
+== Examples
+
+  # Generating unique token:
+  Authtools::Token.short
+  Authtools::Token.medium
+  Authtools::Token.new(Authtools::Token::LONG)
+
+  # Hashing password
+  store = Authtools::Password.generate('secret')
+
+  # Checking password
+  Authtools::Password.check('secret', store)
+
+== Note on Patches/Pull Requests
+ 
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but bump version in a commit by it
+self I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+== Copyright
+
+Copyright (c) 2010 Kris Kowalik. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,52 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gemspec|
+    gemspec.name = "authtools"
+    gemspec.version = "0.1.3"
+    gemspec.summary = "Usefull staff for tokens, passwords and authorization"
+    gemspec.description = "Thanks to authtools you can easy generate salted password has
+h or unique token and check if specified password string is valid for stored hash..."
+    gemspec.email = "kriss.kowalik@gmail.com"
+    gemspec.homepage = "http://github.com/kriss/authtools"
+    gemspec.authors = ["Kris Kowalik"]
+  end
+rescue LoadError
+  puts "Jeweler not available. Install it with: gem install jeweler"
+end
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+begin
+  require 'rcov/rcovtask'
+  Rcov::RcovTask.new do |test|
+    test.libs << 'test'
+    test.pattern = 'test/**/test_*.rb'
+    test.verbose = true
+  end
+rescue LoadError
+  task :rcov do
+    abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
+  end
+end
+
+task :test => :check_dependencies
+
+task :default => :test
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "authtools2 #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/authtools.gemspec

@@ -0,0 +1,46 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{authtools}
+  s.version = "0.1.3"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Kris Kowalik"]
+  s.date = %q{2010-03-23}
+  s.description = %q{Thanks to authtools you can easy generate salted password has
+h or unique token and check if specified password string is valid for stored hash...}
+  s.email = %q{kriss.kowalik@gmail.com}
+  s.extra_rdoc_files = [
+    "LICENSE",
+     "README.rdoc"
+  ]
+  s.files = [
+    "CHANGELOG",
+     "LICENSE",
+     "README.rdoc",
+     "Rakefile",
+     "authtools.gemspec",
+     "lib/authtools/common.rb",
+     "lib/authtools/password.rb",
+     "lib/authtools/token.rb"
+  ]
+  s.homepage = %q{http://github.com/kriss/authtools}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.6}
+  s.summary = %q{Usefull staff for tokens, passwords and authorization}
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end
+

data/lib/authtools/common.rb

@@ -0,0 +1,11 @@
+module Authtools
+  module Common
+    # Generates a psuedo-random 64 character string.
+    #
+    def self.salt
+      salt = ""
+      64.times { salt << (i = Kernel.rand(62); i += ((i < 10) ? 48 : ((i < 36) ? 55 : 61 ))).chr }
+      salt
+    end
+  end
+end

data/lib/authtools/password.rb

@@ -0,0 +1,72 @@
+require 'digest/sha2'
+require 'authtools/common'
+
+module Authtools
+  module Password
+    # Generates a new salt and rehashes the password. Returns mixed hash.
+    #
+    # == Examples
+    #   store = Authtools::Password.generate('mysecret') 
+    #     # => "f7d8f299e342168b7a8b0aeece32e090c4acced13a6bd7f2b26fc
+    #     # 88251f550943820d190df00a87d20b7bc00cee332c48f9c4953793837
+    #     # 2a6c4fbcbe5d3944ccr1x6DlrfTf6OUrwl6ohoivxN2fAQiblav1sLyd9
+    #     # z7PFaQgQH3XxTA0BuMAbFRmMM"
+    #   
+    def self.generate(password)
+      salt = Authtools::Common.salt
+      hash = self.hash(password, salt)
+      self.store(hash, salt)
+    end
+
+    # Alias for generate method
+    #
+    def new(password)
+      generate(password)
+    end
+  
+    # Checks the password against the stored password.
+    #
+    # == Examples
+    #   # In `store` is hash generated before (see `generate` method).
+    #   Authtools::Password.check('mysecret', store) # => true
+    #   Authtools::Password.check('fake', store)     # => false
+    #  
+    def self.check(password, store)
+      hash = self.get_hash(store)
+      salt = self.get_salt(store)
+      if self.hash(password, salt) == hash
+        true
+      else
+        false
+      end
+    end
+  
+    protected
+    
+    include Authtools::Common
+  
+    # Generates a 128 character hash.
+    #
+    def self.hash(password, salt)
+      Digest::SHA512.hexdigest("#{password}:#{salt}")
+    end
+  
+    # Mixes the hash and salt together for storage.
+    # 
+    def self.store(hash, salt)
+      hash + salt
+    end
+  
+    # Gets the hash from a stored password.
+    # 
+    def self.get_hash(store)
+      store[0..127]
+    end
+  
+    # Gets the salt from a stored password.
+    #
+    def self.get_salt(store)
+      store[128..192]
+    end
+  end
+end

data/lib/authtools/token.rb

@@ -0,0 +1,42 @@
+require 'digest/sha2'
+require 'authtools/common'
+
+module Authtools
+  module Token
+    SHORT = 256
+    MEDIUM = 384
+    LONG = 512
+    
+    # Generates new token with specified size.
+    #
+    def self.generate(size=SHORT)
+      hash = Digest::SHA2.new(size)
+      hash << Authtools::Common.salt
+      hash.to_s
+    end
+
+    # Alias for generate method.
+    #
+    def new(size=SHORT)
+      generate(size)
+    end
+    
+    # Shortcut for generate 256 bit token.
+    #
+    def self.short
+      self.generate(SHORT)
+    end
+    
+    # Shortcut for generate 384 bit token.
+    #
+    def self.medium
+      self.generate(MEDIUM)
+    end
+    
+    # Shortcut for generate 512 bit token.
+    #
+    def self.long
+      self.generate(LONG)
+    end
+  end
+end

metadata

@@ -0,0 +1,72 @@
+--- !ruby/object:Gem::Specification 
+name: authtools
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 3
+  version: 0.1.3
+platform: ruby
+authors: 
+- Kris Kowalik
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-03-23 00:00:00 +01:00
+default_executable: 
+dependencies: []
+
+description: |-
+  Thanks to authtools you can easy generate salted password has
+  h or unique token and check if specified password string is valid for stored hash...
+email: kriss.kowalik@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- CHANGELOG
+- LICENSE
+- README.rdoc
+- Rakefile
+- authtools.gemspec
+- lib/authtools/common.rb
+- lib/authtools/password.rb
+- lib/authtools/token.rb
+has_rdoc: true
+homepage: http://github.com/kriss/authtools
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Usefull staff for tokens, passwords and authorization
+test_files: []
+