passwd 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 4315761117ee941709bb71c7eb31757f2a5b7ec2
-  data.tar.gz: ad9db1a83f918d12d53a6ac15f4d3cb39e8f3c9b
+SHA256:
+  metadata.gz: f9a0399d0e6b478da6e96ad38e2806fb32199bae624d5bddf4abd5093d652cf8
+  data.tar.gz: 6b7a805295dcd19b924156838b24463cbdd9bf233280027cf3ce49d4abeeb9df
 SHA512:
-  metadata.gz: d8025a6e85f67eacdf856281b17ceef650fb354e48fbafe1a4c06c979a7d2e1bf98ed1e4d812d3429b141945f1f7cbb0bcd7652b1ca65a288ba0583ba7ad971c
-  data.tar.gz: 780295751daffe7ebda019356f62aac1f56fe5a388b09281d8a8889654feb5d97d2f527c0de3c85f8344e1e41351887068202493d1cb5994022bfda4ebe83a71
+  metadata.gz: 99d186d8eb981e43d3ece62f8d96c74ec84cb328d5d5fc56338d322cd9e0cef8f626ef405647eaad01e5cb0fda7e1af3f077beed16ec2fe9adc2798bc3ad9fa7
+  data.tar.gz: 7498777e9c67f19b18be0e4c1119fa810551bc4a2fc01411ac1ada816879fce1c2b16d9f31635e1f0426aa2c1486af985dc5b47894529a3b31e657457b5ec748

data/.github/workflows/ci.yml

@@ -0,0 +1,28 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: CI
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 2.7.2
+    - name: Install dependencies
+      run: bundle install
+    - name: Run tests
+      run: bundle exec rake spec
+    - name: Run rubocop
+      run: bundle exec rake rubocop

data/.gitignore

@@ -8,3 +8,4 @@
 /tmp/
 
 /Gemfile.lock
+/.rspec_status

data/.rubocop.yml

@@ -0,0 +1,168 @@
+AllCops:
+  NewCops: enable
+  TargetRubyVersion: 2.7
+  Exclude:
+    - "node_modules/**/*"
+    - "vendor/**/*"
+
+# Private methods indent.
+Layout/IndentationConsistency:
+  EnforcedStyle: indented_internal_methods
+
+# Warning: 120 characters
+# Error:   160 characters
+# Make the library more restrictive.
+Layout/LineLength:
+  Max: 120
+
+# Multi-line indentation with receiver.
+Layout/MultilineMethodCallIndentation:
+  EnforcedStyle: indented_relative_to_receiver
+
+Layout/SpaceInsideBlockBraces:
+  SpaceBeforeBlockParameters: false
+
+Lint/AmbiguousBlockAssociation:
+  Exclude:
+    - "spec/**/*_spec.rb"
+
+# May define constants within the block in spec.
+Lint/ConstantDefinitionInBlock:
+  Exclude:
+    - "spec/**/*_spec.rb"
+
+Lint/InheritException:
+  EnforcedStyle: standard_error
+
+Lint/UnderscorePrefixedVariableName:
+  Enabled: false
+
+Lint/UnusedMethodArgument:
+  Enabled: false
+
+Metrics/AbcSize:
+  Max: 24
+
+Metrics/BlockLength:
+  Exclude:
+    - "spec/**/*.rb"
+    - "Gemfile"
+    - "*.gemspec"
+
+Metrics/CyclomaticComplexity:
+  Max: 10
+
+Metrics/MethodLength:
+  Max: 20
+
+Security/YAMLLoad:
+  Enabled: false
+
+Style/Alias:
+  EnforcedStyle: prefer_alias_method
+
+Style/AndOr:
+  EnforcedStyle: conditionals
+
+Style/AsciiComments:
+  Enabled: false
+
+Style/BlockDelimiters:
+  Enabled: false
+
+Style/ClassAndModuleChildren:
+  Enabled: false
+
+Style/CollectionMethods:
+  PreferredMethods:
+    detect: "detect"
+    find: "detect"
+    inject: "inject"
+    reduce: "inject"
+
+Style/Documentation:
+  Enabled: false
+
+Style/DoubleNegation:
+  Enabled: false
+
+Style/EmptyCaseCondition:
+  Enabled: false
+
+Style/EmptyElse:
+  EnforcedStyle: empty
+
+Style/EmptyMethod:
+  EnforcedStyle: expanded
+
+Style/FormatString:
+  EnforcedStyle: percent
+
+# Do not use frozen_string_literal comment.
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
+Style/HashSyntax:
+  Exclude:
+    - "Rakefile"
+
+Style/MultilineBlockChain:
+  Enabled: false
+
+Style/MixinUsage:
+  Exclude:
+    - "bin/setup"
+
+# Use _ when 7 digits or more.
+Style/NumericLiterals:
+  MinDigits: 7
+  Strict: true
+
+Style/NumericPredicate:
+  Enabled: false
+
+Style/OrAssignment:
+  Enabled: false
+
+Style/PercentLiteralDelimiters:
+  Enabled: false
+
+# `has_xxx?` is more readable.
+Style/PreferredHashMethods:
+  EnforcedStyle: verbose
+
+# Do not use unnecessary returns. (Allow to return multiple values.)
+Style/RedundantReturn:
+  AllowMultipleReturnValues: true
+
+# Do not specify error class when rescuing StandardError.
+Style/RescueStandardError:
+  EnforcedStyle: implicit
+
+# String literals use double quotes.
+Style/StringLiterals:
+  EnforcedStyle: double_quotes
+
+# String literal inside the string interpolation use double quotes too.
+Style/StringLiteralsInInterpolation:
+  EnforcedStyle: double_quotes
+
+# Percent(`%i(a b)`) and brackets(`[:a, :b]`) are acceptable.
+Style/SymbolArray:
+  Enabled: false
+
+# Put a trailing comma in argument list.
+Style/TrailingCommaInArguments:
+  EnforcedStyleForMultiline: comma
+
+# Put a trailing comma in Array literal.
+Style/TrailingCommaInArrayLiteral:
+  EnforcedStyleForMultiline: comma
+
+# Put a trailing comma in Hash literal.
+Style/TrailingCommaInHashLiteral:
+  EnforcedStyleForMultiline: comma
+
+# Percent(`%w(a b)`) and brackets(`["a", "b"]`) are acceptable.
+Style/WordArray:
+  Enabled: false

data/.ruby-version

@@ -0,0 +1 @@
+2.7.2

data/README.md

@@ -36,7 +36,10 @@ See [config](https://github.com/i2bskn/passwd/blob/master/lib/generators/passwd/
 ```ruby
 passwd = Passwd.current
 passwd.random(10) # Create random password of 10 characters.
-passwd.hashed_password("secret", "salt") # Create hashed password with stretching.
+password = passwd.password_hashing("secret") # Create hashed password from plain text.
+password == "secret" # => true
+load_password = passwd.load_password("hashed_password") # Load hashed password.
+load_password == "secret"
 ```
 
 ### ActiveRecord with Rails
@@ -56,7 +59,6 @@ User model The following column are required.
 Column name can be changed with the specified options.
 
 - `:id => :email` Unique value to be used for authentication.
-- `:salt => :salt` Column of String to save the salt.
 - `:password => :password` Column of String to save the hashed password.
 
 Use the `name` column as id.

data/Rakefile

@@ -1,10 +1,8 @@
 require "bundler/gem_tasks"
-require "rake/testtask"
+require "rspec/core/rake_task"
+require "rubocop/rake_task"
 
-Rake::TestTask.new(:test) do |t|
-  t.libs << "test"
-  t.libs << "lib"
-  t.test_files = FileList["test/**/*_test.rb"]
-end
+RSpec::Core::RakeTask.new(:spec)
+RuboCop::RakeTask.new
 
-task :default => :test
+task :default => %i(spec rubocop)

data/lib/generators/passwd/install/templates/passwd.rb

@@ -1,11 +1,8 @@
 Passwd.current.config.tap do |config|
-  # Hashing algorithm
-  # Supported algorithm is :md5, :rmd160, :sha1, :sha256, :sha384 and :sha512
-  # config.algorithm = :sha512
-
   # Number of hashed by stretching
-  # Not stretching if specified nil or 0.
-  # config.stretching = 100
+  # Minimum is 4, maximum is 31, default is 12.
+  # See also BCrypt::Engine
+  # config.stretching = 12
 
   # Random generate password length
   # config.length = 10
@@ -22,6 +19,3 @@ end
 
 # Redirect path when not signin
 # Rails.application.config.passwd.signin_path = :signin_path
-
-# Salt generation logic
-# Rails.application.config.passwd.random_salt = proc { SecureRandom.uuid }

data/lib/passwd.rb

@@ -1,6 +1,4 @@
-require "digest"
-require "securerandom"
-
+require "bcrypt"
 require "passwd/version"
 require "passwd/errors"
 require "passwd/config"
@@ -12,32 +10,26 @@ class Passwd
       @current ||= new
     end
 
-    def current=(passwd)
-      @current = passwd
-    end
+    attr_writer :current
   end
 
   def initialize(conf = nil)
     @config = conf
   end
 
-  def hashed_password(plain, salt)
-    config.stretching.to_i.times.with_object([digest_class.hexdigest([plain, salt].join)]) { |_, pass|
-      pass[0] = digest_class.hexdigest(pass[0])
-    }.first
+  def password_hashing(plain)
+    BCrypt::Password.create(plain, cost: config.stretching.clamp(BCrypt::Engine::MIN_COST, BCrypt::Engine::MAX_COST))
+  end
+
+  def load_password(hashed_password)
+    BCrypt::Password.new(hashed_password)
   end
 
-  def random(n = nil)
-    Array.new(n || config.length) { config.characters[rand(config.characters.size)] }.join
+  def random(long = nil)
+    Array.new(long || config.length) { config.characters[rand(config.characters.size)] }.join
   end
 
   def config
     @config ||= Config.new
   end
-
-  private
-
-    def digest_class
-      Digest.const_get(config.algorithm.upcase)
-    end
 end

data/lib/passwd/config.rb

@@ -1,13 +1,12 @@
 class Passwd
   class Config
     VALID_OPTIONS = [
-      :algorithm,
       :stretching,
       :length,
       :characters,
     ].freeze
 
-    attr_accessor *VALID_OPTIONS
+    attr_accessor(*VALID_OPTIONS)
 
     def initialize(options = {})
       reset
@@ -15,13 +14,12 @@ class Passwd
     end
 
     def merge(options)
-      options.keys.each { |key| send("#{key}=", options[key]) }
+      options.each_key {|key| send("#{key}=", options[key]) }
       self
     end
 
     def reset
-      @algorithm  = :sha512
-      @stretching = 100
+      @stretching = 12
       @length     = 10
       @characters = [("a".."z"), ("A".."Z"), ("0".."9")].map(&:to_a).flatten
     end

data/lib/passwd/errors.rb

@@ -1,3 +1,4 @@
 class Passwd
   class UnauthorizedAccess < StandardError; end
+  class ContainsBinaryCharacter < StandardError; end
 end

data/lib/passwd/rails/action_controller_ext.rb

@@ -33,16 +33,17 @@ module Passwd::Rails
       end
 
       def redirect_to_referer_or(path, options = {})
-        redirect_to session[:referer].presence || path, **options
+        redirect_to session[:signin_referer].presence || path, **options
       end
 
       def require_signin
-        unless signin?
-          path = _signin_path
-          raise UnauthorizedAccess unless path
-          session[:referer] = request.fullpath
-          redirect_to path
-        end
+        return if signin?
+
+        path = _signin_path
+        raise UnauthorizedAccess unless path
+
+        session[:signin_referer] = request.fullpath
+        redirect_to path
       end
 
       def passwd_auth_class

data/lib/passwd/rails/active_record_ext.rb

@@ -1,10 +1,10 @@
 module Passwd::Rails
   module ActiveRecordExt
-    def with_authenticate(passwd: nil, user_id: :email, salt: :salt, password: :password)
+    def with_authenticate(passwd: nil, user_id: :email, password: :password)
       passwd ||= Passwd.current
       define_singleton_auth_with_passwd(user_id)
-      define_instance_auth_with_passwd(passwd, salt, password)
-      define_instance_set_password(passwd, salt, password)
+      define_instance_auth_with_passwd(passwd, password)
+      define_instance_set_password(passwd, password)
     end
 
     private
@@ -18,18 +18,16 @@ module Passwd::Rails
         end
       end
 
-      def define_instance_auth_with_passwd(passwd, salt_col, password_col)
+      def define_instance_auth_with_passwd(passwd, password_col)
         define_method :authenticate do |plain|
-          passwd.hashed_password(plain, send(salt_col)) == send(password_col)
+          BCrypt::Password.new(send(password_col)) == plain
         end
       end
 
-      def define_instance_set_password(passwd, salt_col, password_col)
+      def define_instance_set_password(passwd, password_col)
         define_method :set_password do |plain = nil|
           plain ||= passwd.random
-          random_salt = Rails.application.config.passwd.random_salt || proc { SecureRandom.uuid }
-          send("#{salt_col}=", random_salt.call(self)) unless send(salt_col)
-          send("#{password_col}=", passwd.hashed_password(plain, send(salt_col)))
+          send("#{password_col}=", passwd.password_hashing(plain))
           plain
         end
       end

data/lib/passwd/railtie.rb

@@ -7,11 +7,11 @@ class Passwd
       require "passwd/rails/active_record_ext"
 
       ActiveSupport.on_load(:action_controller) do
-        ::ActionController::Base.send(:include, ::Passwd::Rails::ActionControllerExt)
+        ::ActionController::Base.include ::Passwd::Rails::ActionControllerExt
       end
 
       ActiveSupport.on_load(:active_record) do
-        ::ActiveRecord::Base.send(:extend, Passwd::Rails::ActiveRecordExt)
+        ::ActiveRecord::Base.extend Passwd::Rails::ActiveRecordExt
       end
     end
   end

data/lib/passwd/version.rb

@@ -1,4 +1,3 @@
 class Passwd
-  VERSION = "0.3.0".freeze
+  VERSION = "0.4.0".freeze
 end
-

data/passwd.gemspec

@@ -1,4 +1,4 @@
-lib = File.expand_path("../lib", __FILE__)
+lib = File.expand_path("lib", __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require "passwd/version"
 
@@ -6,10 +6,10 @@ Gem::Specification.new do |spec|
   spec.name          = "passwd"
   spec.version       = Passwd::VERSION
   spec.authors       = ["i2bskn"]
-  spec.email         = ["i2bskn@gmail.com"]
+  spec.email         = ["iiboshi@craftake.co.jp"]
 
-  spec.description   = %q{Passwd is provide hashed password creation and authentication.}
-  spec.summary       = %q{Passwd is provide hashed password creation and authentication.}
+  spec.description   = "Passwd is provide hashed password creation and authentication."
+  spec.summary       = "Passwd is provide hashed password creation and authentication."
   spec.homepage      = "https://github.com/i2bskn/passwd"
   spec.license       = "MIT"
 
@@ -18,11 +18,15 @@ Gem::Specification.new do |spec|
   end
 
   spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.executables   = spec.files.grep(%r{^exe/}) {|f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler"
-  spec.add_development_dependency "rake"
-  spec.add_development_dependency "minitest", "~> 5.0"
-  spec.add_development_dependency "pry"
+  spec.required_ruby_version = ">= 2.7.0"
+
+  spec.add_dependency "bcrypt", "~> 3.1.0"
+  spec.add_development_dependency "bundler", ">= 2.1.0"
+  spec.add_development_dependency "pry", "~> 0.14.0"
+  spec.add_development_dependency "rake", "~> 13.0.0"
+  spec.add_development_dependency "rspec", "~> 3.10.0"
+  spec.add_development_dependency "rubocop", "1.11.0"
 end

metadata

@@ -1,80 +1,110 @@
 --- !ruby/object:Gem::Specification
 name: passwd
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - i2bskn
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-07-23 00:00:00.000000000 Z
+date: 2021-03-18 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.1.0
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.14.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.14.0
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 13.0.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 13.0.0
 - !ruby/object:Gem::Dependency
-  name: minitest
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: 3.10.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: 3.10.0
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.11.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.11.0
 description: Passwd is provide hashed password creation and authentication.
 email:
-- i2bskn@gmail.com
+- iiboshi@craftake.co.jp
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/ci.yml"
 - ".gitignore"
-- ".travis.yml"
+- ".rubocop.yml"
+- ".ruby-version"
 - Gemfile
 - LICENSE
 - README.md
@@ -96,7 +126,7 @@ homepage: https://github.com/i2bskn/passwd
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -104,16 +134,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.11
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Passwd is provide hashed password creation and authentication.
 test_files: []

data/.travis.yml

@@ -1,5 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-  - 2.5.1
-before_install: gem install bundler -v 1.16.2