devise-async-stretch 0.0.4 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +8 -8
- data/README.md +1 -1
- data/lib/devise/async/stretch/model.rb +10 -0
- data/lib/devise/async/stretch/version.rb +1 -1
- data/lib/generators/devise/async/stretch/install_generator.rb +5 -0
- data/test/devise/async/stretch/model_test.rb +31 -1
- data/test/rails_app/db/migrate/20150126144549_add_stretch_mark_to_user.rb +5 -0
- data/test/rails_app/db/schema.rb +2 -1
- data/test/rails_app/test/models/user_test.rb +23 -0
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
MWIwYTBiZGI3Y2YwNWQ3NTMyM2NmZWY5MTZhZjk2Yjc1MmVlNWRmZg==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
Zjk1ZGQ3NWJhNGMyZjE2ZDJiYWNiNzMzMDZiZTQxNDJmNzliZTA4OQ==
|
7
7
|
SHA512:
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
ZTI2OGRlZDE3NWJhZWM5MzliMjcxYTM1ZGIyODc0MTM3MjljODc3OGM2OTU0
|
10
|
+
YmIzMDRmM2ExODI0MTg3YWMxMjllYjQ1OWFhYzcwNWE2ZjI0OGFmY2JjZWJi
|
11
|
+
MjY1ODIzZWJjZmUwNjJmNjVmOTdiYjUxZWE2NjhmZTcyN2RlOGM=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
MTcwMGEwODNiZmZkZGY4MjNkYjc0NWRmOGEyM2U2MjBiMjEzMDViNjlkNDQ0
|
14
|
+
N2ZlMmE0ZjdjYWNhZTJhOWJlNzg3MTkxMjUxY2M0OThhMWJlMGZjZGIwMWM1
|
15
|
+
NjY3ZGM4ZDRjMDUyODMyMGRjY2M5YjljZjMwM2YwMDIxN2I3N2E=
|
data/README.md
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
Move password stretching into a background job for fast user creation but while maintaining difficult to crack storage.
|
4
4
|
|
5
|
-
|
5
|
+
# Don't use this. Everything will work in development, but once you deploy to production, users will get logged out once the bg job executes.
|
6
6
|
|
7
7
|
## Contributing
|
8
8
|
|
@@ -6,6 +6,7 @@ module Devise
|
|
6
6
|
included do
|
7
7
|
# Enhance the stretches!
|
8
8
|
after_commit :enqueue_stretch_worker, on: [:create, :update] if Devise::Async::Stretch.enabled
|
9
|
+
before_save :update_stretch_mark, on: [:create, :update] if Devise::Async::Stretch.enabled
|
9
10
|
end
|
10
11
|
|
11
12
|
def self.required_fields(klass)
|
@@ -22,6 +23,11 @@ module Devise
|
|
22
23
|
::BCrypt::Password.create("#{password}#{self.class.pepper}", cost: stretches).to_s
|
23
24
|
end
|
24
25
|
|
26
|
+
# This is used in the session, used to verify if the password has changed
|
27
|
+
def authenticatable_salt
|
28
|
+
stretch_mark if stretch_mark
|
29
|
+
end
|
30
|
+
|
25
31
|
protected
|
26
32
|
|
27
33
|
def enqueue_stretch_worker
|
@@ -29,6 +35,10 @@ module Devise
|
|
29
35
|
@password = nil
|
30
36
|
end
|
31
37
|
|
38
|
+
def update_stretch_mark
|
39
|
+
self[:stretch_mark] = SecureRandom.hex(15)[0,29] unless @password.blank?
|
40
|
+
end
|
41
|
+
|
32
42
|
# Digests the password using bcrypt. Custom encryption should override
|
33
43
|
# this method to apply their own algorithm.
|
34
44
|
#
|
@@ -19,6 +19,11 @@ module Devise
|
|
19
19
|
inject_into_file(path, ", :stretchable", :after => ":database_authenticatable") if File.exists?(path)
|
20
20
|
end
|
21
21
|
|
22
|
+
def add_stretch_mark
|
23
|
+
generate "migration", "AddStretchMarkTo#{name} stretch_mark:string"
|
24
|
+
rake "db:migrate"
|
25
|
+
end
|
26
|
+
|
22
27
|
end
|
23
28
|
end
|
24
29
|
end
|
@@ -4,6 +4,19 @@ class ModelTest < ActiveSupport::TestCase
|
|
4
4
|
|
5
5
|
setup do
|
6
6
|
@user = users(:bob)
|
7
|
+
Devise::Async::Stretch.enabled = true
|
8
|
+
|
9
|
+
@model = Class.new do
|
10
|
+
extend ActiveModel::Callbacks
|
11
|
+
define_model_callbacks :save, :commit
|
12
|
+
|
13
|
+
include ActiveModel::AttributeMethods
|
14
|
+
include Devise::Models::Stretchable
|
15
|
+
|
16
|
+
attr_accessor :email, :password, :stretch_mark
|
17
|
+
|
18
|
+
def []=(key, val); self.send(key.to_s + '=', val); end
|
19
|
+
end
|
7
20
|
end
|
8
21
|
|
9
22
|
test "bcrypt accepts a stretch param" do
|
@@ -15,7 +28,6 @@ class ModelTest < ActiveSupport::TestCase
|
|
15
28
|
end
|
16
29
|
|
17
30
|
test "required_fields doesn't include encrypted_password when enabled" do
|
18
|
-
Devise::Async::Stretch.enabled = true
|
19
31
|
assert_equal [:email], Devise::Models::Stretchable.required_fields(User)
|
20
32
|
end
|
21
33
|
|
@@ -24,4 +36,22 @@ class ModelTest < ActiveSupport::TestCase
|
|
24
36
|
assert_equal [:encrypted_password, :email], Devise::Models::Stretchable.required_fields(User)
|
25
37
|
end
|
26
38
|
|
39
|
+
test "the #authenticatable_salt returns the stretch_mark" do
|
40
|
+
instance = @model.new
|
41
|
+
instance.stretch_mark = "123456"
|
42
|
+
|
43
|
+
assert_equal "123456", instance.authenticatable_salt
|
44
|
+
end
|
45
|
+
|
46
|
+
test "if the password has changed, the stretch_mark gets updated" do
|
47
|
+
instance = @model.new
|
48
|
+
instance.password = "Bob"
|
49
|
+
|
50
|
+
assert_nil instance.stretch_mark
|
51
|
+
|
52
|
+
instance.run_callbacks(:save)
|
53
|
+
|
54
|
+
refute_nil instance.stretch_mark
|
55
|
+
end
|
56
|
+
|
27
57
|
end
|
data/test/rails_app/db/schema.rb
CHANGED
@@ -11,7 +11,7 @@
|
|
11
11
|
#
|
12
12
|
# It's strongly recommended that you check this file into your version control system.
|
13
13
|
|
14
|
-
ActiveRecord::Schema.define(version:
|
14
|
+
ActiveRecord::Schema.define(version: 20150126144549) do
|
15
15
|
|
16
16
|
create_table "delayed_jobs", force: :cascade do |t|
|
17
17
|
t.integer "priority", default: 0, null: false
|
@@ -42,6 +42,7 @@ ActiveRecord::Schema.define(version: 20150105232318) do
|
|
42
42
|
t.string "last_sign_in_ip"
|
43
43
|
t.datetime "created_at"
|
44
44
|
t.datetime "updated_at"
|
45
|
+
t.string "stretch_mark"
|
45
46
|
end
|
46
47
|
|
47
48
|
add_index "users", ["email"], name: "index_users_on_email", unique: true
|
@@ -29,4 +29,27 @@ class UserTest < ActiveSupport::TestCase
|
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
|
+
test "the #stretch_mark gets updated when the password is changed" do
|
33
|
+
user = User.create(email: 'Ed2@example.com', password: 'password2')
|
34
|
+
|
35
|
+
refute_nil user.stretch_mark
|
36
|
+
|
37
|
+
stretch_mark = user.stretch_mark
|
38
|
+
user.password = "password3"
|
39
|
+
user.save
|
40
|
+
|
41
|
+
refute_equal stretch_mark, user.reload.stretch_mark
|
42
|
+
end
|
43
|
+
|
44
|
+
test "the #stretch_mark doesn't change when the worker runs" do
|
45
|
+
user = User.create(email: 'Ed2@example.com', password: 'password2')
|
46
|
+
stretch_mark = user.stretch_mark
|
47
|
+
|
48
|
+
Sidekiq::Testing.inline!
|
49
|
+
|
50
|
+
Devise::Async::Stretch::Backend::Base.new.perform("User", user.id, 'newpassword')
|
51
|
+
|
52
|
+
assert_equal stretch_mark, user.reload.stretch_mark
|
53
|
+
end
|
54
|
+
|
32
55
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise-async-stretch
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Daniel Westendorf
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-01-
|
11
|
+
date: 2015-01-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: devise
|
@@ -213,6 +213,7 @@ files:
|
|
213
213
|
- test/rails_app/config/secrets.yml
|
214
214
|
- test/rails_app/db/migrate/20141227205721_devise_create_users.rb
|
215
215
|
- test/rails_app/db/migrate/20150105232318_create_delayed_jobs.rb
|
216
|
+
- test/rails_app/db/migrate/20150126144549_add_stretch_mark_to_user.rb
|
216
217
|
- test/rails_app/db/schema.rb
|
217
218
|
- test/rails_app/db/seeds.rb
|
218
219
|
- test/rails_app/lib/assets/.keep
|
@@ -310,6 +311,7 @@ test_files:
|
|
310
311
|
- test/rails_app/config/secrets.yml
|
311
312
|
- test/rails_app/db/migrate/20141227205721_devise_create_users.rb
|
312
313
|
- test/rails_app/db/migrate/20150105232318_create_delayed_jobs.rb
|
314
|
+
- test/rails_app/db/migrate/20150126144549_add_stretch_mark_to_user.rb
|
313
315
|
- test/rails_app/db/schema.rb
|
314
316
|
- test/rails_app/db/seeds.rb
|
315
317
|
- test/rails_app/lib/assets/.keep
|