passwd 0.1.5 → 0.2.0

data/lib/passwd/policy.rb

@@ -0,0 +1,28 @@
+module Passwd
+  class Policy
+    VALID_OPTIONS = [
+      :min_length,
+      :require_lower,
+      :require_upper,
+      :require_number
+    ].freeze
+
+    attr_accessor *VALID_OPTIONS
+
+    def initialize
+      reset
+    end
+
+    def configure
+      yield self
+    end
+
+    def reset
+      self.min_length = 8
+      self.require_lower = true
+      self.require_upper = false
+      self.require_number = true
+    end
+  end
+end
+

data/lib/passwd/railtie.rb

@@ -0,0 +1,19 @@
+module Passwd
+  class Railtie < ::Rails::Railtie
+    config.passwd = ActiveSupport::OrderedOptions.new
+
+    initializer "passwd" do
+      require "passwd/action_controller_ext"
+      require "passwd/active_record_ext"
+
+      ActiveSupport.on_load(:action_controller) do
+        ::ActionController::Base.send(:include, Passwd::ActionControllerExt)
+      end
+
+      ActiveSupport.on_load(:active_record) do
+        ::ActiveRecord::Base.send(:extend, Passwd::ActiveRecordExt)
+      end
+    end
+  end
+end
+

data/lib/passwd/salt.rb

@@ -0,0 +1,50 @@
+module Passwd
+  class Salt
+    include Base
+
+    attr_reader :plain, :hash
+
+    def initialize(options = {})
+      options = default_options.merge(options)
+
+      @password = options[:password]
+      if options.has_key?(:hash)
+        @plain = nil
+        @hash = options[:hash]
+      else
+        @plain = options[:plain] || (raise ArgumentError)
+        @hash = digest_without_stretching(@plain)
+      end
+    end
+
+    def update_plain(value)
+      @plain = value
+      @hash = digest_without_stretching(@plain)
+      update_password!
+    end
+
+    def update_hash(value)
+      @plain = nil
+      @hash = value
+      update_password!
+    end
+
+    def self.from_plain(value, password = nil)
+      new(plain: value, password: password)
+    end
+
+    def self.from_hash(value, password = nil)
+      new(hash: value, password: password)
+    end
+
+    private
+      def default_options
+        {plain: Time.now.to_s}
+      end
+
+      def update_password!
+        @password.rehash if @password && @password.plain
+      end
+  end
+end
+

data/lib/passwd/version.rb

@@ -1,3 +1,4 @@
 module Passwd
-  VERSION = "0.1.5"
+  VERSION = "0.2.0"
 end
+

data/passwd.gemspec

@@ -17,7 +17,13 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "bundler"
   spec.add_development_dependency "rake"
-  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "coveralls"
+  spec.add_development_dependency "simplecov"
+  spec.add_development_dependency "rails"
+  spec.add_development_dependency "rspec-rails"
+  spec.add_development_dependency "sqlite3"
+  spec.add_development_dependency "database_rewinder"
 end
+

data/spec/passwd/active_record_ext_spec.rb

@@ -0,0 +1,80 @@
+require "spec_helper"
+
+describe Passwd::ActiveRecordExt do
+  describe ".with_authenticate" do
+    it { expect(ActiveRecord::Base).to respond_to(:with_authenticate) }
+
+    context User do
+      let(:new_pass) { "NewPassw0rd" }
+      let(:password) { Passwd::Password.new }
+      let(:user) {
+        User.create(
+          name: "i2bskn",
+          email: "i2bskn@example.com",
+          salt: password.salt.hash,
+          password: password.hash
+        )
+      }
+
+      it { is_expected.to respond_to(:passwd) }
+      it { is_expected.to respond_to(:authenticate) }
+      it { expect(User).to respond_to(:authenticate) }
+      it { is_expected.to respond_to(:set_password) }
+      it { is_expected.to respond_to(:update_password) }
+
+      context "#passwd" do
+        after { user.passwd }
+
+        it { expect(user.passwd.is_a?(Passwd::Password)).to be_truthy }
+        it { expect(user).to receive(:reload) }
+        it { expect(Passwd::Password).to receive(:from_hash) }
+
+        it {
+          user = User.new
+          expect(user).to receive(:set_password)
+          user.passwd
+        }
+      end
+
+      context ".authenticate" do
+        before { user }
+
+        it { expect(User.authenticate("i2bskn@example.com", password.plain)).not_to be_falsy }
+        it { expect(User.authenticate("i2bskn@example.com", "invalid")).to be_falsy }
+      end
+
+      context "#authenticate" do
+        it { expect(user.authenticate(password.plain)).not_to be_falsy }
+        it { expect(user.authenticate("invalid")).to be_falsy }
+      end
+
+      context "#set_password" do
+        it { expect { user.set_password }.to change { user.password } }
+        it { expect { user.set_password(new_pass) }.to change { user.password } }
+      end
+
+      context "#update_password" do
+        before { user }
+
+        it {
+          expect {
+            user.update_password(password.plain, new_pass)
+          }.to change { user.password }
+        }
+
+        it {
+          expect {
+            user.update_password(password.plain, "secret", true)
+          }.to raise_error(Passwd::PolicyNotMatch)
+        }
+
+        it {
+          expect {
+            user.update_password("invalid", new_pass)
+          }.to raise_error(Passwd::AuthenticationFails)
+        }
+      end
+    end
+  end
+end
+

data/spec/passwd/base_spec.rb

@@ -1,236 +1,60 @@
-# coding: utf-8
-
 require "spec_helper"
 
-describe Passwd do
-  describe "extended Base" do
-    describe "#create" do
-      context "without arguments" do
-        let(:password) {Passwd.create}
-
-        it "TmpConfig should not be generated" do
-          Passwd::TmpConfig.should_not_receive(:new)
-          expect{password}.not_to raise_error
-        end
-
-        it "created password should be String object" do
-          expect(password.is_a? String).to be_true
-        end
-
-        it "created password length should be default length" do
-          expect(password.size).to eq(8)
-        end
-      end
-
-      context "with arguments" do
-        it "TmpConfig should be generated" do
-          tmp_config = double("tmp_config mock", length: 8, letters: ["a", "b"])
-          Passwd::TmpConfig.should_receive(:new).and_return(tmp_config)
-          expect{Passwd.create(length: 10)}.not_to raise_error
-        end
-
-        it "password was created specified characters" do
-          expect(Passwd.create(length: 10).size).to eq(10)
-        end
-
-        it "password create without lower case" do
-          expect(("a".."z").to_a.include? Passwd.create(lower: false)).to be_false
-        end
-
-        it "password create without upper case" do
-          expect(("A".."Z").to_a.include? Passwd.create(upper: false)).to be_false
-        end
-
-        it "password create without number" do
-          expect(("0".."9").to_a.include? Passwd.create(number: false)).to be_false
-        end
-      end
-    end
-
-    describe "#auth" do
-      let!(:password) do
-        password = Passwd.create
-        salt_hash = Passwd.hashing(Time.now.to_s)
-        password_hash = Passwd.hashing("#{salt_hash}#{password}")
-        {text: password, salt: salt_hash, hash: password_hash}
-      end
-
-      it "return true with valid password" do
-        expect(Passwd.auth(password[:text], password[:salt], password[:hash])).to be_true
-      end
-
-      it "return false with invalid password" do
-        expect(Passwd.auth("invalid", password[:salt], password[:hash])).to be_false
-      end
-
-      it "should create exception if not specified arguments" do
-        expect(proc{Passwd.auth}).to raise_error
-      end
-    end
-
-    describe "#hashing" do
-      it "should call SHA512.#hexdigest" do
-        Digest::SHA512.should_receive(:hexdigest)
-        Passwd.hashing("secret")
-      end
-
-      it "return hashed password" do
-        hashed = Digest::SHA512.hexdigest "secret"
-        expect(Passwd.hashing("secret")).to eq(hashed)
-      end
-
-      it "return hashed password specified algorithm" do
-        hashed = Digest::SHA256.hexdigest "secret"
-        expect(Passwd.hashing("secret", :sha256)).to eq(hashed)
-      end
-
-      it "should create exception if not specified argument" do
-        expect(proc{Passwd.hashing}).to raise_error
-      end
-    end
-
-    describe "#confirm_check" do
-      context "with out policy check" do
-        it "should generate exception if password don't match" do
-          expect{
-            Passwd.confirm_check("secret", "invalid")
-            }.to raise_error(Passwd::PasswordNotMatch)
-        end
-
-        it "return true if password matches" do
-          expect(Passwd.confirm_check("secret", "secret")).to be_true
-        end
-      end
-
-      context "with policy check" do
-        it "return false if invalid password by policy" do
-          expect(Passwd.confirm_check("secret", "secret", true)).to be_false
-        end
-
-        it "return true if valid password by policy" do
-          expect(Passwd.confirm_check("secretpass", "secretpass", true)).to be_false
-        end
-      end
-    end
-
-    describe "#configure" do
-      it "return configuration object" do
-        expect(Passwd.configure.is_a? Passwd::Config).to be_true
-      end
-
-      it "set config value from block" do
-        Passwd.configure do |c|
-          c.length = 10
-        end
-        expect(Passwd.configure.length).not_to eq(8)
-        expect(Passwd.configure.length).to eq(10)
-      end
-
-      it "set config value from hash" do
-        Passwd.configure length: 20
-        expect(Passwd.config.length).not_to eq(8)
-        expect(Passwd.config.length).to eq(20)
-      end
-
-      it "alias of configure as config" do
-        expect(Passwd.configure.object_id).to eq(Passwd.config.object_id)
-      end
-    end
-
-    describe "#policy_configure" do
-      it "return policy object" do
-        expect(Passwd.policy_configure.is_a? Passwd::Policy).to be_true
-      end
-
-      it "set policy value from block" do
-        Passwd.policy_configure do |c|
-          c.min_length = 10
-        end
-        expect(Passwd.policy_configure.min_length).not_to eq(8)
-        expect(Passwd.policy_configure.min_length).to eq(10)
-      end
-    end
-
-    describe "#policy_check" do
-      it "Policy#valid? should be called" do
-        Passwd::Policy.instance.should_receive(:valid?).with("secret1234" ,Passwd::Config.instance)
-        expect(Passwd.policy_check("secret1234")).not_to raise_error
-      end
-    end
-
-    describe "#reset_policy" do
-      let(:policy) {Passwd::Policy.instance}
-      
-      before {
-        policy.configure do |c|
-          c.min_length = 20
-          c.require_lower = false
-          c.require_upper = true
-          c.require_number = false
-        end
-        Passwd.reset_policy
-      }
-
-      it "min_length should be a default" do
-        expect(policy.min_length).to eq(8)
-      end
-
-      it "require_lower should be a default" do
-        expect(policy.require_lower).to be_true
-      end
-
-      it "upper should be a default" do
-        expect(policy.require_upper).to be_false
-      end
-
-      it "number should be a default" do
-        expect(policy.require_number).to be_true
-      end
-    end
-
-    describe "#reset_config" do
-      let(:config) {Passwd::Config.instance}
-      
-      before {
-        config.configure do |c|
-          c.length = 20
-          c.lower = false
-          c.upper = false
-          c.number = false
-          c.letters_lower = ["a"]
-          c.letters_upper = ["A"]
-          c.letters_number = ["0"]
-        end
-        Passwd.reset_config
-      }
-
-      it "length should be a default" do
-        expect(config.length).to eq(8)
-      end
-
-      it "lower should be a default" do
-        expect(config.lower).to be_true
-      end
-
-      it "upper should be a default" do
-        expect(config.upper).to be_true
-      end
-
-      it "number should be a default" do
-        expect(config.number).to be_true
-      end
-
-      it "letters_lower should be a default" do
-        expect(config.letters_lower).to eq(("a".."z").to_a)
-      end
+describe Passwd::Base do
+  let(:plain) { "secret" }
+
+  context "#random" do
+    it { expect(Passwd).to respond_to(:random) }
+    it { expect(Passwd.random.is_a?(String)).to be_truthy }
+    it { expect(Passwd.random.size).to eq(Passwd::PwConfig.length) }
+    it { expect(Passwd.random(lower: false)).not_to include(*"a".."z") }
+    it { expect(Passwd.random(upper: false)).not_to include(*"A".."Z") }
+    it { expect(Passwd.random(number: false)).not_to include(*"0".."9") }
+
+    it {
+      length = Passwd::PwConfig.length + 1
+      expect(Passwd.random(length: length).size).to eq(length)
+    }
+
+    it {
+      lower = ["a"]
+      expect(
+        Passwd.random(letters_lower: lower, upper: false, number: false)
+          .chars.uniq
+      ).to eq(lower)
+    }
+  end
 
-      it "letters_upper should be a default" do
-        expect(config.letters_upper).to eq(("A".."Z").to_a)
-      end
+  context "#digest" do
+    it { expect(Passwd.respond_to?(:digest)).to be_truthy }
+    it { expect(Passwd.digest(plain).is_a?(String)).to be_truthy }
+    it { expect(Passwd.digest(plain)).not_to eq(plain) }
+
+    it {
+      hashed = Passwd.send(:algorithm, Passwd::PwConfig.algorithm).hexdigest plain
+      expect(Passwd.digest(plain)).to eq(hashed)
+    }
+
+    it {
+      not_default = :md5
+      hashed = Passwd.send(:algorithm, not_default).hexdigest plain
+      expect(Passwd.digest(plain, not_default)).to eq(hashed)
+    }
+  end
 
-      it "letters_number should be a default" do
-        expect(config.letters_number).to eq(("0".."9").to_a)
-      end
-    end
+  context "#algorithm" do
+    it { expect(Passwd.send(:algorithm, :sha1)).to eq(Digest::SHA1) }
+    it { expect(Passwd.send(:algorithm, :sha256)).to eq(Digest::SHA256) }
+    it { expect(Passwd.send(:algorithm, :sha384)).to eq(Digest::SHA384) }
+    it { expect(Passwd.send(:algorithm, :sha512)).to eq(Digest::SHA512) }
+    it { expect(Passwd.send(:algorithm, :md5)).to eq(Digest::MD5) }
+    it { expect(Passwd.send(:algorithm, :rmd160)).to eq(Digest::RMD160) }
+
+    it {
+      expect {
+        Passwd.send(:algorithm, :unknowAn)
+      }.to raise_error
+    }
   end
-end
+end
+