secure-password 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5d692430f3c8be0c6ccad21f224e08ce0b93d0c6
+  data.tar.gz: de8c69c09c5e080cd36b0846c1764feb066364b4
+SHA512:
+  metadata.gz: 2330cb1d97b33ddcdbe0a46041f45094c8f0de46ec9c381017260065c0b79ef6cc590515927eab5f84546464554034db0d7f77852501a0680abcd438404984e1
+  data.tar.gz: 9748b9b6d87186372fcca5d9fe883715fa5082cdf4cfb12272e61cb078be6841c37f53ac03dec7c20225a9d929c41befd75c2d60257e8d16222a527ef21517b2

data/.gems

@@ -0,0 +1,2 @@
+bcrypt -v 3.1.9
+cutest -v 1.2.2

data/README.md

@@ -0,0 +1,64 @@
+secure-password
+===============
+
+Small library to store a secure hash of your users' passwords.
+It uses the [Bcrypt][bcrypt-ruby] password hashing algorithm.
+
+Usage
+-----
+
+```ruby
+require "secure_password"
+
+class User
+  include SecurePassword
+
+  # A `password_digest` attribute is required.
+  attr_accessor :password_digest
+end
+
+user = User.new
+user.password = "123456"
+
+user.password_digest
+# => "$2a$10$rHxX0jSF14JErSjrrFTB9exXPRkbzpq9.mg9nV2vHZVIjOqKQNvQe"
+
+user.authenticate("nopassword")
+# => false
+
+user.authenticate("123456")
+# => true
+```
+
+It's important to note that BCrypt hash function can handle
+maximum 72 characters. It's recommended to validate the length
+of a given password before creating a record.
+
+The next example uses [Scrivener][scrivener]:
+
+```ruby
+class Signup
+  attr_accessor :username
+  attr_accessor :password
+
+  def validate
+    assert_present(:username)
+    assert_length(:password, 8..72)
+  end
+end
+
+signup = Signup.new(params)
+if signup.valid?
+  User.create(signup.attributes)
+end
+```
+
+Installation
+------------
+
+```
+$ gem install secure-password
+```
+
+[scrivener]: https://github.com/soveran/scrivener
+[bcrypt-ruby]: https://github.com/codahale/bcrypt-ruby

data/lib/secure_password.rb

@@ -0,0 +1,11 @@
+require "bcrypt"
+
+module SecurePassword
+  def authenticate(unencrypted)
+    return BCrypt::Password.new(password_digest) == unencrypted
+  end
+
+  def password=(unencrypted)
+    self.password_digest = BCrypt::Password.create(unencrypted)
+  end
+end

data/makefile

@@ -0,0 +1,7 @@
+.PHONY: test
+
+gem:
+	gem build secure-password.gemspec
+
+test:
+	cutest test/*.rb

data/secure-password.gemspec

@@ -0,0 +1,15 @@
+Gem::Specification.new do |s|
+  s.name        = "secure-password"
+  s.version     = "1.0.0"
+  s.summary     = "Securing your users' passwords."
+  s.description = s.summary
+  s.authors     = ["Francesco Rodríguez", "Mayn Kjær"]
+  s.email       = ["frodsan@me.com", "mayn.kjaer@gmail.com"]
+  s.homepage    = "https://github.com/harmoni-io/secure-password"
+  s.license     = "MIT"
+
+  s.files = `git ls-files`.split("\n")
+
+  s.add_dependency("bcrypt", "~> 3.1")
+  s.add_development_dependency("cutest")
+end

data/test/secure_password.rb

@@ -0,0 +1,29 @@
+require "cutest"
+require_relative "../lib/secure_password"
+
+class User
+  include SecurePassword
+
+  attr_accessor :password_digest
+end
+
+test "sets hashed password" do
+  user = User.new
+  user.password = "123456"
+
+  assert BCrypt::Password.valid_hash?(user.password_digest)
+end
+
+test "successful authentication" do
+  user = User.new
+  user.password = "123456"
+
+  assert user.authenticate("123456")
+end
+
+test "failed authentication" do
+  user = User.new
+  user.password = "123456"
+
+  assert !(user.authenticate("xxxxxx"))
+end

metadata

@@ -0,0 +1,80 @@
+--- !ruby/object:Gem::Specification
+name: secure-password
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Francesco Rodríguez
+- Mayn Kjær
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-12-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+- !ruby/object:Gem::Dependency
+  name: cutest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Securing your users' passwords.
+email:
+- frodsan@me.com
+- mayn.kjaer@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gems"
+- README.md
+- lib/secure_password.rb
+- makefile
+- secure-password.gemspec
+- test/secure_password.rb
+homepage: https://github.com/harmoni-io/secure-password
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Securing your users' passwords.
+test_files: []