secure-password 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5d692430f3c8be0c6ccad21f224e08ce0b93d0c6
4
- data.tar.gz: de8c69c09c5e080cd36b0846c1764feb066364b4
3
+ metadata.gz: c2f4dc781a5264428043d7517ed69620f156d426
4
+ data.tar.gz: f486ba8f2572b01e26ec34ab1c2a3174d579ef72
5
5
  SHA512:
6
- metadata.gz: 2330cb1d97b33ddcdbe0a46041f45094c8f0de46ec9c381017260065c0b79ef6cc590515927eab5f84546464554034db0d7f77852501a0680abcd438404984e1
7
- data.tar.gz: 9748b9b6d87186372fcca5d9fe883715fa5082cdf4cfb12272e61cb078be6841c37f53ac03dec7c20225a9d929c41befd75c2d60257e8d16222a527ef21517b2
6
+ metadata.gz: a4d340eb0575071cd7239b0c4f82c541b2adef480e758f3d48ffa3c67560063c0bb44d3d52e52847e99967d657acd163801c01339b64fd71ee2d642359771c0c
7
+ data.tar.gz: 1bcc2faf9a5575dc1ebceced47e4464e0b930251db512cd8c447e10ae09bebd0d346d5100fc1b32d92b97cef70eaea95175934e09f7ccc9e7e8f51f674e2f8d7
data/LICENSE ADDED
@@ -0,0 +1,19 @@
1
+ Copyright (c) 2014-2016 Francesco Rodríguez
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining a copy
4
+ of this software and associated documentation files (the "Software"), to deal
5
+ in the Software without restriction, including without limitation the rights
6
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
7
+ copies of the Software, and to permit persons to whom the Software is
8
+ furnished to do so, subject to the following conditions:
9
+
10
+ The above copyright notice and this permission notice shall be included in
11
+ all copies or substantial portions of the Software.
12
+
13
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
19
+ THE SOFTWARE.
data/README.md CHANGED
@@ -1,8 +1,29 @@
1
- secure-password
1
+ secure-password [![Build Status](https://gitlab.com/frodsan/secure-password/badges/master/build.svg)](https://gitlab.com/frodsan/secure-password/builds)
2
2
  ===============
3
3
 
4
- Small library to store a secure hash of your users' passwords.
5
- It uses the [Bcrypt][bcrypt-ruby] password hashing algorithm.
4
+ Set and authenticate against [bcrypt][bcrypt] passwords.
5
+ It uses the [bcrypt-ruby][bcrypt-ruby] gem.
6
+
7
+ Installation
8
+ ------------
9
+
10
+ Add this line to your application's Gemfile:
11
+
12
+ ```ruby
13
+ gem "secure-password"
14
+ ```
15
+
16
+ And then execute:
17
+
18
+ ```
19
+ $ bundle
20
+ ```
21
+
22
+ Or install it yourself as:
23
+
24
+ ```
25
+ $ gem install secure-password
26
+ ```
6
27
 
7
28
  Usage
8
29
  -----
@@ -53,12 +74,59 @@ if signup.valid?
53
74
  end
54
75
  ```
55
76
 
56
- Installation
77
+ Bcrypt's cost factor
78
+ --------------------
79
+
80
+ The default cost factor used by `BCrypt` is `10`. To change it, use:
81
+
82
+ ```ruby
83
+ BCrypt::Engine.cost = 12
84
+ ```
85
+
86
+ Check ["Cost Factors"][cost-factors] section for more information.
87
+
88
+ Testing
89
+ -------
90
+
91
+ bcrypt is designed to be slow to make cracking exponentially difficult.
92
+ However, tests don't need this security measures. To speed up your tests,
93
+ you can decrease the default cost factor to the minimum:
94
+
95
+ ```ruby
96
+ BCrypt::Engine.cost = BCrypt::Engine::MIN_COST
97
+ ```
98
+
99
+ Contributing
57
100
  ------------
58
101
 
102
+ Fork the project with:
103
+
59
104
  ```
60
- $ gem install secure-password
105
+ $ git clone git@gitlab.com:frodsan/secure-password.git
61
106
  ```
62
107
 
63
- [scrivener]: https://github.com/soveran/scrivener
108
+ To install dependencies, use:
109
+
110
+ ```
111
+ $ bundle install
112
+ ```
113
+
114
+ To run the test suite, do:
115
+
116
+ ```
117
+ $ rake test
118
+ ```
119
+
120
+ For bug reports and pull requests use [GitLab][issues].
121
+
122
+ License
123
+ -------
124
+
125
+ SecurePassword is released under the [MIT License][mit].
126
+
127
+ [bcrypt]: http://www.openbsd.org/papers/bcrypt-paper.pdf
64
128
  [bcrypt-ruby]: https://github.com/codahale/bcrypt-ruby
129
+ [cost-factors]: https://github.com/codahale/bcrypt-ruby#cost-factors
130
+ [mit]: http://www.opensource.org/licenses/MIT
131
+ [issues]: https://gitlab.com/frodsan/secure-password/issues
132
+ [scrivener]: https://github.com/soveran/scrivener
@@ -1,8 +1,10 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require "bcrypt"
2
4
 
3
5
  module SecurePassword
4
6
  def authenticate(unencrypted)
5
- return BCrypt::Password.new(password_digest) == unencrypted
7
+ BCrypt::Password.new(password_digest) == unencrypted
6
8
  end
7
9
 
8
10
  def password=(unencrypted)
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/setup"
4
+ require "minitest/autorun"
5
+ require "minitest/pride"
6
+ require "minitest/sugar"
7
+ require_relative "../lib/secure_password"
8
+
9
+ class User
10
+ include SecurePassword
11
+
12
+ attr_accessor :password_digest
13
+ end
14
+
15
+ BCrypt::Engine.cost = BCrypt::Engine::MIN_COST
16
+
17
+ class SecurePasswordTest < Minitest::Test
18
+ test "sets hashed password" do
19
+ user = User.new
20
+ user.password = "123456"
21
+
22
+ assert BCrypt::Password.valid_hash?(user.password_digest)
23
+ end
24
+
25
+ test "successful authentication" do
26
+ user = User.new
27
+ user.password = "123456"
28
+
29
+ assert user.authenticate("123456")
30
+ end
31
+
32
+ test "failed authentication" do
33
+ user = User.new
34
+ user.password = "123456"
35
+
36
+ assert !user.authenticate("xxxxxx")
37
+ end
38
+ end
metadata CHANGED
@@ -1,15 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: secure-password
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Francesco Rodríguez
8
- - Mayn Kjær
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2014-12-20 00:00:00.000000000 Z
11
+ date: 2016-04-08 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: bcrypt
@@ -26,34 +25,72 @@ dependencies:
26
25
  - !ruby/object:Gem::Version
27
26
  version: '3.1'
28
27
  - !ruby/object:Gem::Dependency
29
- name: cutest
28
+ name: minitest
30
29
  requirement: !ruby/object:Gem::Requirement
31
30
  requirements:
32
- - - ">="
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '5.8'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '5.8'
41
+ - !ruby/object:Gem::Dependency
42
+ name: minitest-sugar
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
33
46
  - !ruby/object:Gem::Version
34
- version: '0'
47
+ version: '2.1'
35
48
  type: :development
36
49
  prerelease: false
37
50
  version_requirements: !ruby/object:Gem::Requirement
38
51
  requirements:
39
- - - ">="
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '2.1'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '10.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '10.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rubocop
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '0.39'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
40
81
  - !ruby/object:Gem::Version
41
- version: '0'
42
- description: Securing your users' passwords.
43
- email:
44
- - frodsan@me.com
45
- - mayn.kjaer@gmail.com
82
+ version: '0.39'
83
+ description: Securing your users' passwords
84
+ email: hello@frodsan.com
46
85
  executables: []
47
86
  extensions: []
48
87
  extra_rdoc_files: []
49
88
  files:
50
- - ".gems"
89
+ - LICENSE
51
90
  - README.md
52
91
  - lib/secure_password.rb
53
- - makefile
54
- - secure-password.gemspec
55
- - test/secure_password.rb
56
- homepage: https://github.com/harmoni-io/secure-password
92
+ - test/secure_password_test.rb
93
+ homepage: https://gitlab.com/frodsan/secure-password
57
94
  licenses:
58
95
  - MIT
59
96
  metadata: {}
@@ -73,8 +110,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
73
110
  version: '0'
74
111
  requirements: []
75
112
  rubyforge_project:
76
- rubygems_version: 2.2.2
113
+ rubygems_version: 2.5.1
77
114
  signing_key:
78
115
  specification_version: 4
79
- summary: Securing your users' passwords.
80
- test_files: []
116
+ summary: Securing your users' passwords
117
+ test_files:
118
+ - test/secure_password_test.rb
data/.gems DELETED
@@ -1,2 +0,0 @@
1
- bcrypt -v 3.1.9
2
- cutest -v 1.2.2
data/makefile DELETED
@@ -1,7 +0,0 @@
1
- .PHONY: test
2
-
3
- gem:
4
- gem build secure-password.gemspec
5
-
6
- test:
7
- cutest test/*.rb
@@ -1,15 +0,0 @@
1
- Gem::Specification.new do |s|
2
- s.name = "secure-password"
3
- s.version = "1.0.0"
4
- s.summary = "Securing your users' passwords."
5
- s.description = s.summary
6
- s.authors = ["Francesco Rodríguez", "Mayn Kjær"]
7
- s.email = ["frodsan@me.com", "mayn.kjaer@gmail.com"]
8
- s.homepage = "https://github.com/harmoni-io/secure-password"
9
- s.license = "MIT"
10
-
11
- s.files = `git ls-files`.split("\n")
12
-
13
- s.add_dependency("bcrypt", "~> 3.1")
14
- s.add_development_dependency("cutest")
15
- end
@@ -1,29 +0,0 @@
1
- require "cutest"
2
- require_relative "../lib/secure_password"
3
-
4
- class User
5
- include SecurePassword
6
-
7
- attr_accessor :password_digest
8
- end
9
-
10
- test "sets hashed password" do
11
- user = User.new
12
- user.password = "123456"
13
-
14
- assert BCrypt::Password.valid_hash?(user.password_digest)
15
- end
16
-
17
- test "successful authentication" do
18
- user = User.new
19
- user.password = "123456"
20
-
21
- assert user.authenticate("123456")
22
- end
23
-
24
- test "failed authentication" do
25
- user = User.new
26
- user.password = "123456"
27
-
28
- assert !(user.authenticate("xxxxxx"))
29
- end