secure-password 1.0.0 → 1.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5d692430f3c8be0c6ccad21f224e08ce0b93d0c6
-  data.tar.gz: de8c69c09c5e080cd36b0846c1764feb066364b4
+  metadata.gz: c2f4dc781a5264428043d7517ed69620f156d426
+  data.tar.gz: f486ba8f2572b01e26ec34ab1c2a3174d579ef72
 SHA512:
-  metadata.gz: 2330cb1d97b33ddcdbe0a46041f45094c8f0de46ec9c381017260065c0b79ef6cc590515927eab5f84546464554034db0d7f77852501a0680abcd438404984e1
-  data.tar.gz: 9748b9b6d87186372fcca5d9fe883715fa5082cdf4cfb12272e61cb078be6841c37f53ac03dec7c20225a9d929c41befd75c2d60257e8d16222a527ef21517b2
+  metadata.gz: a4d340eb0575071cd7239b0c4f82c541b2adef480e758f3d48ffa3c67560063c0bb44d3d52e52847e99967d657acd163801c01339b64fd71ee2d642359771c0c
+  data.tar.gz: 1bcc2faf9a5575dc1ebceced47e4464e0b930251db512cd8c447e10ae09bebd0d346d5100fc1b32d92b97cef70eaea95175934e09f7ccc9e7e8f51f674e2f8d7

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2014-2016 Francesco Rodríguez
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -1,8 +1,29 @@
-secure-password
+secure-password [![Build Status](https://gitlab.com/frodsan/secure-password/badges/master/build.svg)](https://gitlab.com/frodsan/secure-password/builds)
 ===============
 
-Small library to store a secure hash of your users' passwords.
-It uses the [Bcrypt][bcrypt-ruby] password hashing algorithm.
+Set and authenticate against [bcrypt][bcrypt] passwords.
+It uses the [bcrypt-ruby][bcrypt-ruby] gem.
+
+Installation
+------------
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem "secure-password"
+```
+
+And then execute:
+
+```
+$ bundle
+```
+
+Or install it yourself as:
+
+```
+$ gem install secure-password
+```
 
 Usage
 -----
@@ -53,12 +74,59 @@ if signup.valid?
 end
 ```
 
-Installation
+Bcrypt's cost factor
+--------------------
+
+The default cost factor used by `BCrypt` is `10`. To change it, use:
+
+```ruby
+BCrypt::Engine.cost = 12
+```
+
+Check ["Cost Factors"][cost-factors] section for more information.
+
+Testing
+-------
+
+bcrypt is designed to be slow to make cracking exponentially difficult.
+However, tests don't need this security measures. To speed up your tests,
+you can decrease the default cost factor to the minimum:
+
+```ruby
+BCrypt::Engine.cost = BCrypt::Engine::MIN_COST
+```
+
+Contributing
 ------------
 
+Fork the project with:
+
 ```
-$ gem install secure-password
+$ git clone git@gitlab.com:frodsan/secure-password.git
 ```
 
-[scrivener]: https://github.com/soveran/scrivener
+To install dependencies, use:
+
+```
+$ bundle install
+```
+
+To run the test suite, do:
+
+```
+$ rake test
+```
+
+For bug reports and pull requests use [GitLab][issues].
+
+License
+-------
+
+SecurePassword is released under the [MIT License][mit].
+
+[bcrypt]: http://www.openbsd.org/papers/bcrypt-paper.pdf
 [bcrypt-ruby]: https://github.com/codahale/bcrypt-ruby
+[cost-factors]: https://github.com/codahale/bcrypt-ruby#cost-factors
+[mit]: http://www.opensource.org/licenses/MIT
+[issues]: https://gitlab.com/frodsan/secure-password/issues
+[scrivener]: https://github.com/soveran/scrivener

data/lib/secure_password.rb

@@ -1,8 +1,10 @@
+# frozen_string_literal: true
+
 require "bcrypt"
 
 module SecurePassword
   def authenticate(unencrypted)
-    return BCrypt::Password.new(password_digest) == unencrypted
+    BCrypt::Password.new(password_digest) == unencrypted
   end
 
   def password=(unencrypted)

data/test/secure_password_test.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "minitest/autorun"
+require "minitest/pride"
+require "minitest/sugar"
+require_relative "../lib/secure_password"
+
+class User
+  include SecurePassword
+
+  attr_accessor :password_digest
+end
+
+BCrypt::Engine.cost = BCrypt::Engine::MIN_COST
+
+class SecurePasswordTest < Minitest::Test
+  test "sets hashed password" do
+    user = User.new
+    user.password = "123456"
+
+    assert BCrypt::Password.valid_hash?(user.password_digest)
+  end
+
+  test "successful authentication" do
+    user = User.new
+    user.password = "123456"
+
+    assert user.authenticate("123456")
+  end
+
+  test "failed authentication" do
+    user = User.new
+    user.password = "123456"
+
+    assert !user.authenticate("xxxxxx")
+  end
+end

metadata

@@ -1,15 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: secure-password
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Francesco Rodríguez
-- Mayn Kjær
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-20 00:00:00.000000000 Z
+date: 2016-04-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -26,34 +25,72 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.1'
 - !ruby/object:Gem::Dependency
-  name: cutest
+  name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.8'
+- !ruby/object:Gem::Dependency
+  name: minitest-sugar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.39'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-description: Securing your users' passwords.
-email:
-- frodsan@me.com
-- mayn.kjaer@gmail.com
+        version: '0.39'
+description: Securing your users' passwords
+email: hello@frodsan.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gems"
+- LICENSE
 - README.md
 - lib/secure_password.rb
-- makefile
-- secure-password.gemspec
-- test/secure_password.rb
-homepage: https://github.com/harmoni-io/secure-password
+- test/secure_password_test.rb
+homepage: https://gitlab.com/frodsan/secure-password
 licenses:
 - MIT
 metadata: {}
@@ -73,8 +110,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
-summary: Securing your users' passwords.
-test_files: []
+summary: Securing your users' passwords
+test_files:
+- test/secure_password_test.rb

data/.gems

@@ -1,2 +0,0 @@
-bcrypt -v 3.1.9
-cutest -v 1.2.2

data/makefile

@@ -1,7 +0,0 @@
-.PHONY: test
-
-gem:
-	gem build secure-password.gemspec
-
-test:
-	cutest test/*.rb

data/secure-password.gemspec

@@ -1,15 +0,0 @@
-Gem::Specification.new do |s|
-  s.name        = "secure-password"
-  s.version     = "1.0.0"
-  s.summary     = "Securing your users' passwords."
-  s.description = s.summary
-  s.authors     = ["Francesco Rodríguez", "Mayn Kjær"]
-  s.email       = ["frodsan@me.com", "mayn.kjaer@gmail.com"]
-  s.homepage    = "https://github.com/harmoni-io/secure-password"
-  s.license     = "MIT"
-
-  s.files = `git ls-files`.split("\n")
-
-  s.add_dependency("bcrypt", "~> 3.1")
-  s.add_development_dependency("cutest")
-end

data/test/secure_password.rb

@@ -1,29 +0,0 @@
-require "cutest"
-require_relative "../lib/secure_password"
-
-class User
-  include SecurePassword
-
-  attr_accessor :password_digest
-end
-
-test "sets hashed password" do
-  user = User.new
-  user.password = "123456"
-
-  assert BCrypt::Password.valid_hash?(user.password_digest)
-end
-
-test "successful authentication" do
-  user = User.new
-  user.password = "123456"
-
-  assert user.authenticate("123456")
-end
-
-test "failed authentication" do
-  user = User.new
-  user.password = "123456"
-
-  assert !(user.authenticate("xxxxxx"))
-end