sequel_password 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 536c42e3a0e81d54a1ede80ebf0d02384efb8e9d
4
- data.tar.gz: 85510cee1cc2c043139dee879e7b5eef2519436a
3
+ metadata.gz: 35362ea38646639ac578a589a4d3165312474356
4
+ data.tar.gz: f2cc25b79d0a299e8f54705635404cfe707e1b9b
5
5
  SHA512:
6
- metadata.gz: 4188cd381e1de2ed42f27881271bbdc385090cd4249c5b8ae7c67dc20f09fc7728285992e6fec3b5fc9b26cfce117a4db4446e0b6447dd9f19fa686ae8b524fb
7
- data.tar.gz: 729291c54d8c8bdb03198ce58ddebc5909f9c16af68e5e0691c4dffee8063b1e5d856c5ba3a075c4e231f0ea3497a6af1da1d65d8100478ed0decdad11123ceb
6
+ metadata.gz: 06685b5e1e99c8b1688cf10b208c732ed3bfd46021ca824706d12e63921a797862d1105bb573f9268e975b1c75eebdb0a12361147e9b5e93bcd109a969963def
7
+ data.tar.gz: 1b4f6aefa06459f71bf315a350d104c1755c471a456969b238d377eb6c84a29cc52391add08f4f6187d4ad9975cc32645884a14fe3a9e8da333c7ec4cc999682
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- sequel_password (0.1)
4
+ sequel_password (0.1.1)
5
5
  bcrypt (~> 3.1, >= 3.1.10)
6
6
  pbkdf2-ruby (~> 0.2.1)
7
7
  sequel (~> 4.21, >= 4.21.0)
@@ -27,7 +27,7 @@ GEM
27
27
  diff-lcs (>= 1.2.0, < 2.0)
28
28
  rspec-support (~> 3.2.0)
29
29
  rspec-support (3.2.2)
30
- sequel (4.21.0)
30
+ sequel (4.25.0)
31
31
  simplecov (0.9.2)
32
32
  docile (~> 1.1.0)
33
33
  multi_json (~> 1.0)
@@ -43,3 +43,6 @@ DEPENDENCIES
43
43
  sequel_password!
44
44
  simplecov (~> 0.9.2)
45
45
  sqlite3 (~> 1.3, >= 1.3.10)
46
+
47
+ BUNDLED WITH
48
+ 1.10.6
data/README.md CHANGED
@@ -4,3 +4,9 @@ This sequel plugin adds authentication and password hashing to Sequel models.
4
4
  It supports pbkdf2 and bcrypt hashers.
5
5
 
6
6
  # Usage
7
+
8
+ ```ruby
9
+ class User < Sequel::Model
10
+ plugin :password, column: :password
11
+ end
12
+ ```
@@ -1,3 +1,4 @@
1
+ require "sequel"
1
2
  require "securerandom"
2
3
  require "sequel_password/hashers"
3
4
 
@@ -8,7 +9,7 @@ module Sequel
8
9
 
9
10
  def self.configure(model, options = {})
10
11
  model.instance_eval do
11
- @column = options.fetch(:column, :digest)
12
+ @column = options.fetch(:column, :password)
12
13
  @hashers = options.fetch(:hashers,
13
14
  pbkdf2_sha256: PBKDF2Hasher.new,
14
15
  bcrypt_sha256: BCryptSHA256Hasher.new,
@@ -62,15 +63,18 @@ module Sequel
62
63
  module InstanceMethods
63
64
  def authenticate(password)
64
65
  encoded = send(model.column)
65
- model.check_password(password, encoded, setter: method(:"password="))
66
+ model.check_password(password, encoded, setter: method(:"#{model.column}="))
66
67
  end
67
68
 
68
- def password=(password)
69
- send("#{model.column}=", model.make_password(password))
69
+ def []=(attr, plain)
70
+ if attr == model.column
71
+ value = model.make_password(plain)
72
+ end
73
+ super(attr, value || plain)
70
74
  end
71
75
 
72
76
  def set_unusable_password
73
- send("#{model.column}=", model.make_password(nil))
77
+ send("#{model.column}=", nil)
74
78
  end
75
79
  end
76
80
  end
@@ -52,13 +52,13 @@ module Sequel
52
52
  end
53
53
 
54
54
  def verify(password, encoded)
55
- algorithm, iterations, salt, hash = encoded.split('$', 4)
55
+ _, iterations, salt, hash = encoded.split('$', 4)
56
56
  hash = encode(password, salt, iterations.to_i)
57
57
  constant_time_compare(encoded, hash)
58
58
  end
59
59
 
60
60
  def must_update(encoded)
61
- algorithm, iterations, salt, hash = encoded.split('$', 4)
61
+ _, iterations, _, _ = encoded.split('$', 4)
62
62
  iterations.to_i != @iterations
63
63
  end
64
64
  end
@@ -81,7 +81,7 @@ module Sequel
81
81
  end
82
82
 
83
83
  def verify(password, encoded)
84
- algorithm, data = encoded.split('$', 2)
84
+ _, data = encoded.split('$', 2)
85
85
  password = @digest.digest(password) unless @digest.nil?
86
86
  hash = BCrypt::Engine.hash_secret(password, data)
87
87
  constant_time_compare(data, hash)
@@ -108,7 +108,7 @@ module Sequel
108
108
  end
109
109
 
110
110
  def verify(password, encoded)
111
- algorithm, salt, hash = encoded.split('$', 3)
111
+ _, salt, hash = encoded.split('$', 3)
112
112
  hash = encode(password, salt)
113
113
  constant_time_compare(encoded, hash)
114
114
  end
@@ -13,7 +13,7 @@ Gem::Specification.new do |gem|
13
13
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
14
14
  gem.name = "sequel_password"
15
15
  gem.require_paths = ["lib"]
16
- gem.version = '0.1.1'
16
+ gem.version = '0.2.0'
17
17
 
18
18
  gem.add_runtime_dependency 'sequel', '~> 4.21', '>= 4.21.0'
19
19
  gem.add_runtime_dependency 'bcrypt', '~> 3.1', '>= 3.1.10'
@@ -17,9 +17,9 @@ describe Sequel::Plugins::Password do
17
17
  before { user.password = secret }
18
18
 
19
19
  it "sets an unusable password" do
20
- expect { user.set_unusable_password }.to change(user, :digest)
21
- expect(user.digest).to match(/^!/)
22
- expect(user.digest.length).to eq(41)
20
+ expect { user.set_unusable_password }.to change(user, :password)
21
+ expect(user.password).to match(/^!/)
22
+ expect(user.password.length).to eq(41)
23
23
  end
24
24
  end
25
25
 
@@ -35,18 +35,6 @@ describe Sequel::Plugins::Password do
35
35
  it "returns false when authentication fails" do
36
36
  expect(user.authenticate("")).to be_falsey
37
37
  end
38
-
39
- it "upgrade to newest hasher" do
40
- user.digest = "sha1$seasalt$cff36ea83f5706ce9aa7454e63e431fc726b2dc8"
41
- expect { user.authenticate(secret) }.to change(user, :digest)
42
- expect(user.digest).to match(/^pbkdf2_sha256\$/)
43
- end
44
-
45
- it "upgrade to new iterations values" do
46
- user.digest = "pbkdf2_sha256$20000$seasalt$oBSd886ysm3AqYun62DOdin8YcfbU1z9cksZSuLP9r0="
47
- expect { user.authenticate(secret) }.to change(user, :digest)
48
- expect(user.digest).to match(/^pbkdf2_sha256\$24000\$/)
49
- end
50
38
  end
51
39
 
52
40
  describe Sequel::Plugins::Password::PBKDF2Hasher do
data/spec/spec_helper.rb CHANGED
@@ -19,7 +19,7 @@ RSpec.configure do |config|
19
19
  class DefaultUser < Sequel::Model
20
20
  set_schema do
21
21
  primary_key :id
22
- varchar :digest
22
+ varchar :password
23
23
  end
24
24
 
25
25
  plugin :password
@@ -28,7 +28,7 @@ RSpec.configure do |config|
28
28
  class BCryptUser < Sequel::Model
29
29
  set_schema do
30
30
  primary_key :id
31
- varchar :digest
31
+ varchar :password
32
32
  end
33
33
 
34
34
  plugin :password, hashers: { bcrypt: Sequel::Plugins::Password::BCryptHasher.new }
@@ -37,7 +37,7 @@ RSpec.configure do |config|
37
37
  class BCryptSHA256User < Sequel::Model
38
38
  set_schema do
39
39
  primary_key :id
40
- varchar :digest
40
+ varchar :password
41
41
  end
42
42
 
43
43
  plugin :password, hashers: { bcrypt: Sequel::Plugins::Password::BCryptSHA256Hasher.new }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sequel_password
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Timothée Peignier
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-04-05 00:00:00.000000000 Z
11
+ date: 2015-08-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sequel
@@ -156,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
156
156
  version: '0'
157
157
  requirements: []
158
158
  rubyforge_project:
159
- rubygems_version: 2.4.5
159
+ rubygems_version: 2.4.5.1
160
160
  signing_key:
161
161
  specification_version: 4
162
162
  summary: Add passwords hashing to sequel models.