devise-async-stretch 0.0.1

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    ZjAyNzE3NzFhNWE4YzUxNzllZDI5YmYxYWQ5MDc0OTE4ZDE3ZGE0ZA==
+  data.tar.gz: !binary |-
+    MjFkYjg0NDUyYTg1NjcwNzE1YWM2MjRhM2ZjY2VjMTc4MTZlNGYyZg==
+SHA512:
+  metadata.gz: !binary |-
+    YTg3ODA2YmM4YTFmNjIzMDIyMzE3MmI1NzIwNzQ3ODk0YTQ3YTFhMTQ1OTNl
+    NDY4ZWIxNWEwNzk1NzViNDUzYjU5MGE3NDZhMjdhZDdlYjc3MTYxNGQ1ZTcw
+    M2E4ZjA0NzQ4NDZjYjMyZTU0NjdlYmNlODljMjUzODNlZjVkNWI=
+  data.tar.gz: !binary |-
+    NzQ2ZjY3MjM5ZTI3MGMyMWEwYzE1YzA5MTdhMGE5YTg0YWUwMTIyNzkyODJh
+    YjBmZGY3MzIyODJjN2E1NjgzMTg5ZWEzZDBiY2NjNTUwMDcxZWJlNzE2ZDMy
+    ZTliZjc2ZTVkNGM0N2Q2ZWM3NTBhNTMzYTcyNGZjMzEyNjg4MTM=

data/.gitignore

@@ -0,0 +1,14 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/.travis.yml

@@ -0,0 +1,9 @@
+language: ruby
+rvm:
+  - "2.2.0"
+script:
+  - bundle exec rake test
+deploy:
+  provider: rubygems
+  api_key:
+    secure: F1Drh/pkUEDBvn0l6ZpFJeCeJk0FGReu98Ce3PMiIHjHngGsC3xDOTbkQ7+TUQHlfc0g3Hpc4pYmHxL3w/6TJwbx9csRX0Np4yaNfJZJdHR8uzAi7mpY32APXeLCJkV5En3h1B/G1V3qQ+AhH0Ez6nlOiSEhocJ+MVq9jFXagM4=

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in devise-async-stretch.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Daniel Westendorf
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,31 @@
+# Devise::Async::Stretch
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'devise-async-stretch'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install devise-async-stretch
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it ( https://github.com/[my-github-username]/devise-async-stretch/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,12 @@
+require "bundler/gem_tasks"
+
+require "rake/testtask"
+
+task :default => :test
+
+Rake::TestTask.new do |t|
+  t.libs << "lib"
+  t.libs << "test"
+  t.test_files = FileList["test/**/*_test.rb"]
+  t.verbose = true
+end

data/devise-async-stretch.gemspec

@@ -0,0 +1,29 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'devise/async/stretch/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "devise-async-stretch"
+  spec.version       = Devise::Async::Stretch::VERSION
+  spec.authors       = ["Daniel Westendorf"]
+  spec.email         = ["daniel@prowestech.com"]
+  spec.summary       = %q{Move password stretching into a background job for fast user creation.}
+  spec.description   = %q{Uncompromised security for your user's passwords. Move password stretching into a background job for fast user creation, but maintainging safety.}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "devise"
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rails", "~> 4.1.0"
+  spec.add_development_dependency "mocha", "~> 0.11"
+  spec.add_development_dependency "sqlite3"
+  spec.add_development_dependency "sidekiq"
+end

data/lib/devise/async/stretch.rb

@@ -0,0 +1,52 @@
+require "active_support/dependencies"
+require "devise"
+require "devise/async/stretch/version"
+
+module Devise
+  module Async
+    module Stretch
+
+      autoload :Worker,  "devise/async/stretch/worker"
+      autoload :Backend, "devise/async/stretch/backend"
+      autoload :Model,   "devise/async/stretch/model"
+
+      module Backend
+        autoload :Base,         "devise/async/stretch/backend/base"
+        autoload :Sidekiq,      "devise/async/stretch/backend/sidekiq"
+      end
+
+      # Defines the queue backend to be used. Sidekiq by default.
+      mattr_accessor :backend
+      @@backend = :sidekiq
+
+      # Defines the queue in which the background job will be enqueued. Default is :default.
+      mattr_accessor :queue
+      @@queue = :default
+
+      # Defines the enabled configuration that if set to false the stetching will be done synchronously
+      mattr_accessor :enabled
+      @@enabled = true
+
+      # Defines the value for stretching at initial user creation
+      mattr_accessor :intermediate_stretch
+      @@intermediate_stretch = 1
+
+
+      # Allow configuring Devise::Async::Stretch with a block
+      #
+      # Example:
+      #
+      #     Devise::Async::Stretch.setup do |config|
+      #       config.backend = :resque
+      #       config.queue   = :my_custom_queue
+      #     end
+      def self.setup
+        yield self
+      end
+
+    end
+  end
+end
+
+# Register devise-async model in Devise
+::Devise.add_module(:stretchable, :model => 'devise/async/stretch/model')

data/lib/devise/async/stretch/backend.rb

@@ -0,0 +1,15 @@
+module Devise
+  module Async
+    module Stretch
+      module Backend
+        # Gives the desired backend driver class to be used to enqueue
+        # jobs.
+        def self.for(backend)
+          const_get(backend.to_s.camelize)
+        rescue NameError
+          raise ArgumentError, "unsupported backend for devise-async-stretch."
+        end
+      end
+    end
+  end
+end

data/lib/devise/async/stretch/backend/base.rb

@@ -0,0 +1,25 @@
+module Devise
+  module Async
+    module Stretch
+      module Backend
+        class Base
+          def self.enqueue(*args)
+            raise NotImplementedError, "Any Devise::Async::Stretch::Backend subclass should implement `self.enqueue`."
+          end
+
+          # Loads the resource record and sends the email.
+          #
+          # It uses `orm_adapter` API to fetch the record in order to enforce
+          # compatibility among diferent ORMs.
+           def perform(klass, id, password)
+            resource = klass.constantize.to_adapter.get!(id)
+            encrypted_password = resource.bcrypt(password, resource.class.stretches)
+
+            resource.update(encrypted_password: encrypted_password)
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/devise/async/stretch/backend/sidekiq.rb

@@ -0,0 +1,17 @@
+module Devise
+  module Async
+    module Stretch
+      module Backend
+        class Sidekiq < Base
+          include ::Sidekiq::Worker
+
+          sidekiq_options queue: Devise::Async::Stretch.queue
+
+          def self.enqueue(klass, id, password)
+            perform_async(klass, id, password)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/devise/async/stretch/model.rb

@@ -0,0 +1,49 @@
+module Devise
+  module Models
+    module Stretchable
+      extend ActiveSupport::Concern
+
+      included do
+        # Enhance the stretches!
+        after_save :enqueue_stretch_worker if Devise::Async::Stretch.enabled
+      end
+
+      def self.required_fields(klass)
+        if Devise::Async::Stretch.enabled
+          klass.authentication_keys
+        else
+          [:encrypted_password] + klass.authentication_keys
+        end
+      end
+
+      # Our own bcrypt mehtod which supports arbitrary stretches
+      def bcrypt(password, stretches=nil)
+        stretches ||= self.class.stretches
+        ::BCrypt::Password.create("#{password}#{self.class.pepper}", cost: stretches).to_s
+      end
+
+      protected
+
+      def enqueue_stretch_worker
+        Devise::Async::Stretch::Worker.enqueue(self.class, id, @password) unless @password.nil?
+        @password = nil
+      end
+
+      # Digests the password using bcrypt. Custom encryption should override
+      # this method to apply their own algorithm.
+      #
+      # See https://github.com/plataformatec/devise-encryptable for examples
+      # of other encryption engines.
+      def password_digest(password)
+        if Devise::Async::Stretch.enabled
+          stretch = Devise::Async::Stretch.intermediate_stretch
+
+          bcrypt(password, stretch)
+        else
+          super
+        end
+      end
+
+    end
+  end
+end

data/lib/devise/async/stretch/version.rb

@@ -0,0 +1,7 @@
+module Devise
+  module Async
+    module Stretch
+      VERSION = "0.0.1"
+    end
+  end
+end

data/lib/devise/async/stretch/worker.rb

@@ -0,0 +1,19 @@
+module Devise
+  module Async
+    module Stretch
+      class Worker
+
+        def self.enqueue(klass, id, password)
+          backend_klass.enqueue(klass, id, password)
+        end
+
+        private
+
+        def self.backend_klass
+          Backend.for(Devise::Async::Stretch.backend)
+        end
+
+      end
+    end
+  end
+end

data/lib/generators/devise/async/stretch/install_generator.rb

@@ -0,0 +1,25 @@
+require 'rails/generators/named_base'
+require 'rails/generators/active_record'
+
+module Devise
+  module Async
+    module Stretch
+      class InstallGenerator < Rails::Generators::NamedBase
+        source_root File.expand_path("../../../../templates", __FILE__)
+
+        desc "Creates a Devise::Async:Stretch initializer to your application and generates need migrations."
+        class_option :orm
+
+        def copy_initializer
+          template "devise_async_stretch.rb", "config/initializers/devise_async_stretch.rb"
+        end
+
+        def inject_devise_invitable_content
+          path = File.join("app", "models", "#{file_path}.rb")
+          inject_into_file(path, ", :stretchable", :after => ":database_authenticatable") if File.exists?(path)
+        end
+
+      end
+    end
+  end
+end

data/lib/generators/templates/devise_async_stretch.rb

@@ -0,0 +1,21 @@
+Devise::Async::Stretch.setup do |config|
+
+  # Enable/Disable application wide
+  config.enabled = true
+
+  # Backend for background jobs
+  config.backend = :sidekiq
+
+  # Backend Queue
+  config.queue = :default
+
+  # Enable/Disable Intermediate Stretching. This will be the stretching that is done
+  # before the background job runs. If disabled, the user will not be able to log in
+  # until the background job has run.
+
+  # Intermediate stretching. Set this value low, as it will be the initial stretched
+  # password, replaced with the Devise.stretch value in the background job. This will
+  # allow quick initial user creation
+  config.intermediate_stretch = 1
+
+end

data/test/devise/async/stretch/backend/base_test.rb

@@ -0,0 +1,41 @@
+require 'test_helper'
+
+module Devise
+  module Async
+    module Stretch
+      module Backend
+        class BaseTest < ActiveSupport::TestCase
+
+          setup do
+            @user = users(:bob)
+            Devise::Async::Stretch.enabled = true
+            Devise::Async::Stretch.backend = :sidekiq
+          end
+
+          test "an error is raised with the built in enqueue" do
+            assert_raises NotImplementedError do
+              Base.enqueue
+            end
+          end
+
+          test "the password gets updated when peformed" do
+            Base.new.perform("User", @user.id, 'password')
+            assert_not_empty @user.reload.encrypted_password
+          end
+
+          test "intermidiate encrypted_password gets set" do
+            user = User.new(email: 'ed@example.com', password: 'password1')
+            encrypted_password = user.encrypted_password
+            assert_not_empty encrypted_password
+
+            user.save
+            Base.new.perform("User", user.id, 'password1')
+
+            refute_equal encrypted_password, user.reload.encrypted_password
+          end
+
+        end
+      end
+    end
+  end
+end

data/test/devise/async/stretch/backend/sidekiq_test.rb

@@ -0,0 +1,42 @@
+require 'test_helper'
+
+module Devise
+  module Async
+    module Stretch
+      module Backend
+        class SidekiqTest < ActiveSupport::TestCase
+
+          setup do
+            @user = users(:bob)
+            Devise::Async::Stretch.enabled = true
+            Devise::Async::Stretch.backend = :sidekiq
+          end
+
+          test "the job is queued" do
+            assert_difference 'Devise::Async::Stretch::Backend::Sidekiq.jobs.size' do
+              Sidekiq.enqueue("User", @user.id, "password")
+            end
+          end
+
+          test "the password gets updated when peformed" do
+            Sidekiq.new.perform("User", @user.id, 'password')
+            assert_not_empty @user.reload.encrypted_password
+          end
+
+          test "the stretch_mark gets updated" do
+            User.stretches = 2
+            ::Sidekiq::Testing.inline!
+
+            user = User.new(email: 'ed@example.com', password: 'password1')
+            encrypted_password = user.encrypted_password
+
+            user.save # Should trigger the Sidekiq job
+
+            refute_equal encrypted_password, user.reload.encrypted_password
+          end
+
+        end
+      end
+    end
+  end
+end