passwd 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 15f7af650246f9de96bc2aa84b2a6be0f7057b43
-  data.tar.gz: 9d30c7e3e157b1bd21942502ec7664d0733650b9
+  metadata.gz: 4315761117ee941709bb71c7eb31757f2a5b7ec2
+  data.tar.gz: ad9db1a83f918d12d53a6ac15f4d3cb39e8f3c9b
 SHA512:
-  metadata.gz: 2fec9addec10e3bec27923d51a94ceea7a5d6c82c12085fd8639990dd23ac6c922899b2ca01e1959aad83438a99a48dbc695df2e06c006c70d5733ae9dc92291
-  data.tar.gz: c1da0f7170c0ee57591d584cbc7bb72f3f37461dd52d6bc95877ce305785527f0f3e1a9a8f3d1f36aaca620316ff59d585331d16677aa01e030cd9ebd89c1246
+  metadata.gz: d8025a6e85f67eacdf856281b17ceef650fb354e48fbafe1a4c06c979a7d2e1bf98ed1e4d812d3429b141945f1f7cbb0bcd7652b1ca65a288ba0583ba7ad971c
+  data.tar.gz: 780295751daffe7ebda019356f62aac1f56fe5a388b09281d8a8889654feb5d97d2f527c0de3c85f8344e1e41351887068202493d1cb5994022bfda4ebe83a71

data/.gitignore

@@ -1,17 +1,10 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+/Gemfile.lock

data/.travis.yml

@@ -1,13 +1,5 @@
+sudo: false
 language: ruby
 rvm:
-  - 2.0.0
-  - 2.1.0
-branches:
-  only:
-    - master
-gemfile:
-  - Gemfile
-script: bundle exec rake spec
-notifications:
-  mails:
-    - i2bskn@gmail.com
+  - 2.5.1
+before_install: gem install bundler -v 1.16.2

data/Gemfile

@@ -1,4 +1,6 @@
-source 'https://rubygems.org'
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
 
 # Specify your gem's dependencies in passwd.gemspec
 gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2013-2018 Ken Iiboshi
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -1,11 +1,8 @@
 # Passwd
 
 [![Gem Version](https://badge.fury.io/rb/passwd.svg)](http://badge.fury.io/rb/passwd)
-[![Build Status](https://travis-ci.org/i2bskn/passwd.svg?branch=master)](https://travis-ci.org/i2bskn/passwd)
-[![Coverage Status](https://img.shields.io/coveralls/i2bskn/passwd.svg)](https://coveralls.io/r/i2bskn/passwd?branch=master)
-[![Code Climate](https://codeclimate.com/github/i2bskn/passwd/badges/gpa.svg)](https://codeclimate.com/github/i2bskn/passwd)
 
-Password utilities and integration to Rails.
+Passwd is provide hashed password creation and authentication.
 
 ## Installation
 
@@ -17,10 +14,31 @@ gem "passwd"
 
 And then execute:
 
-    $ bundle
+```
+$ bundle install
+```
+
+Create config file(Only Rails) with:
+
+```
+$ bundle exec rails generate passwd:install
+```
+
+The following file will be created.  
+See [config](https://github.com/i2bskn/passwd/blob/master/lib/generators/passwd/install/templates/passwd.rb) if not Rails.
+
+- `config/initializers/passwd.rb`
 
 ## Usage
 
+### Ruby
+
+```ruby
+passwd = Passwd.current
+passwd.random(10) # Create random password of 10 characters.
+passwd.hashed_password("secret", "salt") # Create hashed password with stretching.
+```
+
 ### ActiveRecord with Rails
 
 Add authentication to your `User` model.  
@@ -57,39 +75,20 @@ Returns nil if authentication fails or doesn't exists user.
 Instance method is not required `id`.
 
 ```ruby
-user = User.authenticate(params[:email], params[:password]) # => return user object or nil.
-user.authenticate(params[:password])
+user = User.authenticate(params[:email], params[:password]) # Returns user object or nil.
+user.authenticate(params[:password]) # Returns true if authentication succeeded.
 ```
 
 `set_password` method will be set random password.  
 To specify password as an argument if you want to specify a password.  
 
 ```ruby
-current_user.set_password("secret") # => random password if not specified a argument.
-current_user.passwd.plain # => new password
+current_user.set_password("secret") # Set random password if not specified a argument.
 current_user.save
 
 new_user = User.new
-password = new_user.passwd.plain
-UserMailer.register(new_user, password).deliver!
-```
-
-`update_password` method will be set new password if the authentication successful.  
-But `update_password` method doesn't call `save` method.
-
-```ruby
-# update_password(OLD_PASSWORD, NEW_PASSWORD[, POLICY_CHECK=false])
-current_user.update_password(old_pass, new_pass, true)
-current_user.save
-```
-
-#### Policy check
-
-Default policy is 8 more characters and require lower case and require number.  
-Can be changed in configuration file.
-
-```ruby
-Passwd.policy_check("secret") # => true or false
+random_plain_password = new_user.set_password
+UserMailer.register(new_user, random_plain_password).deliver!
 ```
 
 ### ActionController
@@ -123,8 +122,8 @@ class SessionsController < ApplicationController
 
     if @user
       # Save user_id to session
-      signin!(@user)
-      redirect_to some_url, notice: "Signin was successful. Hello #{current_user.name}"
+      signin(@user)
+      redirect_to_referer_or some_path, notice: "Signin was successful. Hello #{current_user.name}"
     else # Authentication fails
       render action: :new
     end
@@ -133,38 +132,25 @@ class SessionsController < ApplicationController
   # DELETE /signout
   def destroy
     # Clear session (Only user_id)
-    signout!
-    redirect_to some_url
+    signout
+    redirect_to some_path
   end
 end
 ```
 
-`current_user` method available if already signin.
+`current_user` and `signin?` method available in controllers and views.
 
 ```ruby
-# app/controllers/greet_controller.rb
 def greet
-  render text: "Hello #{current_user.name}!!"
+  name = signin? ? current_user.name : "Guest"
+  render text: "Hello #{name}!!"
 end
-
-# app/views/greet/greet.html.erb
-<p>Hello <%= current_user.name %>!!<p>
-```
-
-### Generate configuration file
-
-Run generator of Rails.  
-Configuration file created to `config/initializers/passwd.rb`.
-
-```
-$ bundle exec rails generate passwd:config
 ```
 
 ## Contributing
 
-1. Fork it ( https://github.com/i2bskn/passwd/fork )
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create a new Pull Request
+Bug reports and pull requests are welcome on GitHub at https://github.com/i2bskn/passwd.
+
+## License
 
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -1,10 +1,10 @@
 require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+require "rake/testtask"
 
-desc "Run all specs"
-RSpec::Core::RakeTask.new(:spec) do |t|
-  t.rspec_opts = %w(--color --format documentation)
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/*_test.rb"]
 end
 
-task :default => :spec
-
+task :default => :test

data/bin/console

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "passwd"
+
+require "pry"
+Pry.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install --path .bundle
+
+# Do any other automated setup that you need to do here

data/lib/generators/passwd/install/USAGE

@@ -0,0 +1,5 @@
+Description:
+    Create Passwd config file.
+
+Example:
+    rails generate passwd:install

data/lib/generators/passwd/install/install_generator.rb

@@ -0,0 +1,10 @@
+module Passwd::Generators
+  class InstallGenerator < Rails::Generators::Base
+    source_root File.expand_path("templates", __dir__)
+
+    desc "Create Passwd config file"
+    def create_config_file
+      copy_file "passwd.rb", "config/initializers/passwd.rb"
+    end
+  end
+end

data/lib/generators/passwd/install/templates/passwd.rb

@@ -0,0 +1,27 @@
+Passwd.current.config.tap do |config|
+  # Hashing algorithm
+  # Supported algorithm is :md5, :rmd160, :sha1, :sha256, :sha384 and :sha512
+  # config.algorithm = :sha512
+
+  # Number of hashed by stretching
+  # Not stretching if specified nil or 0.
+  # config.stretching = 100
+
+  # Random generate password length
+  # config.length = 10
+
+  # Array of characters used for random password generation
+  # config.characters = [("a".."z"), ("A".."Z"), ("0".."9")].map(&:to_a).flatten
+end
+
+# Session key for authentication
+# Rails.application.config.passwd.session_key = :user_id
+
+# Authentication Model Class
+# Rails.application.config.passwd.auth_class = :User
+
+# Redirect path when not signin
+# Rails.application.config.passwd.signin_path = :signin_path
+
+# Salt generation logic
+# Rails.application.config.passwd.random_salt = proc { SecureRandom.uuid }

data/lib/passwd.rb

@@ -1,25 +1,43 @@
-require "digest/sha1"
-require "digest/sha2"
+require "digest"
+require "securerandom"
 
 require "passwd/version"
 require "passwd/errors"
-require "passwd/policy"
-require "passwd/configuration"
-require "passwd/base"
-require "passwd/salt"
-require "passwd/password"
+require "passwd/config"
 require "passwd/railtie" if defined?(Rails)
 
-module Passwd
-  extend Base
-  extend Configuration::Writable
+class Passwd
+  class << self
+    def current
+      @current ||= new
+    end
 
-  def self.policy_check(plain)
-    Password.from_plain(plain).valid?
+    def current=(passwd)
+      @current = passwd
+    end
   end
 
-  def self.match?(plain, salt_hash, hash)
-    Password.from_hash(hash, salt_hash).match?(plain)
+  def initialize(conf = nil)
+    @config = conf
+  end
+
+  def hashed_password(plain, salt)
+    config.stretching.to_i.times.with_object([digest_class.hexdigest([plain, salt].join)]) { |_, pass|
+      pass[0] = digest_class.hexdigest(pass[0])
+    }.first
+  end
+
+  def random(n = nil)
+    Array.new(n || config.length) { config.characters[rand(config.characters.size)] }.join
   end
-end
 
+  def config
+    @config ||= Config.new
+  end
+
+  private
+
+    def digest_class
+      Digest.const_get(config.algorithm.upcase)
+    end
+end

data/lib/passwd/config.rb

@@ -0,0 +1,29 @@
+class Passwd
+  class Config
+    VALID_OPTIONS = [
+      :algorithm,
+      :stretching,
+      :length,
+      :characters,
+    ].freeze
+
+    attr_accessor *VALID_OPTIONS
+
+    def initialize(options = {})
+      reset
+      merge(options)
+    end
+
+    def merge(options)
+      options.keys.each { |key| send("#{key}=", options[key]) }
+      self
+    end
+
+    def reset
+      @algorithm  = :sha512
+      @stretching = 100
+      @length     = 10
+      @characters = [("a".."z"), ("A".."Z"), ("0".."9")].map(&:to_a).flatten
+    end
+  end
+end

data/lib/passwd/errors.rb

@@ -1,8 +1,3 @@
-module Passwd
-  class PasswdError < StandardError; end
-  class UnauthorizedAccess < PasswdError; end
-  class PolicyNotMatch < PasswdError; end
-  class AuthenticationFails < PasswdError; end
-  class ConfigError < PasswdError; end
+class Passwd
+  class UnauthorizedAccess < StandardError; end
 end
-

data/lib/passwd/rails/action_controller_ext.rb

@@ -0,0 +1,77 @@
+module Passwd::Rails
+  module ActionControllerExt
+    extend ActiveSupport::Concern
+
+    included do
+      helper_method :current_user, :signin?
+    end
+
+    private
+
+      def current_user
+        return @current_user if instance_variable_defined?(:@current_user)
+
+        @current_user = _auth_class.find_by(id: session[_auth_key])
+      end
+
+      def signin?
+        current_user.present?
+      end
+
+      def signin(user)
+        if user.present?
+          @current_user = user
+          session[_auth_key] = user&.id
+        end
+
+        user.present?
+      end
+
+      def signout
+        session[_auth_key] = nil
+        @current_user = nil
+      end
+
+      def redirect_to_referer_or(path, options = {})
+        redirect_to session[:referer].presence || path, **options
+      end
+
+      def require_signin
+        unless signin?
+          path = _signin_path
+          raise UnauthorizedAccess unless path
+          session[:referer] = request.fullpath
+          redirect_to path
+        end
+      end
+
+      def passwd_auth_class
+        nil
+      end
+
+      def passwd_auth_key
+        nil
+      end
+
+      def passwd_signin_path
+        nil
+      end
+
+      def _auth_class
+        (Rails.application.config.passwd.auth_class || passwd_auth_class || :User).to_s.constantize
+      end
+
+      def _auth_key
+        Rails.application.config.passwd.session_key || passwd_auth_key || :user_id
+      end
+
+      def _signin_path
+        name = Rails.application.config.passwd.signin_path || passwd_signin_path || :signin_path
+        _url_helpers.respond_to?(name) ? _url_helpers.public_send(name) : nil
+      end
+
+      def _url_helpers
+        Rails.application.routes.url_helpers
+      end
+  end
+end