passwd 0.1.4 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b9ba7557a87c9ef3d0b947b32bae95c8693ce96c
-  data.tar.gz: 07de417852343a3cdb13f6ecf27f36b95190c307
+  metadata.gz: a606e91758a61195dc7a2f4a82a16ce1d845c68e
+  data.tar.gz: 70f0ece850a255a83972a3ac47c4eb3a6a994a1d
 SHA512:
-  metadata.gz: b1072b0d5f670f2698c0f6b5982c457a587e3a3afcd7638586233a3a2425c5ec98a4ae8a50c9b91adeacd4a10c8eb8f59f95a8db2d7eb5b855c7bd8aef6f4b32
-  data.tar.gz: 4367e04477af7a420763b8681a9a455263a3094d2190a49c6c0c1b75bbd8b5ae9398574771410d5bc926e9b1bb0c5ea9c24ab947b53a55e5aa3aa6eadcb1acb6
+  metadata.gz: 0cd8cd9771d2252d9c0123da43ac2324fcd7d33cb194accb5bff78c4732d7713d61d7b8556513a6b4a747aeb14e35473d873d3731f0ad9e4cfad56347bd98fb2
+  data.tar.gz: 9a78a83972cbf53c3a8ded6caa0ee7e84b58d0598c3a8b368d710ead163e63b1e114d4ecb47bd2d91b29f151845c4cee4ea391fb0b86aa7b2961390cae92100b

data/CHANGELOG.md

@@ -0,0 +1,6 @@
+## 0.1.5
+
+Features:
+
+- Can be specified algorithm of hashing
+- Change default hashing algorithm to SHA512 from SHA1

data/README.md

@@ -53,12 +53,14 @@ Passwd.config # => Get config object.
 Passwd.config(length: 10) # => Change to the default length.
 
 Passwd.configure do |c|
+  c.algorithm = :sha512
   c.length = 10
 end
 ```
 
 Options that can be specified:
 
+* :algorithm => Hashing algorithm. default is :sha512.
 * :length => Number of characters. default is 8.
 * :lower => Skip lower case if set false. default is true.
 * :upper => Skip upper case if set false. default is true.
@@ -145,23 +147,28 @@ Return the user object if the authentication successful.
 Return the nil if authentication fails or doesn't exists user.
 
 ```ruby
-user = User.authenticate("foo@example.com", "secret") # => return user object or nil.
+user = User.authenticate(params[:email], params[:password]) # => return user object or nil.
 
 if user
-  puts "Hello #{user.name}!"
+  session[:user] = user.id
+  redirect_to bar_path, notice: "Hello #{user.name}!"
 else
-  puts "Authentication failed"
+  flash.now[:alert] = "Authentication failed"
+  render action: :new
 end
 ```
 
 instance method is not required `id`.
 
 ```ruby
-user = User.find(params[:id])
-if user.authenticate("secret") # => return true or false
-  puts "Authentication is successful!"
+current_user = User.find(session[:user])
+
+if current_user.authenticate(params[:password]) # => return true or false
+  # some process
+  redirect_to bar_path, notice: "Some process is successfully"
 else
-  puts "Authentication failed!"
+  flash.now[:alert] = "Authentication failed"
+  render action: :edit
 end
 ```
 
@@ -173,11 +180,13 @@ To specify the password as an argument if you want to specify a password.
 `salt` also set if salt is nil.
 
 ```ruby
-user = User.find(params[:id])
-password_text = user.set_password
+current_user = User.find(session[:user])
+password_text = current_user.set_password
 
-if user.save
-  NoticeMailer.change_mail(user, password_text).deliver
+if current_user.save
+  redirect_to bar_path, notice: "Password update successfully"
+else
+  render action: :edit
 end
 ```
 
@@ -185,23 +194,28 @@ end
 But `update_password` method doesn't call `save` method.
 
 ```ruby
-@user = User.find(params[:id])
+current_user = User.find(session[:user])
 
 begin
-  confirm_check(new_pass, confirm)
-  @user.update_password(old_pass, new_pass, true)
-  @user.save!
+  Passwd.confirm_check(params[:password], params[:password_confirmation])
+  # update_password(OLD_PASSWORD, NEW_PASSWORD[, POLICY_CHECK=false])
+  current_user.update_password(old_pass, new_pass, true)
+  current_user.save!
   redirect_to bar_path, notice: "Password updated successfully"
-rescue PasswordNotMatch
+rescue Passwd::PasswordNotMatch
+  # PASSWORD != PASSWORD_CONFIRMATION from Passwd.#confirm_check
   flash.now[:alert] = "Password not match"
   render action: :edit
-rescue AuthError
+rescue Passwd::AuthError
+  # Authentication failed from #update_password
   flash.now[:alert] = "Password is incorrect"
   render action: :edit
-rescue PolicyNotMatch
+rescue Passwd::PolicyNotMatch
+  # Policy not match from #update_password
   flash.now[:alert] = "Policy not match"
   render action: :edit
 rescue
+  # Other errors
   flash.now[:alert] = "Password update failed"
   render action: :edit
 end

data/Rakefile

@@ -1,5 +1,5 @@
 require "bundler/gem_tasks"
-require 'rspec/core/rake_task'
+require "rspec/core/rake_task"
 
 desc "Run all specs"
 RSpec::Core::RakeTask.new(:spec) do |t|

data/lib/passwd.rb

@@ -1,6 +1,7 @@
 # coding: utf-8
 
 require "digest/sha1"
+require "digest/sha2"
 
 require "passwd/version"
 require "passwd/errors"

data/lib/passwd/base.rb

@@ -24,8 +24,12 @@ module Passwd
       password_hash == enc_pass
     end
 
-    def hashing(plain)
-      Digest::SHA1.hexdigest plain
+    def hashing(plain, algorithm=nil)
+      if algorithm.nil?
+        eval "Digest::#{@config.algorithm.to_s.upcase}.hexdigest \"#{plain}\""
+      else
+        eval "Digest::#{algorithm.to_s.upcase}.hexdigest \"#{plain}\""
+      end
     end
 
     def confirm_check(password, confirm, with_policy=false)

data/lib/passwd/configuration/abstract_config.rb

@@ -3,6 +3,7 @@
 module Passwd
   class AbstractConfig
     VALID_OPTIONS_KEYS = [
+      :algorithm,
       :length,
       :lower,
       :upper,

data/lib/passwd/configuration/config.rb

@@ -11,6 +11,7 @@ module Passwd
     end
 
     def reset
+      self.algorithm = :sha512
       self.length = 8
       self.lower = true
       self.upper = true

data/lib/passwd/version.rb

@@ -1,3 +1,3 @@
 module Passwd
-  VERSION = "0.1.4"
+  VERSION = "0.1.5"
 end

data/spec/passwd/active_record_spec.rb

@@ -8,9 +8,9 @@ describe Passwd::ActiveRecord do
     define_column
   end
 
-  let(:salt) {Digest::SHA1.hexdigest("salt")}
+  let(:salt) {Digest::SHA512.hexdigest("salt")}
   let(:password_text) {"secret"}
-  let(:password_hash) {Digest::SHA1.hexdigest("#{salt}#{password_text}")}
+  let(:password_hash) {Digest::SHA512.hexdigest("#{salt}#{password_text}")}
 
   describe ".#included" do
     it "define singleton methods" do

data/spec/passwd/base_spec.rb

@@ -69,9 +69,19 @@ describe Passwd do
     end
 
     describe "#hashing" do
+      it "should call SHA512.#hexdigest" do
+        Digest::SHA512.should_receive(:hexdigest)
+        Passwd.hashing("secret")
+      end
+
       it "return hashed password" do
-        Digest::SHA1.should_receive(:hexdigest).with("secret").and_return("hash")
-        expect(Passwd.hashing("secret")).to eq("hash")
+        hashed = Digest::SHA512.hexdigest "secret"
+        expect(Passwd.hashing("secret")).to eq(hashed)
+      end
+
+      it "return hashed password specified algorithm" do
+        hashed = Digest::SHA256.hexdigest "secret"
+        expect(Passwd.hashing("secret", :sha256)).to eq(hashed)
       end
 
       it "should create exception if not specified argument" do

data/spec/passwd/configuration/config_spec.rb

@@ -6,6 +6,10 @@ describe Passwd::Config do
   let(:config) {Passwd::Config.instance}
 
   describe "defined accessors" do
+    it "defined algorithm" do
+      expect(config.respond_to? :algorithm).to be_true
+    end
+
     it "defined length" do
       expect(config.respond_to? :length).to be_true
     end
@@ -36,6 +40,10 @@ describe Passwd::Config do
   end
 
   describe "#initialize" do
+    it "algorithm should be a default" do
+      expect(config.algorithm).to eq(:sha512)
+    end
+
     it "length should be a default" do
       expect(config.length).to eq(8)
     end

data/spec/passwd/configuration/tmp_config_spec.rb

@@ -10,6 +10,10 @@ describe Passwd::TmpConfig do
   end
 
   describe "defined accessors" do
+    it "defined algorithm" do
+      expect(config.respond_to? :algorithm).to be_true
+    end
+
     it "defined length" do
       expect(tmp_config.respond_to? :length).to be_true
     end
@@ -41,6 +45,10 @@ describe Passwd::TmpConfig do
 
   describe "#initialize" do
     context "with empty options" do
+      it "algorithm should be a default" do
+        expect(config.algorithm).to eq(:sha512)
+      end
+
       it "length should be a default" do
         expect(tmp_config.length).to eq(8)
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passwd
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: ruby
 authors:
 - i2bskn
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-10-03 00:00:00.000000000 Z
+date: 2013-12-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -62,6 +62,7 @@ files:
 - .coveralls.yml
 - .gitignore
 - .travis.yml
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -77,7 +78,6 @@ files:
 - lib/passwd/password.rb
 - lib/passwd/version.rb
 - passwd.gemspec
-- samples/activerecord/user.rake
 - spec/passwd/active_record_spec.rb
 - spec/passwd/base_spec.rb
 - spec/passwd/configuration/config_spec.rb
@@ -105,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.0
+rubygems_version: 2.0.3
 signing_key: 
 specification_version: 4
 summary: Password utility

data/samples/activerecord/user.rake

@@ -1,28 +0,0 @@
-namespace :user do
-  # E.G. rake name="Taro Suzuki" email=taro@example.com password=secret user:create
-  desc "create user (specify env of name and email and password)"
-  task :create => :environment do
-    raise ArgumentError, "email is required" if ENV["email"].nil?
-    raise ArgumentError, "name is required" if ENV["name"].nil?
-
-    raise "must be a unique email" if User.exists?(email: ENV["email"])
-    
-    user = User.new(name: ENV["name"], email: ENV["email"])
-
-    password = user.set_password(ENV["password"])
-    user.save!
-    puts "Creating a user was successful.\nPassword: #{password}"
-  end
-
-  # E.G. rake email=taro@example.com password=secret user:password_update
-  desc "update password (specify env of email and password)"
-  task :password_update => :environment do
-    raise ArgumentError, "email is required" if ENV["email"].nil?
-    raise "must specify the email that exists" unless User.exists?(email: ENV["email"])
-
-    user = User.find_by(email: ENV["email"])
-    password = user.set_password(ENV["password"])
-    user.save!
-    puts "Password update was successful.\nPassword: #{password}"
-  end
-end