password_rehasher 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 409cef18ec9de50002c666881ae5cb056408d819
-  data.tar.gz: 8fd6efa013ae5e7cacaf6dcbff3ec0513dacd884
+  metadata.gz: 5169827d96b12add64e015006c864e49377f80f0
+  data.tar.gz: 62a0b15caeab61c3984f3f21468943b76db0dc0c
 SHA512:
-  metadata.gz: 01cd32f04dd356ed981600d1da983976e83937c75ab877e4f2ad13b85215cb40969e2f226fabbd7c5effbada3c7ac0942091098770f5d0898d768f938792ebce
-  data.tar.gz: e059422957191020d44b05508408db860539c8ee7ad1f38735655a61f542b34f9729feee4da13a6e10325640322fb3d4cf5df2eda2448da1d6e23b77a67c1274
+  metadata.gz: d6bf1ec18d4001703ae8b261f0d3b25438a82973757f67bea675f228ccc7b80c85fc0a49a74d04de4e58d2464c2de5f05966c7981938984bb96ab83bb40f6227
+  data.tar.gz: e1e0a533d1e0a7f383771f61224754084e21dd64289ecb7673734406574ef06e58615479b099822cab09f3896f31f209964501e594d1da7e8c1ae87ca881a3ad

data/README.md

@@ -7,11 +7,22 @@ Password Rehasher is a temporary gem to rehash the passwords in the RPM database
 ```ruby
 if (PasswordRehasher.password_valid?(plaintext_password, crypted_password)) {
 	if (PasswordRehasher.rehash_needed?(crypted_password)) {
-	    user.crypted_password = PasswordRehasher.hash_password(password)
+	    user.crypted_password = PasswordRehasher.hash_password(plaintext_password)
 	    user.save
     }
     # user is logged in
 } else {
 	# user is not logged in
 }
+```
+
+## Alternatively, to do all of the above if user.update_attribute("crypted_password", crypted_password) is what you want to do
+
+```ruby
+if (PasswordRehasher.validate_and_rehash?(user, plaintext_password, crypted_password)) {
+	# user is logged in and the password is rehashed (if necessary)
+} else {
+	# user is not logged in
+}
+
 ```

data/lib/password_rehasher.rb

@@ -2,7 +2,7 @@ require "scrypt"
 require 'digest/sha1'
 
 class PasswordRehasher
-	VERSION = "0.1.0"
+	VERSION = "0.2.0"
 
 	def self.password_valid?(plaintext_password, hashed_password)
 		case hashed_password.length 
@@ -28,4 +28,15 @@ class PasswordRehasher
 	def self.hash_password(plaintext_password)
 		SCrypt::Password.create(plaintext_password)
 	end
+
+	def self.validate_and_rehash?(user, plaintext_password, hashed_password)
+		if (plaintext_password && password_valid?(plaintext_password, hashed_password))
+			if (rehash_needed?(hashed_password))
+				user.update_attribute("crypted_password", hash_password(plaintext_password))
+			end
+			return true
+		else
+			return false
+		end
+	end
 end

data/spec/password_rehasher_spec.rb

@@ -26,12 +26,12 @@ describe PasswordRehasher do
 			it { is_expected.to be_truthy }
 		end
 
-		context 'with an scrypt hash' do
+		context 'with a scrypt hash' do
 			let(:hashed_password) { scrypt_hashed_password }
 			it { is_expected.to be_truthy }
 		end
 
-		context 'with an scrypt hash' do
+		context 'with an invalid scrypt hash' do
 			let(:hashed_password) { invalid_hashed_password }
 			it { is_expected.to be_falsey }
 		end
@@ -50,7 +50,7 @@ describe PasswordRehasher do
 			it { is_expected.to be_truthy }
 		end
 
-		context 'with an scrypt hash' do
+		context 'with a scrypt hash' do
 			let(:hashed_password) { scrypt_hashed_password }
 			it { is_expected.to be_falsey }
 		end
@@ -67,4 +67,58 @@ describe PasswordRehasher do
 			expect(password_object == incorrect_plaintext_password).to be_falsey
 		end
 	end
+
+	describe '.validate_and_rehash?' do
+		subject { PasswordRehasher.validate_and_rehash?(user, plaintext_password, hashed_password) }
+		let(:user) { MockUser.new(hashed_password) }
+
+		context 'with a SHA1 hash' do
+			let(:hashed_password) { sha1_hashed_password }
+			it { is_expected.to be_truthy }
+
+			it "updates the stored crypted_password value" do
+				expect { subject }.to change { user.crypted_password }.from(hashed_password)
+			end
+		end
+
+		context 'with a nested hash' do
+			let(:hashed_password) { nested_hashed_password }
+			it { is_expected.to be_truthy }
+
+			it "updates the stored crypted_password value" do
+				expect { subject }.to change { user.crypted_password }.from(hashed_password)
+			end
+		end
+
+		context 'with a scrypt hash' do
+			let(:hashed_password) { scrypt_hashed_password }
+			it { is_expected.to be_truthy }
+
+			it "does not update the stored crypted_password value" do
+				expect { subject }.to_not change { user.crypted_password }.from(hashed_password)
+			end
+		end
+
+		context 'with an invalid scrypt hash' do
+			let(:hashed_password) { invalid_hashed_password }
+			it { is_expected.to be_falsey }
+
+			it "does not update the stored crypted_password value" do
+				expect { subject }.to_not change { user.crypted_password }.from(hashed_password)
+			end
+		end
+	end
+end
+
+class MockUser
+	attr_accessor :crypted_password
+
+	def initialize(crypted_password)
+		@crypted_password = crypted_password
+	end
+
+	def update_attribute(attribute, value)
+		@crypted_password = value
+		# attribute is always "crypted_password" for now
+	end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: password_rehasher
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - John Hyland
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-19 00:00:00.000000000 Z
+date: 2015-10-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: scrypt