seraph 0.0.4 → 0.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +5 -0
- data/README.md +6 -2
- data/lib/seraph/authenticator.rb +32 -0
- data/lib/seraph/utils.rb +10 -0
- data/lib/seraph/version.rb +1 -1
- data/seraph.gemspec +1 -1
- data/spec/seraph/authenticator_spec.rb +35 -0
- data/spec/seraph/password_encryptor_spec.rb +1 -6
- data/spec/spec_helper.rb +5 -0
- data/spec/support/pepper_configuration.rb +8 -0
- metadata +21 -16
- data/lib/seraph/extensions/nil_class_blank.rb +0 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87711ece6861da7a244448c707b9588c22d1e8fc
|
|
4
|
+
data.tar.gz: 74326bd119d70bffaf09c5a1737a14e20359e934
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c934f404675ce042d89c3649dd916f80826c96c764951bb5670df12930ff1afa51306e8bff831371f9262718e7ad7104ad5894457fd937af52a1b8653a5b588c
|
|
7
|
+
data.tar.gz: 4e554eb21423cf534cf7f54efa054457701dbba43fd7e6e22425f97f7bf2fe70acfbb2e57056982a8feef330f6abebbfb3ec1c79c17c586825283757034dcf08
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# seraph
|
|
2
2
|
[](https://travis-ci.org/Szeliga/seraph)
|
|
3
|
+
[](https://codeclimate.com/github/Szeliga/seraph)
|
|
4
|
+
[](https://codeclimate.com/github/Szeliga/seraph/coverage)
|
|
3
5
|
|
|
4
6
|
A simple framework-agnostic library for authentication. seraph provides an API for implementing User authentication inside your app. It doesn't make any assumptions about your setup, so you do not have to have a `User` class that inherits from `ActiveRecord::Base`.
|
|
5
7
|
|
|
@@ -58,9 +60,9 @@ Seraph::PasswordEncryptor.call('foobar12')
|
|
|
58
60
|
|
|
59
61
|
As a result you get the encrypted password, which you can be persisted in the database, alongside other user data (e-mail, login, etc.)
|
|
60
62
|
|
|
61
|
-
###
|
|
63
|
+
### Comparing a provided password with the encrypted one
|
|
62
64
|
|
|
63
|
-
Comparison is done using a constant-time secure comparison method
|
|
65
|
+
Comparison is done using a constant-time secure comparison method from the gem (fast_secure_compare)[https://github.com/daxtens/fast_secure_compare]
|
|
64
66
|
|
|
65
67
|
To do it simply run:
|
|
66
68
|
|
|
@@ -69,6 +71,8 @@ Seraph::Authenticator.call(encrypted_password, plaintext_password)
|
|
|
69
71
|
# => true or false
|
|
70
72
|
```
|
|
71
73
|
|
|
74
|
+
If the pepper was set in the configuration block, it will be automatically used in the comparison.
|
|
75
|
+
|
|
72
76
|
## Copyright
|
|
73
77
|
|
|
74
78
|
Copyright (c) 2016 Szymon Szeliga
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
require 'bcrypt'
|
|
2
|
+
require 'seraph/utils'
|
|
3
|
+
|
|
4
|
+
module Seraph
|
|
5
|
+
class Authenticator
|
|
6
|
+
private_class_method :new
|
|
7
|
+
|
|
8
|
+
def self.call(encrypted, plaintext)
|
|
9
|
+
new(encrypted, plaintext).call
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def call
|
|
13
|
+
bcrypt = BCrypt::Password.new(encrypted)
|
|
14
|
+
peppered_password = pepper.blank? ? plaintext : "#{plaintext}:#{pepper}"
|
|
15
|
+
password = BCrypt::Engine.hash_secret(peppered_password, bcrypt.salt)
|
|
16
|
+
Utils.compare(encrypted, password)
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def initialize(encrypted, plaintext)
|
|
20
|
+
@encrypted = encrypted
|
|
21
|
+
@plaintext = plaintext
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
private
|
|
25
|
+
|
|
26
|
+
attr_reader :encrypted, :plaintext
|
|
27
|
+
|
|
28
|
+
def pepper
|
|
29
|
+
String(Seraph.configuration.pepper)
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
data/lib/seraph/utils.rb
ADDED
data/lib/seraph/version.rb
CHANGED
data/seraph.gemspec
CHANGED
|
@@ -33,10 +33,10 @@ Gem::Specification.new do |gem|
|
|
|
33
33
|
gem.add_dependency 'bcrypt', '~> 3.1'
|
|
34
34
|
gem.add_dependency 'fast_secure_compare', '~> 1.0'
|
|
35
35
|
gem.add_dependency 'fast_blank', '~> 1.0'
|
|
36
|
-
gem.add_development_dependency 'bundler', '~> 1.10'
|
|
37
36
|
gem.add_development_dependency 'rake', '~> 10.0'
|
|
38
37
|
gem.add_development_dependency 'rspec', '~> 3.0'
|
|
39
38
|
gem.add_development_dependency 'rubygems-tasks', '~> 0.2'
|
|
40
39
|
gem.add_development_dependency 'fuubar', '~> 2.0'
|
|
41
40
|
gem.add_development_dependency 'pry', '~> 0.10'
|
|
41
|
+
gem.add_development_dependency 'codeclimate-test-reporter', '~> 0.1'
|
|
42
42
|
end
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require 'seraph/authenticator'
|
|
3
|
+
require 'seraph/password_encryptor'
|
|
4
|
+
|
|
5
|
+
RSpec.describe Seraph::Authenticator do
|
|
6
|
+
describe '.call' do
|
|
7
|
+
let(:plaintext) { 'foobar12' }
|
|
8
|
+
let(:encrypted) { Seraph::PasswordEncryptor.call(plaintext).to_s }
|
|
9
|
+
subject(:authenticated) { described_class.call(encrypted, provided) }
|
|
10
|
+
|
|
11
|
+
context 'when the provided password is the same as the encrypted one' do
|
|
12
|
+
let(:provided) { plaintext }
|
|
13
|
+
it { is_expected.to be_truthy }
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
context 'when the provided password is different than the encrypted one' do
|
|
17
|
+
let(:provided) { 'wrongpassword' }
|
|
18
|
+
it { is_expected.to be_falsey }
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
context 'when pepper is set' do
|
|
22
|
+
include_context 'pepper set in configuration'
|
|
23
|
+
|
|
24
|
+
context 'when the provided password is the same as the encrypted one' do
|
|
25
|
+
let(:provided) { plaintext }
|
|
26
|
+
it { is_expected.to be_truthy }
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
context 'when the provided password is different than the encrypted one' do
|
|
30
|
+
let(:provided) { 'wrongpassword' }
|
|
31
|
+
it { is_expected.to be_falsey }
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
@@ -13,12 +13,7 @@ RSpec.describe Seraph::PasswordEncryptor do
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
context 'when pepper is set' do
|
|
16
|
-
|
|
17
|
-
before do
|
|
18
|
-
Seraph.configure do |config|
|
|
19
|
-
config.pepper = pepper
|
|
20
|
-
end
|
|
21
|
-
end
|
|
16
|
+
include_context 'pepper set in configuration'
|
|
22
17
|
|
|
23
18
|
it 'uses the pepper for encrypting the password' do
|
|
24
19
|
expect(encrypted_password).to eq BCrypt::Engine.hash_secret("#{password}:#{pepper}", salt)
|
data/spec/spec_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: seraph
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Szymon Szeliga
|
|
@@ -52,20 +52,6 @@ dependencies:
|
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
54
|
version: '1.0'
|
|
55
|
-
- !ruby/object:Gem::Dependency
|
|
56
|
-
name: bundler
|
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
|
58
|
-
requirements:
|
|
59
|
-
- - "~>"
|
|
60
|
-
- !ruby/object:Gem::Version
|
|
61
|
-
version: '1.10'
|
|
62
|
-
type: :development
|
|
63
|
-
prerelease: false
|
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
-
requirements:
|
|
66
|
-
- - "~>"
|
|
67
|
-
- !ruby/object:Gem::Version
|
|
68
|
-
version: '1.10'
|
|
69
55
|
- !ruby/object:Gem::Dependency
|
|
70
56
|
name: rake
|
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -136,6 +122,20 @@ dependencies:
|
|
|
136
122
|
- - "~>"
|
|
137
123
|
- !ruby/object:Gem::Version
|
|
138
124
|
version: '0.10'
|
|
125
|
+
- !ruby/object:Gem::Dependency
|
|
126
|
+
name: codeclimate-test-reporter
|
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
|
128
|
+
requirements:
|
|
129
|
+
- - "~>"
|
|
130
|
+
- !ruby/object:Gem::Version
|
|
131
|
+
version: '0.1'
|
|
132
|
+
type: :development
|
|
133
|
+
prerelease: false
|
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
+
requirements:
|
|
136
|
+
- - "~>"
|
|
137
|
+
- !ruby/object:Gem::Version
|
|
138
|
+
version: '0.1'
|
|
139
139
|
description: Looking for an authentication gem that doesn't make any assumptions about
|
|
140
140
|
your setup? You've came to the right place.
|
|
141
141
|
email: szeliga.szymon@gmail.com
|
|
@@ -155,14 +155,17 @@ files:
|
|
|
155
155
|
- README.md
|
|
156
156
|
- Rakefile
|
|
157
157
|
- lib/seraph.rb
|
|
158
|
+
- lib/seraph/authenticator.rb
|
|
158
159
|
- lib/seraph/configuration.rb
|
|
159
|
-
- lib/seraph/extensions/nil_class_blank.rb
|
|
160
160
|
- lib/seraph/password_encryptor.rb
|
|
161
|
+
- lib/seraph/utils.rb
|
|
161
162
|
- lib/seraph/version.rb
|
|
162
163
|
- seraph.gemspec
|
|
164
|
+
- spec/seraph/authenticator_spec.rb
|
|
163
165
|
- spec/seraph/password_encryptor_spec.rb
|
|
164
166
|
- spec/seraph_spec.rb
|
|
165
167
|
- spec/spec_helper.rb
|
|
168
|
+
- spec/support/pepper_configuration.rb
|
|
166
169
|
homepage: https://rubygems.org/gems/seraph
|
|
167
170
|
licenses:
|
|
168
171
|
- MIT
|
|
@@ -188,6 +191,8 @@ signing_key:
|
|
|
188
191
|
specification_version: 4
|
|
189
192
|
summary: A simple framework-agnostic library for authentication
|
|
190
193
|
test_files:
|
|
194
|
+
- spec/seraph/authenticator_spec.rb
|
|
191
195
|
- spec/seraph/password_encryptor_spec.rb
|
|
192
196
|
- spec/seraph_spec.rb
|
|
193
197
|
- spec/spec_helper.rb
|
|
198
|
+
- spec/support/pepper_configuration.rb
|