multi_password 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 3bedf3cb4f2713cd269dc2299186bfc4b9da288d336a59e20d0e6c11fc467541
4
+ data.tar.gz: c69c01925c5588d2d95ec94984977304655e1090b9e6c1e8040c2f41df15943b
5
+ SHA512:
6
+ metadata.gz: 5033e7251658eb78f0925e65fcb93103d2d110cbc3df3513ecf4e5a0f8b489162d3834c5f1956dac2403a9e084f2e3dc21409798f7bd807b44a8264fce0656ed
7
+ data.tar.gz: 6c0d5089fa54596cfe0d531fcd3d38c33fff7b5756edd6bad13c66a85920bab3e0b89e3f7cb3202780e079142bebd9cc5cf376785f1fdf6efb4de0ed719a1035
@@ -0,0 +1,34 @@
1
+ name: RSpec
2
+
3
+ on: [push, pull_request]
4
+
5
+ env:
6
+ RUBY_VERSION: 2.7.2
7
+
8
+ jobs:
9
+ build:
10
+ runs-on: ubuntu-latest
11
+
12
+ steps:
13
+ - uses: actions/checkout@v2
14
+
15
+ - uses: ruby/setup-ruby@v1
16
+ id: ruby
17
+ with:
18
+ ruby-version: ${{ env.RUBY_VERSION }}
19
+
20
+ - uses: actions/cache@v1
21
+ id: cache
22
+ with:
23
+ path: vendor/bundle
24
+ key: bundle-use-ruby-${{ matrix.os }}-${{ matrix.ruby }}-${{ hashFiles('**/Gemfile.lock') }}
25
+ restore-keys: |
26
+ bundle-use-ruby-${{ matrix.os }}-${{ matrix.ruby }}
27
+
28
+ - name: Build
29
+ run: |
30
+ gem install bundler
31
+ bundle install --jobs 4 --retry 3
32
+
33
+ - name: run rspec
34
+ run: bundle exec rspec
@@ -0,0 +1,16 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+ /vendor/bundle
10
+
11
+ Gemfile.lock
12
+
13
+ # rspec failure tracking
14
+ .rspec_status
15
+
16
+ .byebug_history
data/.rspec ADDED
@@ -0,0 +1,3 @@
1
+ --format progress
2
+ --color
3
+ --require spec_helper
@@ -0,0 +1,6 @@
1
+ ---
2
+ language: ruby
3
+ cache: bundler
4
+ rvm:
5
+ - 2.6.6
6
+ before_install: gem install bundler -v 2.1.4
data/Gemfile ADDED
@@ -0,0 +1,12 @@
1
+ source "https://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in multi_password.gemspec
4
+ gemspec
5
+
6
+ gem "rake", "~> 12.0"
7
+ gem "rspec", "~> 3.0"
8
+
9
+ gem 'argon2'
10
+ gem 'bcrypt'
11
+ gem 'scrypt'
12
+ gem 'byebug'
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2020 Hieu Nguyen
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
@@ -0,0 +1,91 @@
1
+ # MultiPassword
2
+
3
+ MultiPassword provides a generic interface for popular password hashing algorithm,
4
+ so that user can easily switch between different algorithms without worrying
5
+ about changing application code in multiple places.
6
+
7
+ MultiPassword also supports running multiple algorithms in one application, which is
8
+ great when you want to migrate from one algorithm to another.
9
+
10
+ Currently MultiPassword supports 3 algorithms:
11
+
12
+ - SCrypt
13
+ - BCrypt
14
+ - Argon2
15
+
16
+ ## Installation
17
+
18
+ Add this line to your application's Gemfile:
19
+
20
+ ```ruby
21
+ gem 'multi_password'
22
+
23
+ # if you want to use scrypt, you need to include the gem manually:
24
+ gem 'scrypt'
25
+ ```
26
+
27
+ And then execute:
28
+
29
+ $ bundle install
30
+
31
+ Or install it yourself as:
32
+
33
+ $ gem install multi_password
34
+
35
+ ## Usage
36
+
37
+ ### Configuration
38
+
39
+ You can specify an application-wide default algorithm:
40
+
41
+ ```ruby
42
+ # require the strategy you want to use here
43
+ require 'multi_password/strategies/scrypt'
44
+
45
+ MultiPassword.configure do |config|
46
+ config.default_algorithm = :scrypt
47
+
48
+ # support all options that SCrypt accepts
49
+ config.default_options = { key_len: 64, max_time: 1 }
50
+ end
51
+ ```
52
+
53
+ You can also specify algorithm and options on-the-fly:
54
+
55
+ ```ruby
56
+ manager = MultiPassword.new(algorithm: :scrypt, options: { key_len: 64, max_time: 1 })
57
+ ```
58
+
59
+ ### Interface
60
+
61
+ MultiPassword provides 2 methods: `create` for hashing password and `verify` for
62
+ verifying input password:
63
+
64
+ ```ruby
65
+ require 'multi_password/strategies/scrypt'
66
+
67
+ manager = MultiPassword.new(algorithm: :scrypt)
68
+
69
+ encrypted_password = manager.create('password')
70
+ # => "4000$8$2$df55d1c7bc475c6d4a7db9dac5c4d0469121419355f54c4ae23f61556f7198ac$2933bd4ed4b1d902951babe856aeb160ef3f061d7927ed46c749036b1edea509"
71
+
72
+ manager.verify('password', encrypted_password)
73
+ # => true
74
+ ```
75
+
76
+ ###
77
+
78
+ ## Development
79
+
80
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
81
+
82
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
83
+
84
+ ## Contributing
85
+
86
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/multi_password.
87
+
88
+
89
+ ## License
90
+
91
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "multi_password"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start(__FILE__)
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,60 @@
1
+ require "multi_password/version"
2
+ require 'multi_password/errors'
3
+ require 'multi_password/strategy'
4
+ require 'dry/configurable'
5
+ require 'concurrent/hash'
6
+
7
+ class MultiPassword
8
+ extend Dry::Configurable
9
+
10
+ setting :default_algorithm
11
+ setting :default_options, {}
12
+
13
+ @registers = Concurrent::Hash.new
14
+
15
+ def self.registers
16
+ @registers
17
+ end
18
+
19
+ def self.register(algorithm, klass)
20
+ if registers[algorithm]
21
+ Warning.warn <<-MSG
22
+ [MultiPassword] #{algorithm} is already registered by #{registers[algorithm]} but is overwritten by #{klass} in:
23
+ #{caller.first}
24
+ MSG
25
+ end
26
+
27
+ registers[algorithm] = klass
28
+ end
29
+
30
+ def self.unregister(algorithm)
31
+ registers.delete(algorithm)
32
+ end
33
+
34
+ def initialize(algorithm: config.default_algorithm, options: config.default_options)
35
+ @strategy = registers.fetch(algorithm).new
36
+ @options = options
37
+ rescue KeyError
38
+ raise AlgorithmNotRegistered.new(algorithm)
39
+ end
40
+
41
+ def create(password)
42
+ strategy.create(password, options)
43
+ end
44
+
45
+ def verify(password, encrypted_password)
46
+ strategy.verify(password, encrypted_password)
47
+ end
48
+
49
+ private
50
+
51
+ attr_reader :strategy, :options
52
+
53
+ def config
54
+ self.class.config
55
+ end
56
+
57
+ def registers
58
+ self.class.registers
59
+ end
60
+ end
@@ -0,0 +1,15 @@
1
+ class MultiPassword
2
+ class Error < StandardError; end
3
+
4
+ class MethodNotImplemented < NoMethodError
5
+ def initialize(method_name, *args, **options)
6
+ super("subclass does not implement ##{method_name}", *args, **options)
7
+ end
8
+ end
9
+
10
+ class AlgorithmNotRegistered < Error
11
+ def initialize(algorithm)
12
+ super("Algorithm #{algorithm} is not registered. Try requiring 'multi_password/strategies/#{algorithm}'.")
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,20 @@
1
+ require 'argon2'
2
+ require 'multi_password/strategy'
3
+
4
+ class MultiPassword
5
+ module Strategies
6
+ class Argon2
7
+ include Strategy
8
+
9
+ register :argon2
10
+
11
+ def create(password, options = {})
12
+ ::Argon2::Password.new(options).create(password)
13
+ end
14
+
15
+ def verify(password, encrypted_password)
16
+ ::Argon2::Password.verify_password(password, encrypted_password)
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,20 @@
1
+ require 'bcrypt'
2
+ require 'multi_password/strategy'
3
+
4
+ class MultiPassword
5
+ module Strategies
6
+ class BCrypt
7
+ include Strategy
8
+
9
+ register :bcrypt
10
+
11
+ def create(password, options = {})
12
+ ::BCrypt::Password.create(password, options).to_s
13
+ end
14
+
15
+ def verify(password, encrypted_password)
16
+ ::BCrypt::Password.new(encrypted_password) == password
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,20 @@
1
+ require 'scrypt'
2
+ require 'multi_password/strategy'
3
+
4
+ class MultiPassword
5
+ module Strategies
6
+ class SCrypt
7
+ include Strategy
8
+
9
+ register :scrypt
10
+
11
+ def create(password, options = {})
12
+ ::SCrypt::Password.create(password, options).to_s
13
+ end
14
+
15
+ def verify(password, encrypted_password)
16
+ ::SCrypt::Password.new(encrypted_password) == password
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,21 @@
1
+ require_relative 'errors'
2
+
3
+ class MultiPassword
4
+ module Strategy
5
+ def self.included(klass)
6
+ klass.class_eval do
7
+ def self.register(algorithm)
8
+ MultiPassword.register(algorithm, self)
9
+ end
10
+ end
11
+ end
12
+
13
+ def create(_password, _options = {})
14
+ raise MethodNotImplemented, 'create'
15
+ end
16
+
17
+ def verify(_password, _encrypted_password)
18
+ raise MethodNotImplemented, 'verify'
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,3 @@
1
+ class MultiPassword
2
+ VERSION = "0.1.0"
3
+ end
@@ -0,0 +1,31 @@
1
+ require_relative 'lib/multi_password/version'
2
+
3
+ Gem::Specification.new do |spec|
4
+ spec.name = "multi_password"
5
+ spec.version = MultiPassword::VERSION
6
+ spec.authors = ["Hieu Nguyen"]
7
+ spec.email = ["hieu.nguyen@ascendaloyalty.com"]
8
+
9
+ spec.summary = %q{Generic swappable password algorithm handler}
10
+ spec.description = %q{Provide a generic interface that allows application to easily switch password algorithm}
11
+ spec.homepage = "https://github.com/kaligo/multi_password"
12
+ spec.license = "MIT"
13
+ spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
14
+
15
+ spec.metadata["homepage_uri"] = spec.homepage
16
+ spec.metadata["source_code_uri"] = "https://github.com/kaligo/multi_password"
17
+ spec.metadata["changelog_uri"] = "https://github.com/kaligo/multi_password/blob/master/CHANGELOG"
18
+
19
+ # Specify which files should be added to the gem when it is released.
20
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
21
+ spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
22
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
23
+ end
24
+
25
+ spec.bindir = "exe"
26
+ spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
27
+ spec.require_paths = ["lib"]
28
+
29
+ spec.add_dependency 'concurrent-ruby'
30
+ spec.add_dependency 'dry-configurable'
31
+ end
metadata ADDED
@@ -0,0 +1,93 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: multi_password
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Hieu Nguyen
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2020-11-04 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: concurrent-ruby
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: dry-configurable
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ description: Provide a generic interface that allows application to easily switch
42
+ password algorithm
43
+ email:
44
+ - hieu.nguyen@ascendaloyalty.com
45
+ executables: []
46
+ extensions: []
47
+ extra_rdoc_files: []
48
+ files:
49
+ - ".github/workflows/ruby.yml"
50
+ - ".gitignore"
51
+ - ".rspec"
52
+ - ".travis.yml"
53
+ - Gemfile
54
+ - LICENSE.txt
55
+ - README.md
56
+ - Rakefile
57
+ - bin/console
58
+ - bin/setup
59
+ - lib/multi_password.rb
60
+ - lib/multi_password/errors.rb
61
+ - lib/multi_password/strategies/argon2.rb
62
+ - lib/multi_password/strategies/bcrypt.rb
63
+ - lib/multi_password/strategies/scrypt.rb
64
+ - lib/multi_password/strategy.rb
65
+ - lib/multi_password/version.rb
66
+ - multi_password.gemspec
67
+ homepage: https://github.com/kaligo/multi_password
68
+ licenses:
69
+ - MIT
70
+ metadata:
71
+ homepage_uri: https://github.com/kaligo/multi_password
72
+ source_code_uri: https://github.com/kaligo/multi_password
73
+ changelog_uri: https://github.com/kaligo/multi_password/blob/master/CHANGELOG
74
+ post_install_message:
75
+ rdoc_options: []
76
+ require_paths:
77
+ - lib
78
+ required_ruby_version: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: 2.3.0
83
+ required_rubygems_version: !ruby/object:Gem::Requirement
84
+ requirements:
85
+ - - ">="
86
+ - !ruby/object:Gem::Version
87
+ version: '0'
88
+ requirements: []
89
+ rubygems_version: 3.0.8
90
+ signing_key:
91
+ specification_version: 4
92
+ summary: Generic swappable password algorithm handler
93
+ test_files: []