devise-encryptable 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (43) hide show
  1. data/.gitignore +17 -0
  2. data/.travis.yml +9 -0
  3. data/Changelog.md +4 -0
  4. data/Gemfile +16 -0
  5. data/Gemfile.lock +134 -0
  6. data/LICENSE +201 -0
  7. data/README.md +43 -0
  8. data/Rakefile +11 -0
  9. data/devise-encryptable.gemspec +19 -0
  10. data/gemfiles/Gemfile.rails-3.1.x +15 -0
  11. data/gemfiles/Gemfile.rails-3.1.x.lock +136 -0
  12. data/lib/devise-encryptable.rb +1 -0
  13. data/lib/devise/encryptable/encryptable.rb +28 -0
  14. data/lib/devise/encryptable/encryptors/authlogic_sha512.rb +21 -0
  15. data/lib/devise/encryptable/encryptors/base.rb +26 -0
  16. data/lib/devise/encryptable/encryptors/clearance_sha1.rb +19 -0
  17. data/lib/devise/encryptable/encryptors/restful_authentication_sha1.rb +24 -0
  18. data/lib/devise/encryptable/encryptors/sha1.rb +27 -0
  19. data/lib/devise/encryptable/encryptors/sha512.rb +27 -0
  20. data/lib/devise/encryptable/model.rb +86 -0
  21. data/lib/devise/encryptable/version.rb +5 -0
  22. data/test/devise/encryptable/encryptable_test.rb +65 -0
  23. data/test/devise/encryptable/encryptors_test.rb +32 -0
  24. data/test/rails_app/.gitignore +15 -0
  25. data/test/rails_app/Rakefile +7 -0
  26. data/test/rails_app/app/models/.gitkeep +0 -0
  27. data/test/rails_app/app/models/admin.rb +5 -0
  28. data/test/rails_app/app/models/user.rb +5 -0
  29. data/test/rails_app/config.ru +4 -0
  30. data/test/rails_app/config/application.rb +59 -0
  31. data/test/rails_app/config/boot.rb +6 -0
  32. data/test/rails_app/config/database.yml +3 -0
  33. data/test/rails_app/config/environment.rb +5 -0
  34. data/test/rails_app/config/environments/development.rb +37 -0
  35. data/test/rails_app/config/environments/production.rb +67 -0
  36. data/test/rails_app/config/environments/test.rb +37 -0
  37. data/test/rails_app/config/initializers/devise.rb +14 -0
  38. data/test/rails_app/db/migrate/20120508165529_create_tables.rb +77 -0
  39. data/test/support/assertions.rb +14 -0
  40. data/test/support/factories.rb +22 -0
  41. data/test/support/swappers.rb +28 -0
  42. data/test/test_helper.rb +21 -0
  43. metadata +126 -0
@@ -0,0 +1,32 @@
1
+ require "test_helper"
2
+
3
+ class Encryptors < ActiveSupport::TestCase
4
+ include Support::Swappers
5
+
6
+ test 'should match a password created by authlogic' do
7
+ authlogic = "b623c3bc9c775b0eb8edb218a382453396fec4146422853e66ecc4b6bc32d7162ee42074dcb5f180a770dc38b5df15812f09bbf497a4a1b95fe5e7d2b8eb7eb4"
8
+ encryptor = Devise::Encryptable::Encryptors::AuthlogicSha512.digest('123mudar', 20, 'usZK_z_EAaF61Gwkw-ed', '')
9
+ assert_equal authlogic, encryptor
10
+ end
11
+
12
+ test 'should match a password created by restful_authentication' do
13
+ restful_authentication = "93110f71309ce91366375ea44e2a6f5cc73fa8d4"
14
+ encryptor = Devise::Encryptable::Encryptors::RestfulAuthenticationSha1.digest('123mudar', 10, '48901d2b247a54088acb7f8ea3e695e50fe6791b', 'fee9a51ec0a28d11be380ca6dee6b4b760c1a3bf')
15
+ assert_equal restful_authentication, encryptor
16
+ end
17
+
18
+ test 'should match a password created by clearance' do
19
+ clearance = "0f40bbae18ddefd7066276c3ef209d40729b0378"
20
+ encryptor = Devise::Encryptable::Encryptors::ClearanceSha1.digest('123mudar', nil, '65c58472c207c829f28c68619d3e3aefed18ab3f', nil)
21
+ assert_equal clearance, encryptor
22
+ end
23
+
24
+ Devise::ENCRYPTORS_LENGTH.each do |key, value|
25
+ test "should have length #{value} for #{key.inspect}" do
26
+ swap Devise, :encryptor => key do
27
+ encryptor = Devise::Encryptable::Encryptors.const_get(key.to_s.classify)
28
+ assert_equal value, encryptor.digest('a', 4, encryptor.salt(4), nil).size
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,15 @@
1
+ # See http://help.github.com/ignore-files/ for more about ignoring files.
2
+ #
3
+ # If you find yourself ignoring temporary files generated by your text editor
4
+ # or operating system, you probably want to add a global ignore instead:
5
+ # git config --global core.excludesfile ~/.gitignore_global
6
+
7
+ # Ignore bundler config
8
+ /.bundle
9
+
10
+ # Ignore the default SQLite database.
11
+ /db/*.sqlite3
12
+
13
+ # Ignore all logfiles and tempfiles.
14
+ /log/*.log
15
+ /tmp
@@ -0,0 +1,7 @@
1
+ #!/usr/bin/env rake
2
+ # Add your own tasks in files placed in lib/tasks ending in .rake,
3
+ # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
4
+
5
+ require File.expand_path('../config/application', __FILE__)
6
+
7
+ RailsApp::Application.load_tasks
File without changes
@@ -0,0 +1,5 @@
1
+ class Admin < ActiveRecord::Base
2
+ devise :database_authenticatable, :encryptable
3
+
4
+ attr_accessible :email, :password, :password_confirmation
5
+ end
@@ -0,0 +1,5 @@
1
+ class User < ActiveRecord::Base
2
+ devise :database_authenticatable, :encryptable
3
+
4
+ attr_accessible :email, :password, :password_confirmation
5
+ end
@@ -0,0 +1,4 @@
1
+ # This file is used by Rack-based servers to start the application.
2
+
3
+ require ::File.expand_path('../config/environment', __FILE__)
4
+ run RailsApp::Application
@@ -0,0 +1,59 @@
1
+ require File.expand_path('../boot', __FILE__)
2
+
3
+ require 'rails/all'
4
+
5
+ if defined?(Bundler)
6
+ # If you precompile assets before deploying to production, use this line
7
+ Bundler.require(*Rails.groups(:assets => %w(development test)))
8
+ # If you want your assets lazily compiled in production, use this line
9
+ # Bundler.require(:default, :assets, Rails.env)
10
+ end
11
+
12
+ module RailsApp
13
+ class Application < Rails::Application
14
+ # Settings in config/environments/* take precedence over those specified here.
15
+ # Application configuration should go into files in config/initializers
16
+ # -- all .rb files in that directory are automatically loaded.
17
+
18
+ # Custom directories with classes and modules you want to be autoloadable.
19
+ # config.autoload_paths += %W(#{config.root}/extras)
20
+
21
+ # Only load the plugins named here, in the order given (default is alphabetical).
22
+ # :all can be used as a placeholder for all plugins not explicitly named.
23
+ # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
24
+
25
+ # Activate observers that should always be running.
26
+ # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
27
+
28
+ # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
29
+ # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
30
+ # config.time_zone = 'Central Time (US & Canada)'
31
+
32
+ # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
33
+ # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
34
+ # config.i18n.default_locale = :de
35
+
36
+ # Configure the default encoding used in templates for Ruby 1.9.
37
+ config.encoding = "utf-8"
38
+
39
+ # Configure sensitive parameters which will be filtered from the log file.
40
+ config.filter_parameters += [:password]
41
+
42
+ # Use SQL instead of Active Record's schema dumper when creating the database.
43
+ # This is necessary if your schema can't be completely dumped by the schema dumper,
44
+ # like if you have constraints or database-specific column types
45
+ # config.active_record.schema_format = :sql
46
+
47
+ # Enforce whitelist mode for mass assignment.
48
+ # This will create an empty whitelist of attributes available for mass-assignment for all models
49
+ # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
50
+ # parameters by using an attr_accessible or attr_protected declaration.
51
+ config.active_record.whitelist_attributes = true
52
+
53
+ # Enable the asset pipeline
54
+ config.assets.enabled = true
55
+
56
+ # Version of your assets, change this if you want to expire all your assets
57
+ config.assets.version = '1.0'
58
+ end
59
+ end
@@ -0,0 +1,6 @@
1
+ require 'rubygems'
2
+
3
+ # Set up gems listed in the Gemfile.
4
+ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
5
+
6
+ require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
@@ -0,0 +1,3 @@
1
+ development:
2
+ adapter: 'sqlite3'
3
+ database: 'db/development.sqlite'
@@ -0,0 +1,5 @@
1
+ # Load the rails application
2
+ require File.expand_path('../application', __FILE__)
3
+
4
+ # Initialize the rails application
5
+ RailsApp::Application.initialize!
@@ -0,0 +1,37 @@
1
+ RailsApp::Application.configure do
2
+ # Settings specified here will take precedence over those in config/application.rb
3
+
4
+ # In the development environment your application's code is reloaded on
5
+ # every request. This slows down response time but is perfect for development
6
+ # since you don't have to restart the web server when you make code changes.
7
+ config.cache_classes = false
8
+
9
+ # Log error messages when you accidentally call methods on nil.
10
+ config.whiny_nils = true
11
+
12
+ # Show full error reports and disable caching
13
+ config.consider_all_requests_local = true
14
+ config.action_controller.perform_caching = false
15
+
16
+ # Don't care if the mailer can't send
17
+ config.action_mailer.raise_delivery_errors = false
18
+
19
+ # Print deprecation notices to the Rails logger
20
+ config.active_support.deprecation = :log
21
+
22
+ # Only use best-standards-support built into browsers
23
+ config.action_dispatch.best_standards_support = :builtin
24
+
25
+ # Raise exception on mass assignment protection for Active Record models
26
+ config.active_record.mass_assignment_sanitizer = :strict
27
+
28
+ # Log the query plan for queries taking more than this (works
29
+ # with SQLite, MySQL, and PostgreSQL)
30
+ config.active_record.auto_explain_threshold_in_seconds = 0.5
31
+
32
+ # Do not compress assets
33
+ config.assets.compress = false
34
+
35
+ # Expands the lines which load the assets
36
+ config.assets.debug = true
37
+ end
@@ -0,0 +1,67 @@
1
+ RailsApp::Application.configure do
2
+ # Settings specified here will take precedence over those in config/application.rb
3
+
4
+ # Code is not reloaded between requests
5
+ config.cache_classes = true
6
+
7
+ # Full error reports are disabled and caching is turned on
8
+ config.consider_all_requests_local = false
9
+ config.action_controller.perform_caching = true
10
+
11
+ # Disable Rails's static asset server (Apache or nginx will already do this)
12
+ config.serve_static_assets = false
13
+
14
+ # Compress JavaScripts and CSS
15
+ config.assets.compress = true
16
+
17
+ # Don't fallback to assets pipeline if a precompiled asset is missed
18
+ config.assets.compile = false
19
+
20
+ # Generate digests for assets URLs
21
+ config.assets.digest = true
22
+
23
+ # Defaults to Rails.root.join("public/assets")
24
+ # config.assets.manifest = YOUR_PATH
25
+
26
+ # Specifies the header that your server uses for sending files
27
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
28
+ # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
29
+
30
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
31
+ # config.force_ssl = true
32
+
33
+ # See everything in the log (default is :info)
34
+ # config.log_level = :debug
35
+
36
+ # Prepend all log lines with the following tags
37
+ # config.log_tags = [ :subdomain, :uuid ]
38
+
39
+ # Use a different logger for distributed setups
40
+ # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
41
+
42
+ # Use a different cache store in production
43
+ # config.cache_store = :mem_cache_store
44
+
45
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server
46
+ # config.action_controller.asset_host = "http://assets.example.com"
47
+
48
+ # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
49
+ # config.assets.precompile += %w( search.js )
50
+
51
+ # Disable delivery errors, bad email addresses will be ignored
52
+ # config.action_mailer.raise_delivery_errors = false
53
+
54
+ # Enable threaded mode
55
+ # config.threadsafe!
56
+
57
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
58
+ # the I18n.default_locale when a translation can not be found)
59
+ config.i18n.fallbacks = true
60
+
61
+ # Send deprecation notices to registered listeners
62
+ config.active_support.deprecation = :notify
63
+
64
+ # Log the query plan for queries taking more than this (works
65
+ # with SQLite, MySQL, and PostgreSQL)
66
+ # config.active_record.auto_explain_threshold_in_seconds = 0.5
67
+ end
@@ -0,0 +1,37 @@
1
+ RailsApp::Application.configure do
2
+ # Settings specified here will take precedence over those in config/application.rb
3
+
4
+ # The test environment is used exclusively to run your application's
5
+ # test suite. You never need to work with it otherwise. Remember that
6
+ # your test database is "scratch space" for the test suite and is wiped
7
+ # and recreated between test runs. Don't rely on the data there!
8
+ config.cache_classes = true
9
+
10
+ # Configure static asset server for tests with Cache-Control for performance
11
+ config.serve_static_assets = true
12
+ config.static_cache_control = "public, max-age=3600"
13
+
14
+ # Log error messages when you accidentally call methods on nil
15
+ config.whiny_nils = true
16
+
17
+ # Show full error reports and disable caching
18
+ config.consider_all_requests_local = true
19
+ config.action_controller.perform_caching = false
20
+
21
+ # Raise exceptions instead of rendering exception templates
22
+ config.action_dispatch.show_exceptions = false
23
+
24
+ # Disable request forgery protection in test environment
25
+ config.action_controller.allow_forgery_protection = false
26
+
27
+ # Tell Action Mailer not to deliver emails to the real world.
28
+ # The :test delivery method accumulates sent emails in the
29
+ # ActionMailer::Base.deliveries array.
30
+ config.action_mailer.delivery_method = :test
31
+
32
+ # Raise exception on mass assignment protection for Active Record models
33
+ config.active_record.mass_assignment_sanitizer = :strict
34
+
35
+ # Print deprecation notices to the stderr
36
+ config.active_support.deprecation = :stderr
37
+ end
@@ -0,0 +1,14 @@
1
+ Devise.setup do |config|
2
+ config.mailer_sender = "please-change-me-at-config-initializers-devise@example.com"
3
+
4
+ require 'devise/orm/active_record'
5
+
6
+ config.case_insensitive_keys = [ :email ]
7
+
8
+ config.strip_whitespace_keys = [ :email ]
9
+ config.skip_session_storage = [:http_auth]
10
+
11
+ config.stretches = Rails.env.test? ? 1 : 10
12
+
13
+ config.encryptor = :sha512
14
+ end
@@ -0,0 +1,77 @@
1
+ class CreateTables < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :users do |t|
4
+ t.string :username
5
+ t.string :facebook_token
6
+
7
+ ## Database authenticatable
8
+ t.string :email, :null => false, :default => ""
9
+ t.string :encrypted_password, :null => false, :default => ""
10
+
11
+ ## Recoverable
12
+ t.string :reset_password_token
13
+ t.datetime :reset_password_sent_at
14
+
15
+ ## Rememberable
16
+ t.datetime :remember_created_at
17
+
18
+ ## Trackable
19
+ t.integer :sign_in_count, :default => 0
20
+ t.datetime :current_sign_in_at
21
+ t.datetime :last_sign_in_at
22
+ t.string :current_sign_in_ip
23
+ t.string :last_sign_in_ip
24
+
25
+ ## Encryptable
26
+ # t.string :password_salt
27
+
28
+ ## Confirmable
29
+ t.string :confirmation_token
30
+ t.datetime :confirmed_at
31
+ t.datetime :confirmation_sent_at
32
+ # t.string :unconfirmed_email # Only if using reconfirmable
33
+
34
+ ## Lockable
35
+ t.integer :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts
36
+ t.string :unlock_token # Only if unlock strategy is :email or :both
37
+ t.datetime :locked_at
38
+
39
+ ## Token authenticatable
40
+ t.string :authentication_token
41
+
42
+ t.timestamps
43
+ end
44
+
45
+ create_table :admins do |t|
46
+ ## Database authenticatable
47
+ t.string :email, :null => true
48
+ t.string :encrypted_password, :null => true
49
+
50
+ ## Recoverable
51
+ t.string :reset_password_token
52
+ t.datetime :reset_password_sent_at
53
+
54
+ ## Rememberable
55
+ t.datetime :remember_created_at
56
+
57
+ ## Confirmable
58
+ t.string :confirmation_token
59
+ t.datetime :confirmed_at
60
+ t.datetime :confirmation_sent_at
61
+ t.string :unconfirmed_email # Only if using reconfirmable
62
+
63
+ ## Encryptable
64
+ t.string :password_salt
65
+
66
+ ## Lockable
67
+ t.datetime :locked_at
68
+
69
+ t.timestamps
70
+ end
71
+ end
72
+
73
+ def self.down
74
+ drop_table :users
75
+ drop_table :admins
76
+ end
77
+ end
@@ -0,0 +1,14 @@
1
+ module Support
2
+ module Assertions
3
+ def assert_same_content(result, expected)
4
+ assert expected.size == result.size, "the arrays doesn't have the same size"
5
+ expected.each do |element|
6
+ assert result.include?(element), "The array doesn't include '#{element}'."
7
+ end
8
+ end
9
+
10
+ def assert_not(assertion)
11
+ assert !assertion
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,22 @@
1
+ module Support
2
+ module Factories
3
+ def generate_unique_email
4
+ @@email_count ||= 0
5
+ @@email_count += 1
6
+ "test#{@@email_count}@example.com"
7
+ end
8
+
9
+ def valid_attributes(attributes={})
10
+ { :username => "usertest",
11
+ :email => generate_unique_email,
12
+ :password => '123456',
13
+ :password_confirmation => '123456' }.update(attributes)
14
+ end
15
+
16
+ def create_admin(attributes={})
17
+ valid_attributes = valid_attributes(attributes)
18
+ valid_attributes.delete(:username)
19
+ Admin.create!(valid_attributes)
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,28 @@
1
+ module Support
2
+ module Swappers
3
+ def swap_with_encryptor(klass, encryptor, options={})
4
+ klass.instance_variable_set(:@encryptor_class, nil)
5
+
6
+ swap klass, options.merge(:encryptor => encryptor) do
7
+ begin
8
+ yield
9
+ ensure
10
+ klass.instance_variable_set(:@encryptor_class, nil)
11
+ end
12
+ end
13
+ end
14
+
15
+ def swap(object, new_values)
16
+ old_values = {}
17
+ new_values.each do |key, value|
18
+ old_values[key] = object.send key
19
+ object.send :"#{key}=", value
20
+ end
21
+ yield
22
+ ensure
23
+ old_values.each do |key, value|
24
+ object.send :"#{key}=", value
25
+ end
26
+ end
27
+ end
28
+ end