sequel_simple_oauth2 0.0.0 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 53006a40c16c0f2b5bf90b71cb711cf846581e36c042e3d61ad62d5612c82ff2
|
|
4
|
+
data.tar.gz: c3c0b7aa1f2df17d89d9180beb9ad85325de46499d61889127355bff86246679
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3144794a8c449f6be7bf2270264d3b10cf5ec3a0e75823a0886fdf6b1f12c763108ee81f1ece101a9b9528182a4ef249ff294357f4534a7a1a70e6d02b1ade85
|
|
7
|
+
data.tar.gz: 2e165f47922a377258e8aebe98fff39e7f5fe42d7d50d36e9c099c747f8f3182b2b57271094851ef8fae907f7123468c0b12b6209a2516d32b2f14a37fe41eaf
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# rubocop:disable Style/GuardClause
|
|
1
2
|
module Sequel
|
|
2
3
|
module Simple
|
|
3
4
|
module OAuth2
|
|
@@ -6,20 +7,95 @@ module Sequel
|
|
|
6
7
|
module ResourceOwner
|
|
7
8
|
extend ActiveSupport::Concern
|
|
8
9
|
|
|
9
|
-
included do
|
|
10
|
+
included do # rubocop:disable Metrics/BlockLength
|
|
11
|
+
include BCrypt
|
|
12
|
+
|
|
13
|
+
attr_accessor :password_confirmation
|
|
14
|
+
|
|
15
|
+
# BCrypt hash function can handle maximum 72 characters, and if we pass
|
|
16
|
+
# password of length more than 72 characters it ignores extra characters.
|
|
17
|
+
# Hence need to put a restriction on password length.
|
|
18
|
+
MAX_PASSWORD_LENGTH_ALLOWED = 72
|
|
19
|
+
|
|
20
|
+
plugin :validation_helpers
|
|
10
21
|
plugin :timestamps, force: true, update_on_create: true
|
|
11
22
|
|
|
12
|
-
#
|
|
23
|
+
# Required fields!
|
|
24
|
+
def validate
|
|
25
|
+
super
|
|
26
|
+
validates_presence :password
|
|
27
|
+
validates_max_length MAX_PASSWORD_LENGTH_ALLOWED, :password_confirmation, allow_nil: true
|
|
28
|
+
|
|
29
|
+
if password_confirmation.present? && password != password_confirmation
|
|
30
|
+
errors.add(:password_confirmation, 'must match with password')
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
# Returns resource if the password is correct, otherwise +false+.
|
|
35
|
+
#
|
|
36
|
+
# @param pass [String] Password value.
|
|
37
|
+
#
|
|
38
|
+
# @return [Object, false] ResourceOwner object or false if password is incorrect.
|
|
39
|
+
#
|
|
40
|
+
# @example
|
|
41
|
+
# user = User.new(password: 'foo')
|
|
42
|
+
# user.save
|
|
43
|
+
# user.authenticate('notfoo') # => false
|
|
44
|
+
# user.authenticate('foo') # => user
|
|
45
|
+
#
|
|
46
|
+
def authenticate(pass)
|
|
47
|
+
password.is_password?(pass) && self
|
|
48
|
+
# BCrypt::Password.new(encrypted_password).is_password?(pass) && self
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
# Returns encrypted password if encrypted_password is not empty.
|
|
13
52
|
#
|
|
14
|
-
# @
|
|
15
|
-
# @param username [String, #to_s] username value (any object that responds to `#to_s`).
|
|
16
|
-
# @param password [String] password value.
|
|
53
|
+
# @return [String] Encrypted password.
|
|
17
54
|
#
|
|
18
|
-
# @
|
|
55
|
+
# @example
|
|
56
|
+
# user = User.new
|
|
57
|
+
# user.password = 'foo'
|
|
58
|
+
# user.password #=> "$2a$10$4LEA7r4YmNHtvlAvHhsYAeZmk/xeUVtMTYqwIvYY76EW5GUqDiP4."
|
|
59
|
+
# user.password == 'foo' #=> true
|
|
19
60
|
#
|
|
20
|
-
def
|
|
21
|
-
|
|
22
|
-
|
|
61
|
+
def password
|
|
62
|
+
@password ||= BCrypt::Password.new(encrypted_password) if encrypted_password
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
# Allows to increase the amount of work required to hash a password as computers get faster.
|
|
66
|
+
# Old passwords will still work fine, but new passwords can keep up with the times.
|
|
67
|
+
# If true returns BCrypt::Engine::MIN_COST otherwise BCrypt::Engine.cost.
|
|
68
|
+
#
|
|
69
|
+
# @example
|
|
70
|
+
# user = User.new
|
|
71
|
+
# user.min_cost? #=> false
|
|
72
|
+
#
|
|
73
|
+
def min_cost?
|
|
74
|
+
false
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
# Encrypts the password into the encrypted_password attribute, only if the new password is not empty.
|
|
78
|
+
#
|
|
79
|
+
# @param pass [String] Password value.
|
|
80
|
+
#
|
|
81
|
+
# @return [String] Encrypted password.
|
|
82
|
+
#
|
|
83
|
+
# @example
|
|
84
|
+
# user = User.new
|
|
85
|
+
# user.password = nil
|
|
86
|
+
# user.encrypted_password #=> nil
|
|
87
|
+
# user.password = 'foo'
|
|
88
|
+
# user.encrypted_password #=> "$2a$10$4LEA7r4YmNHtvlAvHhsYAeZmk/xeUVtMTYqwIvYY76EW5GUqDiP4."
|
|
89
|
+
#
|
|
90
|
+
def password=(pass)
|
|
91
|
+
if pass.present? && pass.length >= MAX_PASSWORD_LENGTH_ALLOWED
|
|
92
|
+
raise(ArgumentError, "Password is longer than #{MAX_PASSWORD_LENGTH_ALLOWED} characters")
|
|
93
|
+
elsif pass.present?
|
|
94
|
+
cost = min_cost? ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
|
|
95
|
+
new_password = BCrypt::Password.create(pass, cost: cost)
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
self.encrypted_password = new_password
|
|
23
99
|
end
|
|
24
100
|
end
|
|
25
101
|
end
|
|
@@ -16,7 +16,7 @@ module Sequel
|
|
|
16
16
|
# Level changes for implementation level detail changes, such as small bug fixes
|
|
17
17
|
PATCH = 0
|
|
18
18
|
# Level changes for any backwards compatible API changes, such as new functionality/features
|
|
19
|
-
MINOR =
|
|
19
|
+
MINOR = 1
|
|
20
20
|
# Level changes for backwards incompatible API changes,
|
|
21
21
|
# such as changes that will break existing users code if they update
|
|
22
22
|
MAJOR = 0
|
data/lib/sequel_simple_oauth2.rb
CHANGED