password_rehasher 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/password_rehasher.rb +41 -38
  3. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 94368ad8a1bab6440f2386e8328bcc2ad0ba3ae1
4
- data.tar.gz: 6286b64166341f8797ffc7969d47415c1b206a73
3
+ metadata.gz: b1f78be1bc044d2df5fbfb0129e60ce77c09fe79
4
+ data.tar.gz: c5563eb7c48b1089412a2dc982c4275cb7375761
5
5
  SHA512:
6
- metadata.gz: 1e77fdf6d1a5c8bbc55ba54aef8b4f030a75ef6bf3b5cf0eca491eec1b030738a7efacfaf6daebedbd26dc025910406112c82d873023e2a20556198175843095
7
- data.tar.gz: 4f18018cdf9e3cacae55ae9ef8185a04db031b6e78ae034a8ea30c8f3231dfd05228e8488744dc8bd5fa68eedf4178b59d97759fd86ba1d511c7ce7722e17091
6
+ metadata.gz: 448ddb670a977cf6303aa8678d5f476e28b51c60aa81dbe462f70b5305df0e00f4b570d9d5fbbf22cf531f9a15a43c58b16f9f586c3e404a582b5ac32e117240
7
+ data.tar.gz: 14ab4d51c05e473ed7760a496b843e55883f02007d4a7bd085dc5be34069b0a998d8344219bef05f4498ffd4cde19e6fbfd2bcee093d5b9245793a4d4f329066
data/lib/password_rehasher.rb CHANGED
@@ -2,47 +2,50 @@ require "scrypt"
2
2
  require 'digest/sha1'
3
3
 
4
4
  class PasswordRehasher
5
- VERSION = "0.2.2"
5
+ VERSION = "0.2.3"
6
6
 
7
- def self.password_valid?(plaintext_password, hashed_password, salt = nil)
8
- case hashed_password.length
9
- when 40
10
- return false unless salt
11
- hashed_password == Digest::SHA1.hexdigest("--#{salt}--#{plaintext_password}--")
12
- when 90
13
- password = SCrypt::Password.new(hashed_password)
14
- password == plaintext_password
15
- when 103
16
- return false unless salt
17
- scrypt_plus_sha1_hash = hashed_password[13..-1]
18
- sha1_hashed_password = Digest::SHA1.hexdigest("--#{salt}--#{plaintext_password}--")
19
- password = SCrypt::Password.new(scrypt_plus_sha1_hash)
20
- password == sha1_hashed_password
21
- else
22
- false
23
- end
24
- end
7
+ def self.password_valid?(plaintext_password, hashed_password, salt = nil)
8
+ return false if plaintext_password.nil? || hashed_password.nil?
25
9
 
26
- def self.rehash_needed?(hashed_password)
27
- hashed_password.length != 90
28
- end
10
+ case hashed_password.length
11
+ when 40
12
+ return false unless salt
13
+ hashed_password == Digest::SHA1.hexdigest("--#{salt}--#{plaintext_password}--")
14
+ when 90
15
+ password = SCrypt::Password.new(hashed_password)
16
+ password == plaintext_password
17
+ when 103
18
+ return false unless salt
19
+ scrypt_plus_sha1_hash = hashed_password[13..-1]
20
+ sha1_hashed_password = Digest::SHA1.hexdigest("--#{salt}--#{plaintext_password}--")
21
+ password = SCrypt::Password.new(scrypt_plus_sha1_hash)
22
+ password == sha1_hashed_password
23
+ else
24
+ false
25
+ end
26
+ end
29
27
 
30
- def self.hash_password(plaintext_password)
31
- SCrypt::Password.create(plaintext_password).to_s
32
- end
28
+ def self.rehash_needed?(hashed_password)
29
+ return false if hashed_password.nil?
30
+ hashed_password.length != 90
31
+ end
33
32
 
34
- def self.nested_hash(sha1_password)
35
- "nested hash: #{SCrypt::Password.create(sha1_password)}"
36
- end
33
+ def self.hash_password(plaintext_password)
34
+ SCrypt::Password.create(plaintext_password).to_s
35
+ end
37
36
 
38
- def self.validate_and_rehash?(user, plaintext_password, hashed_password)
39
- if (plaintext_password && password_valid?(plaintext_password, hashed_password, user.salt))
40
- if (rehash_needed?(hashed_password))
41
- user.update_attribute("crypted_password", hash_password(plaintext_password))
42
- end
43
- return true
44
- else
45
- return false
46
- end
47
- end
37
+ def self.nested_hash(sha1_password)
38
+ "nested hash: #{SCrypt::Password.create(sha1_password)}"
39
+ end
40
+
41
+ def self.validate_and_rehash?(user, plaintext_password, hashed_password)
42
+ if password_valid?(plaintext_password, hashed_password, user.salt)
43
+ if (rehash_needed?(hashed_password))
44
+ user.update_attribute("crypted_password", hash_password(plaintext_password))
45
+ end
46
+ return true
47
+ else
48
+ return false
49
+ end
50
+ end
48
51
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: password_rehasher
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - John Hyland
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-10-21 00:00:00.000000000 Z
12
+ date: 2015-10-27 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: scrypt