monterail-devise-argon2 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +18 -0
- data/.rspec +2 -0
- data/Gemfile +10 -0
- data/Rakefile +1 -0
- data/devise-argon2.gemspec +21 -0
- data/lib/devise/encryptable/encryptors/argon2/version.rb +7 -0
- data/lib/devise/encryptable/encryptors/argon2.rb +17 -0
- data/lib/devise-argon2.rb +4 -0
- data/spec/devise-argon2_spec.rb +42 -0
- data/spec/spec_helper.rb +9 -0
- metadata +95 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: d3603ca0d44f216806caec1af257d010924c9fd8a968e9ddedd6227c64d0c744
|
|
4
|
+
data.tar.gz: 4404f6c7ada08da93516f75a6fd206b846ba309643991ec6d970184d121d3c4b
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: c59a4158e0f50459048a5be14b5506635833fa02358cad9f58a2659dbef9aef88e06af51253a7ba60c2d27f03fb0b7a30c94132a6c79bbc5c1bbd8ccca0cafb8
|
|
7
|
+
data.tar.gz: 5a6c2f7349ff4aaa1049e5c2be487b5218b250034e88a0d4c5eeda10457a0d40ddee9383e29dd478baacbc65e45c17ada09e561ed6a798ca9c5c1ea5db39174d
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/Gemfile
ADDED
data/Rakefile
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
require "bundler/gem_tasks"
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
|
+
require "devise/encryptable/encryptors/argon2/version"
|
|
5
|
+
|
|
6
|
+
Gem::Specification.new do |gem|
|
|
7
|
+
gem.name = "monterail-devise-argon2"
|
|
8
|
+
gem.homepage = "https://github.com/monterail/devise_argon2"
|
|
9
|
+
gem.version = Devise::Encryptable::Encryptors::ARGON2_VERSION
|
|
10
|
+
gem.summary = ""
|
|
11
|
+
gem.authors = [""]
|
|
12
|
+
|
|
13
|
+
gem.files = `git ls-files`.split($/)
|
|
14
|
+
gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
|
|
15
|
+
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
|
16
|
+
gem.require_paths = ["lib"]
|
|
17
|
+
|
|
18
|
+
gem.add_dependency 'devise', '>= 2.1.0'
|
|
19
|
+
gem.add_dependency 'devise-encryptable', '>= 0.2.0'
|
|
20
|
+
gem.add_dependency 'argon2', '~> 2.0'
|
|
21
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
require 'argon2'
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Encryptable
|
|
5
|
+
module Encryptors
|
|
6
|
+
class Argon2 < Base
|
|
7
|
+
def self.digest(password:, secret: nil)
|
|
8
|
+
::Argon2::Password.create(password, secret: secret)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def self.compare(encrypted_password:, password:, secret: nil)
|
|
12
|
+
::Argon2::Password.verify_password(password, encrypted_password, secret)
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# encoding: utf-8
|
|
2
|
+
require 'spec_helper'
|
|
3
|
+
|
|
4
|
+
describe Devise::Encryptable::Encryptors::Argon2 do
|
|
5
|
+
let(:argon2) { Devise::Encryptable::Encryptors::Argon2 }
|
|
6
|
+
let(:password) { 'Tr0ub4dor&3' }
|
|
7
|
+
|
|
8
|
+
describe "used with pepper" do
|
|
9
|
+
let(:pepper) { "I don't really want to stop the show But I thought that you might like to know That the singer's going to sing a song And he wants you all to sing along" }
|
|
10
|
+
|
|
11
|
+
describe ".compare" do
|
|
12
|
+
let(:encrypted) { Argon2::Password.create(password, secret: pepper).to_s }
|
|
13
|
+
|
|
14
|
+
it "is true when the encrypted password contains the argon2id format" do
|
|
15
|
+
expect(encrypted).to match /argon2id/
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
it "is true when comparing an encrypted password against given plaintext" do
|
|
19
|
+
expect(argon2.compare(encrypted_password: encrypted, password: password, secret: pepper)).to be true
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
it "is false when comparing with wrong password" do
|
|
23
|
+
expect(argon2.compare(encrypted_password: encrypted, password: 'hunter2', secret: pepper)).to be false
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
it "is false when comparing with correct password but wrong pepper" do
|
|
27
|
+
expect(argon2.compare(encrypted_password: encrypted, password: password, secret: 'beatles')).to be false
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
describe "without any pepper" do
|
|
32
|
+
let(:encrypted) { Argon2::Password.create(password).to_s }
|
|
33
|
+
let(:pepper) { nil }
|
|
34
|
+
|
|
35
|
+
it "is still works" do
|
|
36
|
+
expect(argon2.compare(encrypted_password: encrypted, password: password)).to be true
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
ADDED
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: monterail-devise-argon2
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 1.0.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- ''
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2021-11-08 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: devise
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: 2.1.0
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: 2.1.0
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: devise-encryptable
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - ">="
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: 0.2.0
|
|
34
|
+
type: :runtime
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - ">="
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: 0.2.0
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: argon2
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - "~>"
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '2.0'
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - "~>"
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '2.0'
|
|
55
|
+
description:
|
|
56
|
+
email:
|
|
57
|
+
executables: []
|
|
58
|
+
extensions: []
|
|
59
|
+
extra_rdoc_files: []
|
|
60
|
+
files:
|
|
61
|
+
- ".gitignore"
|
|
62
|
+
- ".rspec"
|
|
63
|
+
- Gemfile
|
|
64
|
+
- Rakefile
|
|
65
|
+
- devise-argon2.gemspec
|
|
66
|
+
- lib/devise-argon2.rb
|
|
67
|
+
- lib/devise/encryptable/encryptors/argon2.rb
|
|
68
|
+
- lib/devise/encryptable/encryptors/argon2/version.rb
|
|
69
|
+
- spec/devise-argon2_spec.rb
|
|
70
|
+
- spec/spec_helper.rb
|
|
71
|
+
homepage: https://github.com/monterail/devise_argon2
|
|
72
|
+
licenses: []
|
|
73
|
+
metadata: {}
|
|
74
|
+
post_install_message:
|
|
75
|
+
rdoc_options: []
|
|
76
|
+
require_paths:
|
|
77
|
+
- lib
|
|
78
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - ">="
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '0'
|
|
83
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
84
|
+
requirements:
|
|
85
|
+
- - ">="
|
|
86
|
+
- !ruby/object:Gem::Version
|
|
87
|
+
version: '0'
|
|
88
|
+
requirements: []
|
|
89
|
+
rubygems_version: 3.1.2
|
|
90
|
+
signing_key:
|
|
91
|
+
specification_version: 4
|
|
92
|
+
summary: ''
|
|
93
|
+
test_files:
|
|
94
|
+
- spec/devise-argon2_spec.rb
|
|
95
|
+
- spec/spec_helper.rb
|