password_encryptor 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5251f411807b9386522b70d2b165e832e61c3f1b
-  data.tar.gz: 7c693f51498c5b348defe9c665243acbff3b9acb
+  metadata.gz: 1f3aff9002bc2806e31cb8982f5f8eb6fd3329d9
+  data.tar.gz: 34221c99437f9256a43e97a3b0840d7f3c8b925a
 SHA512:
-  metadata.gz: 2168c6776403a430d68e114c240d7dcb3b2d045d4c0f30934bf0fd0b69a6f2e4a247bfe3b9f594a696611b3733b41bcadadcea5d47af6f76f721c0034ca57d0c
-  data.tar.gz: 38b77443f4747658ab60f31b9c9c31aea5b1efc2d37ef0005a906dd1e7e9e9dde3bd9ed5ed4264d8df5b105074c8cce435c60ae31f349bb44c75af76635db4be
+  metadata.gz: 84ad7fb687b0897ac795ba5d1a251b1e7bceeb3436f838eb6eba695de3121526ce241181cbd57bc74f320363f72378592cce5a3e6b37a3607d0f101e384561f6
+  data.tar.gz: 659509dbc0304f67b2c66a6b0174d7546dcae204d2452993b3db1b1a4d89a946bdf98141e90ef760b6d0d03f17d804da2e8c8e06b7cd49884f59a9bd82823924

data/README.md

@@ -1,6 +1,9 @@
 # PasswordEncryptor
 
-TODO: Write a gem description
+This is a simple class that wraps BCrypt usage pattern into single
+method that does password encryption, verification, and takes makes it
+use minimum cost when running in Rails test and development environments
+(but it works without Rails too).
 
 ## Installation
 
@@ -18,7 +21,19 @@ Or install it yourself as:
 
 ## Usage
 
-TODO: Write usage instructions here
+To encrypt and get String that you can store to `encrypted_password`
+column in database, use:
+
+    encrypted_password = PasswordEncryptor.encrypt('password')
+
+To verify the password matches given String use:
+
+    PasswordEncryptor.new(encrypted_password) == 'password'
+    # => true
+
+Password verification does not raise any errors when encrypted password
+is invalid BCrypt hash, is empty or nil, just returns false in that
+case. Returns false on invalid password, of course, too.
 
 ## Contributing
 
@@ -27,3 +42,4 @@ TODO: Write usage instructions here
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)
 5. Create a new Pull Request
+

data/lib/password_encryptor.rb

@@ -1,7 +1,7 @@
 require 'bcrypt'
 
 class PasswordEncryptor
-  VERSION = "1.0.0"
+  VERSION = "1.0.1"
 
   def self.encrypt plain_text
     PasswordEncryptor.new(plain_text).encrypt
@@ -15,6 +15,14 @@ class PasswordEncryptor
     BCrypt::Password.create(@password, cost: cost)
   end
 
+  def matches?(hash)
+    BCrypt::Password.new(hash) == @password
+  rescue BCrypt::Errors::InvalidHash
+    false
+  end
+
+  alias_method :==, :matches?
+
   private
 
   def cost

data/spec/unit/password_encryptor_spec.rb

@@ -4,4 +4,29 @@ describe PasswordEncryptor do
   it 'should encrypt passwords using BCrypt' do
     expect(PasswordEncryptor.encrypt('password') == 'password').to eq(true)
   end
+
+  it 'should be possible to verify if password matches given hash' do
+    hash = PasswordEncryptor.encrypt('password')
+    expect(PasswordEncryptor.new('password').matches?(hash)).to eq(true)
+
+    hash = PasswordEncryptor.encrypt('wrong')
+    expect(PasswordEncryptor.new('password').matches?(hash)).to eq(false)
+
+    hash = "invalid hash"
+    expect(PasswordEncryptor.new('password').matches?(hash)).to eq(false)
+
+    hash = ""
+    expect(PasswordEncryptor.new('password').matches?(hash)).to eq(false)
+
+    hash = nil
+    expect(PasswordEncryptor.new('password').matches?(hash)).to eq(false)
+  end
+
+  it 'should be possible to verify password with == ' do
+    hash = PasswordEncryptor.encrypt('password')
+    expect(PasswordEncryptor.new('password') == hash).to eq(true)
+
+    hash = PasswordEncryptor.encrypt('wrong')
+    expect(PasswordEncryptor.new('password') == hash).to eq(false)
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: password_encryptor
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Hubert Łępicki