singularity 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/global_user.rb +10 -8
- data/lib/singularity/password_hash.rb +29 -0
- data/lib/singularity/version.rb +1 -1
- metadata +14 -13
data/lib/global_user.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'singularity/password_hash'
|
2
2
|
|
3
3
|
class GlobalUser < Redis::NativeHash
|
4
4
|
attr_persist :login, :password_hash
|
@@ -10,21 +10,23 @@ class GlobalUser < Redis::NativeHash
|
|
10
10
|
|
11
11
|
def namespace; :global_user; end
|
12
12
|
|
13
|
+
def salt
|
14
|
+
self[:password_salt] ||= SecureRandom.hex(32)
|
15
|
+
end
|
16
|
+
|
13
17
|
def password=(value)
|
14
|
-
self
|
18
|
+
self[:password_hash] = Singularity::PasswordHash.generate(value, salt)
|
19
|
+
self[:password_hash]
|
15
20
|
end
|
16
21
|
|
17
22
|
def password?(value)
|
18
|
-
|
23
|
+
return false unless value.present?
|
24
|
+
Singularity::PasswordHash.new(self[:password_hash]).matches?(value, salt)
|
19
25
|
end
|
20
26
|
|
21
27
|
def save
|
22
28
|
self.key = login unless login.nil?
|
23
29
|
super
|
24
30
|
end
|
25
|
-
|
26
|
-
def generate_password_hash(value)
|
27
|
-
tokens = [ value, 'salt-goes-here', login ]
|
28
|
-
::Digest::SHA256.hexdigest('--' << tokens.flatten.join('--') << '--')
|
29
|
-
end
|
30
31
|
end
|
32
|
+
|
@@ -0,0 +1,29 @@
|
|
1
|
+
require 'openssl'
|
2
|
+
|
3
|
+
module Singularity
|
4
|
+
class PasswordHash
|
5
|
+
attr_reader :digest
|
6
|
+
|
7
|
+
def initialize(digest = nil)
|
8
|
+
@digest = digest
|
9
|
+
end
|
10
|
+
|
11
|
+
def self.iterations; 20_000; end
|
12
|
+
|
13
|
+
def self.digest_algorithm
|
14
|
+
OpenSSL::Digest::SHA512.new
|
15
|
+
end
|
16
|
+
|
17
|
+
def self.key_length
|
18
|
+
digest_algorithm.length
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.generate(password, salt)
|
22
|
+
OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, key_length, digest_algorithm).unpack('H*').first
|
23
|
+
end
|
24
|
+
|
25
|
+
def matches?(password, salt)
|
26
|
+
Rack::Utils.secure_compare digest, self.class.generate(password, salt)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
data/lib/singularity/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: singularity
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,11 +10,11 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date:
|
13
|
+
date: 2013-07-07 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: redis-native_hash
|
17
|
-
requirement: &
|
17
|
+
requirement: &70107581852100 !ruby/object:Gem::Requirement
|
18
18
|
none: false
|
19
19
|
requirements:
|
20
20
|
- - ! '>='
|
@@ -22,10 +22,10 @@ dependencies:
|
|
22
22
|
version: '0'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
|
-
version_requirements: *
|
25
|
+
version_requirements: *70107581852100
|
26
26
|
- !ruby/object:Gem::Dependency
|
27
27
|
name: railties
|
28
|
-
requirement: &
|
28
|
+
requirement: &70107581848460 !ruby/object:Gem::Requirement
|
29
29
|
none: false
|
30
30
|
requirements:
|
31
31
|
- - ~>
|
@@ -33,10 +33,10 @@ dependencies:
|
|
33
33
|
version: '3.1'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
|
-
version_requirements: *
|
36
|
+
version_requirements: *70107581848460
|
37
37
|
- !ruby/object:Gem::Dependency
|
38
38
|
name: jquery-rails
|
39
|
-
requirement: &
|
39
|
+
requirement: &70107581846180 !ruby/object:Gem::Requirement
|
40
40
|
none: false
|
41
41
|
requirements:
|
42
42
|
- - ~>
|
@@ -44,10 +44,10 @@ dependencies:
|
|
44
44
|
version: '1.0'
|
45
45
|
type: :runtime
|
46
46
|
prerelease: false
|
47
|
-
version_requirements: *
|
47
|
+
version_requirements: *70107581846180
|
48
48
|
- !ruby/object:Gem::Dependency
|
49
49
|
name: bundler
|
50
|
-
requirement: &
|
50
|
+
requirement: &70107581844680 !ruby/object:Gem::Requirement
|
51
51
|
none: false
|
52
52
|
requirements:
|
53
53
|
- - ~>
|
@@ -55,10 +55,10 @@ dependencies:
|
|
55
55
|
version: 1.0.0
|
56
56
|
type: :development
|
57
57
|
prerelease: false
|
58
|
-
version_requirements: *
|
58
|
+
version_requirements: *70107581844680
|
59
59
|
- !ruby/object:Gem::Dependency
|
60
60
|
name: rspec
|
61
|
-
requirement: &
|
61
|
+
requirement: &70107581844040 !ruby/object:Gem::Requirement
|
62
62
|
none: false
|
63
63
|
requirements:
|
64
64
|
- - ~>
|
@@ -66,7 +66,7 @@ dependencies:
|
|
66
66
|
version: 2.3.0
|
67
67
|
type: :development
|
68
68
|
prerelease: false
|
69
|
-
version_requirements: *
|
69
|
+
version_requirements: *70107581844040
|
70
70
|
description: Singularity helps you keep users logged in across many domains
|
71
71
|
email:
|
72
72
|
- czulauf@lyconic.com
|
@@ -84,6 +84,7 @@ files:
|
|
84
84
|
- lib/global_user.rb
|
85
85
|
- lib/singularity.rb
|
86
86
|
- lib/singularity/engine.rb
|
87
|
+
- lib/singularity/password_hash.rb
|
87
88
|
- lib/singularity/version.rb
|
88
89
|
- singularity.gemspec
|
89
90
|
homepage: https://github.com/lyconic/singularity
|
@@ -107,7 +108,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
107
108
|
version: '0'
|
108
109
|
requirements: []
|
109
110
|
rubyforge_project:
|
110
|
-
rubygems_version: 1.8.
|
111
|
+
rubygems_version: 1.8.15
|
111
112
|
signing_key:
|
112
113
|
specification_version: 3
|
113
114
|
summary: multi-domain single sign on
|