minimalist_authentication 1.1.0 → 1.1.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 06e297700ba62d9fef159d0cb8250f7740d020a9
|
4
|
+
data.tar.gz: c0d08dd52efbfa264a3e12b8be898baf81dacf4a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d01e275ff312ba91f03abff19e221bc3bdcdb188fce8dce2b74d1f37df4bac82e61ef90740e101a808bde45be9b4004cf30c11fbdca4f61313ffc720cc1b3a8d
|
7
|
+
data.tar.gz: a6a28b7e973111b32620029d02a3f04927f743a42e1bd45fe608412cc231a5396a3232f104dcc3d1c5498b2ddab973fd4ed412870e9b2e656c7008f37c944be9
|
data/README.md
CHANGED
@@ -14,9 +14,14 @@ And then execute:
|
|
14
14
|
$ bundle
|
15
15
|
```
|
16
16
|
|
17
|
-
Create a user model:
|
17
|
+
Create a user model for with **email** for an identifier:
|
18
18
|
```bash
|
19
|
-
bin/rails generate model user active:boolean email:string crypted_password:string salt:string
|
19
|
+
bin/rails generate model user active:boolean email:string crypted_password:string salt:string last_logged_in_at:datetime
|
20
|
+
```
|
21
|
+
|
22
|
+
OR create a user model with **username** for an identifier:
|
23
|
+
```bash
|
24
|
+
bin/rails generate model user active:boolean username:string crypted_password:string salt:string last_logged_in_at:datetime
|
20
25
|
```
|
21
26
|
|
22
27
|
|
@@ -32,10 +37,6 @@ Include Minimalist::Authorization in your ApplicationController (app/controllers
|
|
32
37
|
```ruby
|
33
38
|
class ApplicationController < ActionController::Base
|
34
39
|
include Minimalist::Authorization
|
35
|
-
|
36
|
-
# Lock down everything by default
|
37
|
-
# use skip_before_action to open up specific actions
|
38
|
-
before_action :authorization_required
|
39
40
|
end
|
40
41
|
```
|
41
42
|
|
@@ -1,4 +1,3 @@
|
|
1
|
-
require 'digest/sha1'
|
2
1
|
require 'bcrypt'
|
3
2
|
|
4
3
|
module Minimalist
|
@@ -6,24 +5,27 @@ module Minimalist
|
|
6
5
|
extend ActiveSupport::Concern
|
7
6
|
|
8
7
|
GUEST_USER_EMAIL = 'guest'
|
9
|
-
|
8
|
+
EMAIL_REGEX = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i
|
10
9
|
|
11
10
|
# Recalibrates cost when class is loaded so that new user passwords
|
12
11
|
# can automatically take advantage of faster server hardware in the
|
13
12
|
# future for better encryption.
|
14
13
|
# sets cost to BCrypt::Engine::MIN_COST in the test environment
|
15
|
-
CALIBRATED_BCRYPT_COST = (::Rails.env.test? ? BCrypt::Engine::MIN_COST : BCrypt::Engine.calibrate(750))
|
14
|
+
CALIBRATED_BCRYPT_COST = (::Rails.env.test? ? ::BCrypt::Engine::MIN_COST : ::BCrypt::Engine.calibrate(750))
|
16
15
|
|
17
16
|
included do
|
18
17
|
attr_accessor :password
|
19
18
|
before_save :encrypt_password
|
20
19
|
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
20
|
+
# email validations
|
21
|
+
validates_presence_of :email, if: :validate_email_presence?
|
22
|
+
validates_uniqueness_of :email, allow_blank: true, if: :validate_email?
|
23
|
+
validates_format_of :email, allow_blank: true, with: EMAIL_REGEX, if: :validate_email?
|
24
|
+
|
25
|
+
# password validations
|
26
|
+
validates_presence_of :password, if: :password_required?
|
27
|
+
validates_confirmation_of :password, if: :password_required?
|
28
|
+
validates_length_of :password, within: 6..40, if: :password_required?
|
27
29
|
|
28
30
|
scope :active, ->(active = true) { where active: active }
|
29
31
|
end
|
@@ -37,17 +39,12 @@ module Minimalist
|
|
37
39
|
return user
|
38
40
|
end
|
39
41
|
|
40
|
-
def
|
41
|
-
|
42
|
-
when 0 then Digest::MD5.hexdigest(string.to_s)
|
43
|
-
when 1 then Digest::SHA1.hexdigest("#{string}--#{salt}")
|
44
|
-
when 2 then Digest::SHA2.hexdigest("#{string}#{salt}", 512)
|
45
|
-
when 3 then BCrypt::Password.new(BCrypt::Engine.hash_secret(string, salt)).checksum
|
46
|
-
end
|
42
|
+
def password_hash(password)
|
43
|
+
::BCrypt::Password.create(password, cost: calibrated_bcrypt_cost)
|
47
44
|
end
|
48
45
|
|
49
|
-
def
|
50
|
-
|
46
|
+
def calibrated_bcrypt_cost
|
47
|
+
CALIBRATED_BCRYPT_COST
|
51
48
|
end
|
52
49
|
|
53
50
|
def guest
|
@@ -60,69 +57,69 @@ module Minimalist
|
|
60
57
|
end
|
61
58
|
|
62
59
|
def authenticated?(password)
|
63
|
-
if
|
64
|
-
|
65
|
-
new_salt = self.class.make_token
|
66
|
-
self.update_attribute(:crypted_password, self.class.secure_digest(password, new_salt))
|
67
|
-
self.update_attribute(:salt, new_salt)
|
68
|
-
self.update_attribute(:using_digest_version, PREFERRED_DIGEST_VERSION)
|
69
|
-
end
|
60
|
+
if bcrypt_password == password
|
61
|
+
update_encryption(password) if bcrypt_password.cost < self.class.calibrated_bcrypt_cost
|
70
62
|
return true
|
71
|
-
else
|
72
|
-
return false
|
73
63
|
end
|
64
|
+
|
65
|
+
return false
|
74
66
|
end
|
75
67
|
|
76
68
|
def logged_in
|
77
|
-
|
69
|
+
# use update_column to avoid updated_on trigger
|
70
|
+
update_column(:last_logged_in_at, Time.current)
|
78
71
|
end
|
79
72
|
|
80
73
|
def is_guest?
|
81
74
|
email == GUEST_USER_EMAIL
|
82
75
|
end
|
83
76
|
|
84
|
-
|
85
77
|
private
|
86
78
|
|
87
79
|
def password_required?
|
88
80
|
active? && (crypted_password.blank? || !password.blank?)
|
89
81
|
end
|
90
82
|
|
91
|
-
def
|
92
|
-
self.
|
83
|
+
def update_encryption(password)
|
84
|
+
self.password = password
|
85
|
+
encrypt_password
|
86
|
+
save
|
93
87
|
end
|
94
88
|
|
95
89
|
def encrypt_password
|
96
90
|
return if password.blank?
|
97
|
-
self.salt = self.class.make_token
|
98
|
-
self.crypted_password =
|
99
|
-
|
91
|
+
# self.salt = self.class.make_token
|
92
|
+
# self.crypted_password = encrypt(password)
|
93
|
+
password_hash = self.class.password_hash(password)
|
94
|
+
self.salt = password_hash.salt
|
95
|
+
self.crypted_password = password_hash.checksum
|
100
96
|
end
|
101
97
|
|
102
|
-
def
|
103
|
-
|
98
|
+
def bcrypt_password
|
99
|
+
valid_hash? ? ::BCrypt::Password.new(password_hash) : null_password
|
104
100
|
end
|
105
101
|
|
106
|
-
def
|
107
|
-
BCrypt::
|
102
|
+
def valid_hash?
|
103
|
+
::BCrypt::Password.valid_hash?(password_hash)
|
108
104
|
end
|
109
105
|
|
110
|
-
|
111
|
-
|
112
|
-
# allows applications to turn off email validation
|
113
|
-
true
|
106
|
+
def password_hash
|
107
|
+
"#{salt}#{crypted_password}"
|
114
108
|
end
|
115
109
|
|
116
|
-
def
|
117
|
-
|
110
|
+
def null_password
|
111
|
+
MinimalistAuthentication::NullPassword.new
|
118
112
|
end
|
119
113
|
|
120
|
-
|
121
|
-
|
114
|
+
# email validation
|
115
|
+
def validate_email?
|
116
|
+
# allows applications to turn off all email validation
|
117
|
+
active?
|
122
118
|
end
|
123
119
|
|
124
|
-
def
|
125
|
-
|
120
|
+
def validate_email_presence?
|
121
|
+
# allows applications to turn off email presence validation
|
122
|
+
validate_email?
|
126
123
|
end
|
127
124
|
end
|
128
125
|
end
|
@@ -1,8 +1,12 @@
|
|
1
1
|
module Minimalist
|
2
2
|
module Authorization
|
3
3
|
extend ActiveSupport::Concern
|
4
|
-
|
4
|
+
|
5
5
|
included do
|
6
|
+
# Lock down everything by default
|
7
|
+
# use skip_before_action to open up specific actions
|
8
|
+
before_action :authorization_required
|
9
|
+
|
6
10
|
helper_method :current_user, :logged_in?, :authorized?
|
7
11
|
end
|
8
12
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: minimalist_authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Aaron Baldwin
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2017-09-
|
12
|
+
date: 2017-09-14 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rails
|
@@ -80,6 +80,7 @@ files:
|
|
80
80
|
- lib/minimalist/test_helper.rb
|
81
81
|
- lib/minimalist_authentication.rb
|
82
82
|
- lib/minimalist_authentication/engine.rb
|
83
|
+
- lib/minimalist_authentication/null_password.rb
|
83
84
|
- lib/minimalist_authentication/version.rb
|
84
85
|
- lib/tasks/minimalist_authentication_tasks.rake
|
85
86
|
homepage: https://github.com/wwidea/minimalist_authentication
|