password_rehasher 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3785e236bd7d813a1b945addcd37a9f8e066a7c1
-  data.tar.gz: 87563fd8c88328b15f3ac9af781c5ac2e3342d1c
+  metadata.gz: 94368ad8a1bab6440f2386e8328bcc2ad0ba3ae1
+  data.tar.gz: 6286b64166341f8797ffc7969d47415c1b206a73
 SHA512:
-  metadata.gz: db594e3b4862bb8c09fa19e50112ee4302766bbd0f655996cfadf6890087884291c89251f64ace16aa3c91d5da15c0a19011fab484b648cd36c2f8f025c3ec47
-  data.tar.gz: 08ef8ca01cee4be81321ac0a68cd6c7985e100494e34ab42a9805df5a97728a716d90ab69e5b2361f8ccfa44bdfe95553613514b5a975445625c42c1cba54803
+  metadata.gz: 1e77fdf6d1a5c8bbc55ba54aef8b4f030a75ef6bf3b5cf0eca491eec1b030738a7efacfaf6daebedbd26dc025910406112c82d873023e2a20556198175843095
+  data.tar.gz: 4f18018cdf9e3cacae55ae9ef8185a04db031b6e78ae034a8ea30c8f3231dfd05228e8488744dc8bd5fa68eedf4178b59d97759fd86ba1d511c7ce7722e17091

data/README.md

@@ -3,14 +3,23 @@
 Password Rehasher is a temporary gem to rehash the passwords in the RPM database to scrypt.
 
 ## Usage
+### To rehash individual password on login (requires plaintext password)
 
 ```ruby
-if (PasswordRehasher.validate_and_rehash?(user, plaintext_password, crypted_password)) {
+if (PasswordRehasher.validate_and_rehash?(user, plaintext_password, crypted_password))
 	# user is logged in and the password is rehashed (if necessary)
-} else {
+else
 	# user is not logged in
-}
-
+end
 ```
 
-`user` needs to be an object that responds to `update_attribute` and `salt`.
+`user` needs to be an object that responds to `update_attribute` and `salt`.
+
+### To rehash the pre-existing SHA1 hashes without the knowlege of plaintext password
+
+```ruby
+if password_hash.length == 40             # All SHA1 hashes are 40, no other hashes are
+  nested_hash = PasswordRehasher.nested_hash(sha1)
+  # Write the nested hash to the DB.
+end
+```

data/lib/password_rehasher.rb

@@ -2,7 +2,7 @@ require "scrypt"
 require 'digest/sha1'
 
 class PasswordRehasher
-	VERSION = "0.2.1"
+	VERSION = "0.2.2"
 
 	def self.password_valid?(plaintext_password, hashed_password, salt = nil)
 		case hashed_password.length
@@ -28,7 +28,11 @@ class PasswordRehasher
 	end
 
 	def self.hash_password(plaintext_password)
-		SCrypt::Password.create(plaintext_password)
+		SCrypt::Password.create(plaintext_password).to_s
+	end
+
+	def self.nested_hash(sha1_password)
+		"nested hash: #{SCrypt::Password.create(sha1_password)}"
 	end
 
 	def self.validate_and_rehash?(user, plaintext_password, hashed_password)

data/spec/password_rehasher_spec.rb

@@ -6,6 +6,7 @@ describe PasswordRehasher do
 	let(:nested_hashed_password) { "nested hash: 400$8$39$bade652ec1b7cbb3$2e6efe19f8af6bb19a12ad9d62369fef50a12804f4be30bdc46c6626d3e07287" }
 	let(:scrypt_hashed_password) { "400$8$38$76f69b1ead11cf5c$b0e509793a43e66d206d549cec5f039acf15b52fe965cd3b5d855408459c3ddb" }
 	let(:invalid_hashed_password) { "400$8$38$76f60b1ead11cf5c$b0e509793a43e66d206d549cec5f039acf15b52fe965cd3b5d855408459c3ddb" }
+	let(:salt) { "random salt" }
 
 	describe '::VERSION' do
 		subject { PasswordRehasher::VERSION }
@@ -15,7 +16,6 @@ describe PasswordRehasher do
 
 	describe '.password_valid?' do
 		subject { PasswordRehasher.password_valid?(plaintext_password, hashed_password, salt) }
-		let(:salt) { "random salt" }
 
 		context 'with a SHA1 hash' do
 			let(:hashed_password) { sha1_hashed_password }
@@ -57,15 +57,37 @@ describe PasswordRehasher do
 		end
 	end
 
+	describe '.nested_hash' do
+		subject(:nested_hash) { PasswordRehasher.nested_hash(sha1) }
+
+		context "with valid sha1 hash" do
+			let(:sha1) { sha1_hashed_password }
+
+			it "returns a valid nested hash" do
+				expect(PasswordRehasher.password_valid?(plaintext_password, nested_hash, salt)).to be_truthy
+			end
+		end
+
+		context "with an invalid sha1 hash" do
+			let(:sha1) { 'haha lol nope' }
+
+	 		it "returns invalid nested hash" do
+				expect(PasswordRehasher.password_valid?(plaintext_password, nested_hash, salt)).to be_falsey
+			end
+		end
+	end
+
 	describe '.hash_password' do
-		subject(:password_object) { PasswordRehasher.hash_password(plaintext_password) }
+		subject(:hashed_password) { PasswordRehasher.hash_password(plaintext_password) }
+
+		it { is_expected.to be_a String }
 
-		it "returns a password object matching the plaintext password" do
-			expect(password_object == plaintext_password).to be_truthy
+		it "returns a password matching the plaintext password" do
+			expect(PasswordRehasher.password_valid?(plaintext_password, hashed_password)).to be_truthy
 		end
 
-		it "returns a password object that does not match a different plaintext password" do
-			expect(password_object == incorrect_plaintext_password).to be_falsey
+		it "returns a password that does not match a different plaintext password" do
+			expect(PasswordRehasher.password_valid?(incorrect_plaintext_password, hashed_password)).to be_falsey
 		end
 	end
 

data/spec/spec_helper.rb

@@ -1,4 +1,5 @@
 require_relative "../lib/password_rehasher.rb"
+require "pry"
 
 # This file was generated by the `rspec --init` command. Conventionally, all
 # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: password_rehasher
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - John Hyland
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-20 00:00:00.000000000 Z
+date: 2015-10-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: scrypt