password_rehasher 0.2.1 → 0.2.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3785e236bd7d813a1b945addcd37a9f8e066a7c1
4
- data.tar.gz: 87563fd8c88328b15f3ac9af781c5ac2e3342d1c
3
+ metadata.gz: 94368ad8a1bab6440f2386e8328bcc2ad0ba3ae1
4
+ data.tar.gz: 6286b64166341f8797ffc7969d47415c1b206a73
5
5
  SHA512:
6
- metadata.gz: db594e3b4862bb8c09fa19e50112ee4302766bbd0f655996cfadf6890087884291c89251f64ace16aa3c91d5da15c0a19011fab484b648cd36c2f8f025c3ec47
7
- data.tar.gz: 08ef8ca01cee4be81321ac0a68cd6c7985e100494e34ab42a9805df5a97728a716d90ab69e5b2361f8ccfa44bdfe95553613514b5a975445625c42c1cba54803
6
+ metadata.gz: 1e77fdf6d1a5c8bbc55ba54aef8b4f030a75ef6bf3b5cf0eca491eec1b030738a7efacfaf6daebedbd26dc025910406112c82d873023e2a20556198175843095
7
+ data.tar.gz: 4f18018cdf9e3cacae55ae9ef8185a04db031b6e78ae034a8ea30c8f3231dfd05228e8488744dc8bd5fa68eedf4178b59d97759fd86ba1d511c7ce7722e17091
data/README.md CHANGED
@@ -3,14 +3,23 @@
3
3
  Password Rehasher is a temporary gem to rehash the passwords in the RPM database to scrypt.
4
4
 
5
5
  ## Usage
6
+ ### To rehash individual password on login (requires plaintext password)
6
7
 
7
8
  ```ruby
8
- if (PasswordRehasher.validate_and_rehash?(user, plaintext_password, crypted_password)) {
9
+ if (PasswordRehasher.validate_and_rehash?(user, plaintext_password, crypted_password))
9
10
  # user is logged in and the password is rehashed (if necessary)
10
- } else {
11
+ else
11
12
  # user is not logged in
12
- }
13
-
13
+ end
14
14
  ```
15
15
 
16
- `user` needs to be an object that responds to `update_attribute` and `salt`.
16
+ `user` needs to be an object that responds to `update_attribute` and `salt`.
17
+
18
+ ### To rehash the pre-existing SHA1 hashes without the knowlege of plaintext password
19
+
20
+ ```ruby
21
+ if password_hash.length == 40 # All SHA1 hashes are 40, no other hashes are
22
+ nested_hash = PasswordRehasher.nested_hash(sha1)
23
+ # Write the nested hash to the DB.
24
+ end
25
+ ```
@@ -2,7 +2,7 @@ require "scrypt"
2
2
  require 'digest/sha1'
3
3
 
4
4
  class PasswordRehasher
5
- VERSION = "0.2.1"
5
+ VERSION = "0.2.2"
6
6
 
7
7
  def self.password_valid?(plaintext_password, hashed_password, salt = nil)
8
8
  case hashed_password.length
@@ -28,7 +28,11 @@ class PasswordRehasher
28
28
  end
29
29
 
30
30
  def self.hash_password(plaintext_password)
31
- SCrypt::Password.create(plaintext_password)
31
+ SCrypt::Password.create(plaintext_password).to_s
32
+ end
33
+
34
+ def self.nested_hash(sha1_password)
35
+ "nested hash: #{SCrypt::Password.create(sha1_password)}"
32
36
  end
33
37
 
34
38
  def self.validate_and_rehash?(user, plaintext_password, hashed_password)
@@ -6,6 +6,7 @@ describe PasswordRehasher do
6
6
  let(:nested_hashed_password) { "nested hash: 400$8$39$bade652ec1b7cbb3$2e6efe19f8af6bb19a12ad9d62369fef50a12804f4be30bdc46c6626d3e07287" }
7
7
  let(:scrypt_hashed_password) { "400$8$38$76f69b1ead11cf5c$b0e509793a43e66d206d549cec5f039acf15b52fe965cd3b5d855408459c3ddb" }
8
8
  let(:invalid_hashed_password) { "400$8$38$76f60b1ead11cf5c$b0e509793a43e66d206d549cec5f039acf15b52fe965cd3b5d855408459c3ddb" }
9
+ let(:salt) { "random salt" }
9
10
 
10
11
  describe '::VERSION' do
11
12
  subject { PasswordRehasher::VERSION }
@@ -15,7 +16,6 @@ describe PasswordRehasher do
15
16
 
16
17
  describe '.password_valid?' do
17
18
  subject { PasswordRehasher.password_valid?(plaintext_password, hashed_password, salt) }
18
- let(:salt) { "random salt" }
19
19
 
20
20
  context 'with a SHA1 hash' do
21
21
  let(:hashed_password) { sha1_hashed_password }
@@ -57,15 +57,37 @@ describe PasswordRehasher do
57
57
  end
58
58
  end
59
59
 
60
+ describe '.nested_hash' do
61
+ subject(:nested_hash) { PasswordRehasher.nested_hash(sha1) }
62
+
63
+ context "with valid sha1 hash" do
64
+ let(:sha1) { sha1_hashed_password }
65
+
66
+ it "returns a valid nested hash" do
67
+ expect(PasswordRehasher.password_valid?(plaintext_password, nested_hash, salt)).to be_truthy
68
+ end
69
+ end
70
+
71
+ context "with an invalid sha1 hash" do
72
+ let(:sha1) { 'haha lol nope' }
73
+
74
+ it "returns invalid nested hash" do
75
+ expect(PasswordRehasher.password_valid?(plaintext_password, nested_hash, salt)).to be_falsey
76
+ end
77
+ end
78
+ end
79
+
60
80
  describe '.hash_password' do
61
- subject(:password_object) { PasswordRehasher.hash_password(plaintext_password) }
81
+ subject(:hashed_password) { PasswordRehasher.hash_password(plaintext_password) }
82
+
83
+ it { is_expected.to be_a String }
62
84
 
63
- it "returns a password object matching the plaintext password" do
64
- expect(password_object == plaintext_password).to be_truthy
85
+ it "returns a password matching the plaintext password" do
86
+ expect(PasswordRehasher.password_valid?(plaintext_password, hashed_password)).to be_truthy
65
87
  end
66
88
 
67
- it "returns a password object that does not match a different plaintext password" do
68
- expect(password_object == incorrect_plaintext_password).to be_falsey
89
+ it "returns a password that does not match a different plaintext password" do
90
+ expect(PasswordRehasher.password_valid?(incorrect_plaintext_password, hashed_password)).to be_falsey
69
91
  end
70
92
  end
71
93
 
data/spec/spec_helper.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require_relative "../lib/password_rehasher.rb"
2
+ require "pry"
2
3
 
3
4
  # This file was generated by the `rspec --init` command. Conventionally, all
4
5
  # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: password_rehasher
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - John Hyland
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2015-10-20 00:00:00.000000000 Z
12
+ date: 2015-10-21 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: scrypt