sequel_password 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +5 -2
- data/README.md +6 -0
- data/lib/sequel_password.rb +9 -5
- data/lib/sequel_password/hashers.rb +4 -4
- data/sequel_password.gemspec +1 -1
- data/spec/sequel_password_spec.rb +3 -15
- data/spec/spec_helper.rb +3 -3
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 35362ea38646639ac578a589a4d3165312474356
|
4
|
+
data.tar.gz: f2cc25b79d0a299e8f54705635404cfe707e1b9b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 06685b5e1e99c8b1688cf10b208c732ed3bfd46021ca824706d12e63921a797862d1105bb573f9268e975b1c75eebdb0a12361147e9b5e93bcd109a969963def
|
7
|
+
data.tar.gz: 1b4f6aefa06459f71bf315a350d104c1755c471a456969b238d377eb6c84a29cc52391add08f4f6187d4ad9975cc32645884a14fe3a9e8da333c7ec4cc999682
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
sequel_password (0.1)
|
4
|
+
sequel_password (0.1.1)
|
5
5
|
bcrypt (~> 3.1, >= 3.1.10)
|
6
6
|
pbkdf2-ruby (~> 0.2.1)
|
7
7
|
sequel (~> 4.21, >= 4.21.0)
|
@@ -27,7 +27,7 @@ GEM
|
|
27
27
|
diff-lcs (>= 1.2.0, < 2.0)
|
28
28
|
rspec-support (~> 3.2.0)
|
29
29
|
rspec-support (3.2.2)
|
30
|
-
sequel (4.
|
30
|
+
sequel (4.25.0)
|
31
31
|
simplecov (0.9.2)
|
32
32
|
docile (~> 1.1.0)
|
33
33
|
multi_json (~> 1.0)
|
@@ -43,3 +43,6 @@ DEPENDENCIES
|
|
43
43
|
sequel_password!
|
44
44
|
simplecov (~> 0.9.2)
|
45
45
|
sqlite3 (~> 1.3, >= 1.3.10)
|
46
|
+
|
47
|
+
BUNDLED WITH
|
48
|
+
1.10.6
|
data/README.md
CHANGED
data/lib/sequel_password.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
require "sequel"
|
1
2
|
require "securerandom"
|
2
3
|
require "sequel_password/hashers"
|
3
4
|
|
@@ -8,7 +9,7 @@ module Sequel
|
|
8
9
|
|
9
10
|
def self.configure(model, options = {})
|
10
11
|
model.instance_eval do
|
11
|
-
@column = options.fetch(:column, :
|
12
|
+
@column = options.fetch(:column, :password)
|
12
13
|
@hashers = options.fetch(:hashers,
|
13
14
|
pbkdf2_sha256: PBKDF2Hasher.new,
|
14
15
|
bcrypt_sha256: BCryptSHA256Hasher.new,
|
@@ -62,15 +63,18 @@ module Sequel
|
|
62
63
|
module InstanceMethods
|
63
64
|
def authenticate(password)
|
64
65
|
encoded = send(model.column)
|
65
|
-
model.check_password(password, encoded, setter: method(:"
|
66
|
+
model.check_password(password, encoded, setter: method(:"#{model.column}="))
|
66
67
|
end
|
67
68
|
|
68
|
-
def
|
69
|
-
|
69
|
+
def []=(attr, plain)
|
70
|
+
if attr == model.column
|
71
|
+
value = model.make_password(plain)
|
72
|
+
end
|
73
|
+
super(attr, value || plain)
|
70
74
|
end
|
71
75
|
|
72
76
|
def set_unusable_password
|
73
|
-
send("#{model.column}=",
|
77
|
+
send("#{model.column}=", nil)
|
74
78
|
end
|
75
79
|
end
|
76
80
|
end
|
@@ -52,13 +52,13 @@ module Sequel
|
|
52
52
|
end
|
53
53
|
|
54
54
|
def verify(password, encoded)
|
55
|
-
|
55
|
+
_, iterations, salt, hash = encoded.split('$', 4)
|
56
56
|
hash = encode(password, salt, iterations.to_i)
|
57
57
|
constant_time_compare(encoded, hash)
|
58
58
|
end
|
59
59
|
|
60
60
|
def must_update(encoded)
|
61
|
-
|
61
|
+
_, iterations, _, _ = encoded.split('$', 4)
|
62
62
|
iterations.to_i != @iterations
|
63
63
|
end
|
64
64
|
end
|
@@ -81,7 +81,7 @@ module Sequel
|
|
81
81
|
end
|
82
82
|
|
83
83
|
def verify(password, encoded)
|
84
|
-
|
84
|
+
_, data = encoded.split('$', 2)
|
85
85
|
password = @digest.digest(password) unless @digest.nil?
|
86
86
|
hash = BCrypt::Engine.hash_secret(password, data)
|
87
87
|
constant_time_compare(data, hash)
|
@@ -108,7 +108,7 @@ module Sequel
|
|
108
108
|
end
|
109
109
|
|
110
110
|
def verify(password, encoded)
|
111
|
-
|
111
|
+
_, salt, hash = encoded.split('$', 3)
|
112
112
|
hash = encode(password, salt)
|
113
113
|
constant_time_compare(encoded, hash)
|
114
114
|
end
|
data/sequel_password.gemspec
CHANGED
@@ -13,7 +13,7 @@ Gem::Specification.new do |gem|
|
|
13
13
|
gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
|
14
14
|
gem.name = "sequel_password"
|
15
15
|
gem.require_paths = ["lib"]
|
16
|
-
gem.version = '0.
|
16
|
+
gem.version = '0.2.0'
|
17
17
|
|
18
18
|
gem.add_runtime_dependency 'sequel', '~> 4.21', '>= 4.21.0'
|
19
19
|
gem.add_runtime_dependency 'bcrypt', '~> 3.1', '>= 3.1.10'
|
@@ -17,9 +17,9 @@ describe Sequel::Plugins::Password do
|
|
17
17
|
before { user.password = secret }
|
18
18
|
|
19
19
|
it "sets an unusable password" do
|
20
|
-
expect { user.set_unusable_password }.to change(user, :
|
21
|
-
expect(user.
|
22
|
-
expect(user.
|
20
|
+
expect { user.set_unusable_password }.to change(user, :password)
|
21
|
+
expect(user.password).to match(/^!/)
|
22
|
+
expect(user.password.length).to eq(41)
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
@@ -35,18 +35,6 @@ describe Sequel::Plugins::Password do
|
|
35
35
|
it "returns false when authentication fails" do
|
36
36
|
expect(user.authenticate("")).to be_falsey
|
37
37
|
end
|
38
|
-
|
39
|
-
it "upgrade to newest hasher" do
|
40
|
-
user.digest = "sha1$seasalt$cff36ea83f5706ce9aa7454e63e431fc726b2dc8"
|
41
|
-
expect { user.authenticate(secret) }.to change(user, :digest)
|
42
|
-
expect(user.digest).to match(/^pbkdf2_sha256\$/)
|
43
|
-
end
|
44
|
-
|
45
|
-
it "upgrade to new iterations values" do
|
46
|
-
user.digest = "pbkdf2_sha256$20000$seasalt$oBSd886ysm3AqYun62DOdin8YcfbU1z9cksZSuLP9r0="
|
47
|
-
expect { user.authenticate(secret) }.to change(user, :digest)
|
48
|
-
expect(user.digest).to match(/^pbkdf2_sha256\$24000\$/)
|
49
|
-
end
|
50
38
|
end
|
51
39
|
|
52
40
|
describe Sequel::Plugins::Password::PBKDF2Hasher do
|
data/spec/spec_helper.rb
CHANGED
@@ -19,7 +19,7 @@ RSpec.configure do |config|
|
|
19
19
|
class DefaultUser < Sequel::Model
|
20
20
|
set_schema do
|
21
21
|
primary_key :id
|
22
|
-
varchar :
|
22
|
+
varchar :password
|
23
23
|
end
|
24
24
|
|
25
25
|
plugin :password
|
@@ -28,7 +28,7 @@ RSpec.configure do |config|
|
|
28
28
|
class BCryptUser < Sequel::Model
|
29
29
|
set_schema do
|
30
30
|
primary_key :id
|
31
|
-
varchar :
|
31
|
+
varchar :password
|
32
32
|
end
|
33
33
|
|
34
34
|
plugin :password, hashers: { bcrypt: Sequel::Plugins::Password::BCryptHasher.new }
|
@@ -37,7 +37,7 @@ RSpec.configure do |config|
|
|
37
37
|
class BCryptSHA256User < Sequel::Model
|
38
38
|
set_schema do
|
39
39
|
primary_key :id
|
40
|
-
varchar :
|
40
|
+
varchar :password
|
41
41
|
end
|
42
42
|
|
43
43
|
plugin :password, hashers: { bcrypt: Sequel::Plugins::Password::BCryptSHA256Hasher.new }
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sequel_password
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Timothée Peignier
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-
|
11
|
+
date: 2015-08-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sequel
|
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
156
156
|
version: '0'
|
157
157
|
requirements: []
|
158
158
|
rubyforge_project:
|
159
|
-
rubygems_version: 2.4.5
|
159
|
+
rubygems_version: 2.4.5.1
|
160
160
|
signing_key:
|
161
161
|
specification_version: 4
|
162
162
|
summary: Add passwords hashing to sequel models.
|