sequel_simple_oauth2 0.0.0 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 53006a40c16c0f2b5bf90b71cb711cf846581e36c042e3d61ad62d5612c82ff2
|
4
|
+
data.tar.gz: c3c0b7aa1f2df17d89d9180beb9ad85325de46499d61889127355bff86246679
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3144794a8c449f6be7bf2270264d3b10cf5ec3a0e75823a0886fdf6b1f12c763108ee81f1ece101a9b9528182a4ef249ff294357f4534a7a1a70e6d02b1ade85
|
7
|
+
data.tar.gz: 2e165f47922a377258e8aebe98fff39e7f5fe42d7d50d36e9c099c747f8f3182b2b57271094851ef8fae907f7123468c0b12b6209a2516d32b2f14a37fe41eaf
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# rubocop:disable Style/GuardClause
|
1
2
|
module Sequel
|
2
3
|
module Simple
|
3
4
|
module OAuth2
|
@@ -6,20 +7,95 @@ module Sequel
|
|
6
7
|
module ResourceOwner
|
7
8
|
extend ActiveSupport::Concern
|
8
9
|
|
9
|
-
included do
|
10
|
+
included do # rubocop:disable Metrics/BlockLength
|
11
|
+
include BCrypt
|
12
|
+
|
13
|
+
attr_accessor :password_confirmation
|
14
|
+
|
15
|
+
# BCrypt hash function can handle maximum 72 characters, and if we pass
|
16
|
+
# password of length more than 72 characters it ignores extra characters.
|
17
|
+
# Hence need to put a restriction on password length.
|
18
|
+
MAX_PASSWORD_LENGTH_ALLOWED = 72
|
19
|
+
|
20
|
+
plugin :validation_helpers
|
10
21
|
plugin :timestamps, force: true, update_on_create: true
|
11
22
|
|
12
|
-
#
|
23
|
+
# Required fields!
|
24
|
+
def validate
|
25
|
+
super
|
26
|
+
validates_presence :password
|
27
|
+
validates_max_length MAX_PASSWORD_LENGTH_ALLOWED, :password_confirmation, allow_nil: true
|
28
|
+
|
29
|
+
if password_confirmation.present? && password != password_confirmation
|
30
|
+
errors.add(:password_confirmation, 'must match with password')
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
# Returns resource if the password is correct, otherwise +false+.
|
35
|
+
#
|
36
|
+
# @param pass [String] Password value.
|
37
|
+
#
|
38
|
+
# @return [Object, false] ResourceOwner object or false if password is incorrect.
|
39
|
+
#
|
40
|
+
# @example
|
41
|
+
# user = User.new(password: 'foo')
|
42
|
+
# user.save
|
43
|
+
# user.authenticate('notfoo') # => false
|
44
|
+
# user.authenticate('foo') # => user
|
45
|
+
#
|
46
|
+
def authenticate(pass)
|
47
|
+
password.is_password?(pass) && self
|
48
|
+
# BCrypt::Password.new(encrypted_password).is_password?(pass) && self
|
49
|
+
end
|
50
|
+
|
51
|
+
# Returns encrypted password if encrypted_password is not empty.
|
13
52
|
#
|
14
|
-
# @
|
15
|
-
# @param username [String, #to_s] username value (any object that responds to `#to_s`).
|
16
|
-
# @param password [String] password value.
|
53
|
+
# @return [String] Encrypted password.
|
17
54
|
#
|
18
|
-
# @
|
55
|
+
# @example
|
56
|
+
# user = User.new
|
57
|
+
# user.password = 'foo'
|
58
|
+
# user.password #=> "$2a$10$4LEA7r4YmNHtvlAvHhsYAeZmk/xeUVtMTYqwIvYY76EW5GUqDiP4."
|
59
|
+
# user.password == 'foo' #=> true
|
19
60
|
#
|
20
|
-
def
|
21
|
-
|
22
|
-
|
61
|
+
def password
|
62
|
+
@password ||= BCrypt::Password.new(encrypted_password) if encrypted_password
|
63
|
+
end
|
64
|
+
|
65
|
+
# Allows to increase the amount of work required to hash a password as computers get faster.
|
66
|
+
# Old passwords will still work fine, but new passwords can keep up with the times.
|
67
|
+
# If true returns BCrypt::Engine::MIN_COST otherwise BCrypt::Engine.cost.
|
68
|
+
#
|
69
|
+
# @example
|
70
|
+
# user = User.new
|
71
|
+
# user.min_cost? #=> false
|
72
|
+
#
|
73
|
+
def min_cost?
|
74
|
+
false
|
75
|
+
end
|
76
|
+
|
77
|
+
# Encrypts the password into the encrypted_password attribute, only if the new password is not empty.
|
78
|
+
#
|
79
|
+
# @param pass [String] Password value.
|
80
|
+
#
|
81
|
+
# @return [String] Encrypted password.
|
82
|
+
#
|
83
|
+
# @example
|
84
|
+
# user = User.new
|
85
|
+
# user.password = nil
|
86
|
+
# user.encrypted_password #=> nil
|
87
|
+
# user.password = 'foo'
|
88
|
+
# user.encrypted_password #=> "$2a$10$4LEA7r4YmNHtvlAvHhsYAeZmk/xeUVtMTYqwIvYY76EW5GUqDiP4."
|
89
|
+
#
|
90
|
+
def password=(pass)
|
91
|
+
if pass.present? && pass.length >= MAX_PASSWORD_LENGTH_ALLOWED
|
92
|
+
raise(ArgumentError, "Password is longer than #{MAX_PASSWORD_LENGTH_ALLOWED} characters")
|
93
|
+
elsif pass.present?
|
94
|
+
cost = min_cost? ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
|
95
|
+
new_password = BCrypt::Password.create(pass, cost: cost)
|
96
|
+
end
|
97
|
+
|
98
|
+
self.encrypted_password = new_password
|
23
99
|
end
|
24
100
|
end
|
25
101
|
end
|
@@ -16,7 +16,7 @@ module Sequel
|
|
16
16
|
# Level changes for implementation level detail changes, such as small bug fixes
|
17
17
|
PATCH = 0
|
18
18
|
# Level changes for any backwards compatible API changes, such as new functionality/features
|
19
|
-
MINOR =
|
19
|
+
MINOR = 1
|
20
20
|
# Level changes for backwards incompatible API changes,
|
21
21
|
# such as changes that will break existing users code if they update
|
22
22
|
MAJOR = 0
|
data/lib/sequel_simple_oauth2.rb
CHANGED