passwd 0.0.2 → 0.0.3

data/README.md

@@ -34,6 +34,12 @@ Options that can be specified:
 * :letters_upper => Define an array of upper case. default is ("A".."Z").to_a
 * :letters_number => Define an array of numbers. default is ("0".."9").to_a
 
+Default config is stored in the class variable. (@@config)
+Changing the default configs are as follows:
+
+    Passwd.config => Get config hash.
+    Passwd.config(length: 10) => Change to the default length.
+
 Password hashing:
 
     password_hash = Passwd.hashing(password)
@@ -51,6 +57,37 @@ Options that can be specified:
 * :require_upper => Require upper case if set true. specify_type enabled when true.
 * :require_number => Require number case if set true. specify_type enabled when true.
 
+Default policy is stored in the class variable. (@@policy)
+Changing the default policy are as follows:
+
+    Passwd.policy => Get policy hash.
+    Passwd.policy(min_length: 10) => Change to the default min_length.
+
+Passwd object:
+
+Default password is randomly generated.
+Default salt is "#{Time.now.to_s}".
+
+    password = Passwd.new
+    password.text # return text password.
+    password.salt_text # return text salt.
+    password.salt_hash # return hash salt.
+    password.hash # return hash password.
+
+Options that can be specified:
+
+* :password => Text password. default is random.
+* :salt_text => Text salt. default is #{Time.now.to_s}.
+
+Password authenticate:
+
+    password = Passwd.new
+    Passwd.auth(password.text, password.salt_hash, password.hash) # => true
+    Passwd.auth("invalid!!", password.salt_hash, password.hash) # => false
+    
+    password == password.text # => true
+    password == "invalid!!" # => false
+
 ## Contributing
 
 1. Fork it

data/lib/passwd.rb

@@ -4,7 +4,7 @@ require "passwd/version"
 require "digest/sha1"
 
 class Passwd
-  attr_reader :text, :hash
+  attr_reader :text, :hash, :salt_text, :salt_hash
   @@config = {
     length: 8,
     lower: true,
@@ -24,8 +24,8 @@ class Passwd
     require_number: true
   }
 
-  def initialize(password=nil)
-    if password.nil?
+  def initialize(options={password: nil, salt_text: Time.now.to_s})
+    if options[:password].nil?
       # Create letters
       letters = Array.new
       letters += @@config[:letters_lower] if @@config[:lower]
@@ -35,22 +35,45 @@ class Passwd
       # Create random password
       @text = Array.new(@@config[:length]){letters[rand(letters.size)]}.join
     else
-      @text = password
+      @text = options[:password]
     end
     # @text = password.nil? ? self.class.create : password
-    @hash = Passwd.hashing(@text)
+    @salt_text = options[:salt_text] || Time.now.to_s
+    @salt_hash = Passwd.hashing(@salt_text)
+    @hash = Passwd.hashing("#{@salt_hash}#{@text}")
   end
 
   def text=(password)
+    @hash = Passwd.hashing("#{@salt_hash}#{password}")
     @text = password
-    @hash = Passwd.hashing(@text)
-    @text
+  end
+
+  def hash=(password_hash)
+    @text = nil
+    @hash = password_hash
+  end
+
+  def salt_text=(salt_text)
+    @salt_hash = Passwd.hashing(salt_text)
+    @hash = Passwd.hashing("#{@salt_hash}#{@text}")
+    @salt_text = salt_text
+  end
+
+  def salt_hash=(salt_hash)
+    @salt_text = nil
+    @hash = Passwd.hashing("#{salt_hash}#{@text}")
+    @salt_hash = salt_hash
   end
 
   def policy_check
     Passwd.policy_check @text
   end
 
+  def ==(password)
+    enc_pass = Passwd.hashing("#{@salt_hash}#{password}")
+    @hash == enc_pass
+  end
+
   class << self
     def create(options={})
       config = @@config.merge(options)
@@ -93,6 +116,11 @@ class Passwd
       true
     end
 
+    def auth(password_text, salt_hash, password_hash)
+      enc_pass = Passwd.hashing("#{salt_hash}#{password_text}")
+      password_hash == enc_pass
+    end
+
     def hashing(passwd)
       Digest::SHA1.hexdigest passwd
     end

data/lib/passwd/version.rb

@@ -1,3 +1,3 @@
 class Passwd
-  VERSION = "0.0.2"
+  VERSION = "0.0.3"
 end

data/spec/passwd_spec.rb

@@ -71,6 +71,22 @@ describe Passwd do
       end
     end
 
+    context "#auth" do
+      it "return true with valid password" do
+        password = Passwd.create
+        salt_hash = Passwd.hashing(Time.now.to_s)
+        password_hash = Passwd.hashing("#{salt_hash}#{password}")
+        expect(Passwd.auth(password, salt_hash, password_hash)).to eq(true)
+      end
+
+      it "return false with invalid password" do
+        password = "Secret!!"
+        salt_hash = Passwd.hashing(Time.now.to_s)
+        password_hash = Passwd.hashing("#{salt_hash}#{password}")
+        expect(Passwd.auth("Secret!", salt_hash, password_hash)).to eq(false)
+      end
+    end
+
     context "#hashing" do
       it "return string object" do
         expect(Passwd.hashing(Passwd.create).class).to eq(String)
@@ -131,25 +147,40 @@ describe Passwd do
         expect(password.text.size).to eq(8)
         expect(password.text.class).to eq(String)
         expect(password.hash.class).to eq(String)
+        expect(password.salt_text.class).to eq(String)
+        expect(password.salt_hash.class).to eq(String)
       end
 
       it "@text is specified password" do
         pass_text = Passwd.create
-        password = Passwd.new(pass_text)
+        password = Passwd.new(password: pass_text)
         expect(password.text).to eq(pass_text)
       end
 
       it "@hash is hash of specified password" do
         pass_text = Passwd.create
-        pass_hash = Digest::SHA1.hexdigest(pass_text)
-        password = Passwd.new(pass_text)
+        password = Passwd.new(password: pass_text)
+        pass_hash = Passwd.hashing("#{password.salt_hash}#{pass_text}")
         expect(password.hash).to eq(pass_hash)
       end
+
+      it "@salt_text is specified salt" do
+        salt_text = "salt"
+        password = Passwd.new(salt_text: salt_text)
+        expect(password.salt_text).to eq(salt_text)
+      end
+
+      it "@salt_hash is hash of specified salt" do
+        salt_text = "salt"
+        salt_hash = Passwd.hashing(salt_text)
+        password = Passwd.new(salt_text: salt_text)
+        expect(password.salt_hash).to eq(salt_hash)
+      end
     end
 
     context "#text=" do
       before(:each) do
-        @password = Passwd.new("Secret!!")
+        @password = Passwd.new(password: "Secret!!")
       end
 
       it "@text is changed" do
@@ -165,13 +196,91 @@ describe Passwd do
       end
     end
 
+    context "#hash=" do
+      before(:each) do
+        @password = Passwd.new
+      end
+
+      it "@text is nil" do
+        @password.hash = Passwd.hashing("Secret!!")
+        expect(@password.text).to eq(nil)
+      end
+
+      it "@hash is changed" do
+        old_hash = @password.hash
+        @password.hash = Passwd.hashing("Secret!!")
+        expect(@password.hash).not_to eq(old_hash)
+      end
+    end
+
+    context "#salt_text=" do
+      before(:each) do
+        @password = Passwd.new
+      end
+
+      it "@salt_text is changed" do
+        old_salt_text = @password.salt_text
+        @password.salt_text = "salt"
+        expect(@password.salt_text).not_to eq(old_salt_text)
+      end
+
+      it "@salt_hash is changed" do
+        old_salt_hash = @password.salt_hash
+        @password.salt_text = "salt"
+        expect(@password.salt_hash).not_to eq(old_salt_hash)
+      end
+
+      it "@hash is changed" do
+        old_hash = @password.hash
+        @password.salt_text = "salt"
+        expect(@password.hash).not_to eq(old_hash)
+      end
+    end
+
+    context "#salt_hash=" do
+      before(:each) do
+        @password = Passwd.new
+      end
+
+      it "@salt_text is nil" do
+        @password.salt_hash = Passwd.hashing("salt")
+        expect(@password.salt_text).to eq(nil)
+      end
+
+      it "@salt_hash is changed" do
+        old_salt_hash = @password.salt_hash
+        @password.salt_hash = Passwd.hashing("salt")
+        expect(@password.salt_hash).not_to eq(old_salt_hash)
+      end
+
+      it "@hash is changed" do
+        old_hash = @password.hash
+        @password.salt_hash = Passwd.hashing("salt")
+        expect(@password.hash).not_to eq(old_hash)
+      end
+    end
+
     context "#policy_check" do
       it "Passwd.policy_check is called with pass_text" do
         pass_text = Passwd.create
         Passwd.should_receive(:policy_check).with(pass_text)
-        password = Passwd.new(pass_text)
+        password = Passwd.new(password: pass_text)
         password.policy_check
       end
     end
+
+    context "#==" do
+      before(:each) do
+        @password = Passwd.new
+      end
+
+      it "return true with valid password" do
+        expect(@password == @password.text).to eq(true)
+      end
+
+      it "return false with invalid password" do
+        expect(@password == "Secret!!").to eq(false)
+      end
+    end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: passwd
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
   prerelease: 
 platform: ruby
 authors:
@@ -90,7 +90,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 1759901407687586597
+      hash: -2718541000702937110
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -99,7 +99,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 1759901407687586597
+      hash: -2718541000702937110
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.25