RubyGems - sorcery - Versions diffs - 0.1.0 → 0.1.1 - Mend

sorcery 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of sorcery might be problematic. Click here for more details.

Files changed (9) hide show

data/Rakefile +1 -0
data/VERSION +1 -1
data/lib/sorcery/crypto_providers/bcrypt.rb +1 -1
data/lib/sorcery/model.rb +11 -5
data/sorcery.gemspec +206 -0
data/spec/rails3/Gemfile +2 -1
data/spec/rails3/Gemfile.lock +2 -0
data/spec/rails3/user_spec.rb +8 -4
metadata +5 -44

data/Rakefile CHANGED Viewed

@@ -22,6 +22,7 @@ Jeweler::Tasks.new do |gem|
   # and development dependencies are only needed for development (ie running rake tasks, tests, etc)
   #  gem.add_runtime_dependency 'jabber4r', '> 0.1'
   #  gem.add_development_dependency 'rspec', '> 1.2.3'
+  #  gem.add_runtime_dependency 'bcrypt-ruby', '~> 2.1.4'
 end
 Jeweler::RubygemsDotOrgTasks.new

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.1.0
1	+ 0.1.1

data/lib/sorcery/crypto_providers/bcrypt.rb CHANGED Viewed

@@ -49,7 +49,7 @@ module Sorcery
           @cost ||= 10
         end
         attr_writer :cost
-        alias :stretches= :cost=
+        #alias :stretches= :cost=
         # Creates a BCrypt hash for the password passed.
         def encrypt(*tokens)

data/lib/sorcery/model.rb CHANGED Viewed

@@ -52,10 +52,16 @@ module Sorcery
       def authenticate(*credentials)
         raise ArgumentError, "at least 2 arguments required" if credentials.size < 2
         user = where("#{@sorcery_config.username_attribute_name} = ?", credentials[0]).first
-        salt = user.send(@sorcery_config.salt_attribute_name) if user && !@sorcery_config.salt_attribute_name.nil?
-        user if user && @sorcery_config.before_authenticate.all? {|c| user.send(c)} && (user.send(@sorcery_config.crypted_password_attribute_name)) == encrypt(credentials[1],salt)
+        _salt = user.send(@sorcery_config.salt_attribute_name) if user && !@sorcery_config.salt_attribute_name.nil? && !@sorcery_config.encryption_provider.nil?
+        user if user && @sorcery_config.before_authenticate.all? {|c| user.send(c)} && credentials_match?(user.send(@sorcery_config.crypted_password_attribute_name),credentials[1],_salt)
+      end
+      def credentials_match?(crypted, *tokens)
+        return crypted == tokens.join if @sorcery_config.encryption_provider.nil?
+        @sorcery_config.encryption_provider.matches?(crypted, *tokens)
       end
+      # encrypt tokens using current encryption_provider.
       def encrypt(*tokens)
         return tokens.first if @sorcery_config.encryption_provider.nil?
@@ -78,8 +84,8 @@ module Sorcery
       # encrypts password with salt and save it.
       def encrypt_password
         config = sorcery_config
-        self.send(:"#{config.salt_attribute_name}=", generate_random_code) if !config.salt_attribute_name.nil?
-        self.send(:"#{config.crypted_password_attribute_name}=", self.class.encrypt(self.send(config.password_attribute_name),salt))
+        new_salt = self.send(:"#{config.salt_attribute_name}=", generate_random_code) if !config.salt_attribute_name.nil?
+        self.send(:"#{config.crypted_password_attribute_name}=", self.class.encrypt(self.send(config.password_attribute_name),new_salt))
       end
       def clear_virtual_password
@@ -131,7 +137,7 @@ module Sorcery
           :@password_attribute_name              => :password,
           :@email_attribute_name                 => :email,
           :@crypted_password_attribute_name      => :crypted_password,
-          :@encryption_algorithm                 => :sha256,
+          :@encryption_algorithm                 => :bcrypt,
           :@encryption_provider                  => CryptoProviders::BCrypt,
           :@custom_encryption_provider           => nil,
           :@encryption_key                       => nil,

data/sorcery.gemspec ADDED Viewed

@@ -0,0 +1,206 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+Gem::Specification.new do |s|
+  s.name = %q{sorcery}
+  s.version = "0.1.1"
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Noam Ben Ari"]
+  s.date = %q{2011-02-04}
+  s.description = %q{Provides common authentication needs such as signing in/out, activating by email and resetting password.}
+  s.email = %q{nbenari@gmail.com}
+  s.extra_rdoc_files = [
+    "LICENSE.txt",
+    "README.rdoc"
+  ]
+  s.files = [
+    ".document",
+    ".rspec",
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENSE.txt",
+    "README.rdoc",
+    "Rakefile",
+    "VERSION",
+    "features/support/env.rb",
+    "lib/sorcery.rb",
+    "lib/sorcery/controller.rb",
+    "lib/sorcery/controller/submodules/brute_force_protection.rb",
+    "lib/sorcery/controller/submodules/remember_me.rb",
+    "lib/sorcery/controller/submodules/session_timeout.rb",
+    "lib/sorcery/crypto_providers/aes256.rb",
+    "lib/sorcery/crypto_providers/bcrypt.rb",
+    "lib/sorcery/crypto_providers/md5.rb",
+    "lib/sorcery/crypto_providers/sha1.rb",
+    "lib/sorcery/crypto_providers/sha256.rb",
+    "lib/sorcery/crypto_providers/sha512.rb",
+    "lib/sorcery/engine.rb",
+    "lib/sorcery/model.rb",
+    "lib/sorcery/model/submodules/password_reset.rb",
+    "lib/sorcery/model/submodules/remember_me.rb",
+    "lib/sorcery/model/submodules/user_activation.rb",
+    "sorcery.gemspec",
+    "spec/Gemfile",
+    "spec/Gemfile.lock",
+    "spec/Rakefile",
+    "spec/rails3/.rspec",
+    "spec/rails3/Gemfile",
+    "spec/rails3/Gemfile.lock",
+    "spec/rails3/Rakefile",
+    "spec/rails3/app_root/.gitignore",
+    "spec/rails3/app_root/README",
+    "spec/rails3/app_root/Rakefile.unused",
+    "spec/rails3/app_root/app/controllers/application_controller.rb",
+    "spec/rails3/app_root/app/helpers/application_helper.rb",
+    "spec/rails3/app_root/app/mailers/sorcery_mailer.rb",
+    "spec/rails3/app_root/app/models/user.rb",
+    "spec/rails3/app_root/app/views/layouts/application.html.erb",
+    "spec/rails3/app_root/app/views/sorcery_mailer/activation_email.html.erb",
+    "spec/rails3/app_root/app/views/sorcery_mailer/activation_email.text.erb",
+    "spec/rails3/app_root/app/views/sorcery_mailer/activation_success_email.html.erb",
+    "spec/rails3/app_root/app/views/sorcery_mailer/activation_success_email.text.erb",
+    "spec/rails3/app_root/app/views/sorcery_mailer/reset_password_email.html.erb",
+    "spec/rails3/app_root/app/views/sorcery_mailer/reset_password_email.text.erb",
+    "spec/rails3/app_root/config.ru",
+    "spec/rails3/app_root/config/application.rb",
+    "spec/rails3/app_root/config/boot.rb",
+    "spec/rails3/app_root/config/database.yml",
+    "spec/rails3/app_root/config/environment.rb",
+    "spec/rails3/app_root/config/environments/development.rb",
+    "spec/rails3/app_root/config/environments/in_memory.rb",
+    "spec/rails3/app_root/config/environments/production.rb",
+    "spec/rails3/app_root/config/environments/test.rb",
+    "spec/rails3/app_root/config/initializers/backtrace_silencers.rb",
+    "spec/rails3/app_root/config/initializers/inflections.rb",
+    "spec/rails3/app_root/config/initializers/mime_types.rb",
+    "spec/rails3/app_root/config/initializers/secret_token.rb",
+    "spec/rails3/app_root/config/initializers/session_store.rb",
+    "spec/rails3/app_root/config/locales/en.yml",
+    "spec/rails3/app_root/config/routes.rb",
+    "spec/rails3/app_root/db/migrate/activation/20101224223622_add_activation_to_users.rb",
+    "spec/rails3/app_root/db/migrate/core/20101224223620_create_users.rb",
+    "spec/rails3/app_root/db/migrate/password_reset/20101224223622_add_password_reset_to_users.rb",
+    "spec/rails3/app_root/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb",
+    "spec/rails3/app_root/db/schema.rb",
+    "spec/rails3/app_root/db/seeds.rb",
+    "spec/rails3/app_root/lib/tasks/.gitkeep",
+    "spec/rails3/app_root/public/404.html",
+    "spec/rails3/app_root/public/422.html",
+    "spec/rails3/app_root/public/500.html",
+    "spec/rails3/app_root/public/favicon.ico",
+    "spec/rails3/app_root/public/images/rails.png",
+    "spec/rails3/app_root/public/index.html",
+    "spec/rails3/app_root/public/javascripts/application.js",
+    "spec/rails3/app_root/public/javascripts/controls.js",
+    "spec/rails3/app_root/public/javascripts/dragdrop.js",
+    "spec/rails3/app_root/public/javascripts/effects.js",
+    "spec/rails3/app_root/public/javascripts/prototype.js",
+    "spec/rails3/app_root/public/javascripts/rails.js",
+    "spec/rails3/app_root/public/robots.txt",
+    "spec/rails3/app_root/public/stylesheets/.gitkeep",
+    "spec/rails3/app_root/script/rails",
+    "spec/rails3/app_root/test/fixtures/users.yml",
+    "spec/rails3/app_root/test/performance/browsing_test.rb",
+    "spec/rails3/app_root/test/test_helper.rb",
+    "spec/rails3/app_root/test/unit/user_test.rb",
+    "spec/rails3/app_root/vendor/plugins/.gitkeep",
+    "spec/rails3/controller_brute_force_protection_spec.rb",
+    "spec/rails3/controller_remember_me_spec.rb",
+    "spec/rails3/controller_session_timeout_spec.rb",
+    "spec/rails3/controller_spec.rb",
+    "spec/rails3/spec_helper.rb",
+    "spec/rails3/user_activation_spec.rb",
+    "spec/rails3/user_password_reset_spec.rb",
+    "spec/rails3/user_remember_me_spec.rb",
+    "spec/rails3/user_spec.rb",
+    "spec/sorcery_crypto_providers_spec.rb",
+    "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://github.com/NoamB/sorcery}
+  s.licenses = ["MIT"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.5.0}
+  s.summary = %q{Magical authentication for Rails 3 applications}
+  s.test_files = [
+    "spec/rails3/app_root/app/controllers/application_controller.rb",
+    "spec/rails3/app_root/app/helpers/application_helper.rb",
+    "spec/rails3/app_root/app/mailers/sorcery_mailer.rb",
+    "spec/rails3/app_root/app/models/user.rb",
+    "spec/rails3/app_root/config/application.rb",
+    "spec/rails3/app_root/config/boot.rb",
+    "spec/rails3/app_root/config/environment.rb",
+    "spec/rails3/app_root/config/environments/development.rb",
+    "spec/rails3/app_root/config/environments/in_memory.rb",
+    "spec/rails3/app_root/config/environments/production.rb",
+    "spec/rails3/app_root/config/environments/test.rb",
+    "spec/rails3/app_root/config/initializers/backtrace_silencers.rb",
+    "spec/rails3/app_root/config/initializers/inflections.rb",
+    "spec/rails3/app_root/config/initializers/mime_types.rb",
+    "spec/rails3/app_root/config/initializers/secret_token.rb",
+    "spec/rails3/app_root/config/initializers/session_store.rb",
+    "spec/rails3/app_root/config/routes.rb",
+    "spec/rails3/app_root/db/migrate/activation/20101224223622_add_activation_to_users.rb",
+    "spec/rails3/app_root/db/migrate/core/20101224223620_create_users.rb",
+    "spec/rails3/app_root/db/migrate/password_reset/20101224223622_add_password_reset_to_users.rb",
+    "spec/rails3/app_root/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb",
+    "spec/rails3/app_root/db/schema.rb",
+    "spec/rails3/app_root/db/seeds.rb",
+    "spec/rails3/app_root/test/performance/browsing_test.rb",
+    "spec/rails3/app_root/test/test_helper.rb",
+    "spec/rails3/app_root/test/unit/user_test.rb",
+    "spec/rails3/controller_brute_force_protection_spec.rb",
+    "spec/rails3/controller_remember_me_spec.rb",
+    "spec/rails3/controller_session_timeout_spec.rb",
+    "spec/rails3/controller_spec.rb",
+    "spec/rails3/spec_helper.rb",
+    "spec/rails3/user_activation_spec.rb",
+    "spec/rails3/user_password_reset_spec.rb",
+    "spec/rails3/user_remember_me_spec.rb",
+    "spec/rails3/user_spec.rb",
+    "spec/sorcery_crypto_providers_spec.rb",
+    "spec/spec_helper.rb"
+  ]
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rails>, ["= 3.0.3"])
+      s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
+      s.add_development_dependency(%q<rspec-rails>, [">= 0"])
+      s.add_development_dependency(%q<ruby-debug19>, [">= 0"])
+      s.add_development_dependency(%q<sqlite3-ruby>, [">= 0"])
+      s.add_development_dependency(%q<yard>, ["~> 0.6.0"])
+      s.add_development_dependency(%q<cucumber>, [">= 0"])
+      s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
+      s.add_development_dependency(%q<simplecov>, [">= 0.3.8"])
+    else
+      s.add_dependency(%q<rails>, ["= 3.0.3"])
+      s.add_dependency(%q<rspec>, ["~> 2.3.0"])
+      s.add_dependency(%q<rspec-rails>, [">= 0"])
+      s.add_dependency(%q<ruby-debug19>, [">= 0"])
+      s.add_dependency(%q<sqlite3-ruby>, [">= 0"])
+      s.add_dependency(%q<yard>, ["~> 0.6.0"])
+      s.add_dependency(%q<cucumber>, [">= 0"])
+      s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
+      s.add_dependency(%q<simplecov>, [">= 0.3.8"])
+    end
+  else
+    s.add_dependency(%q<rails>, ["= 3.0.3"])
+    s.add_dependency(%q<rspec>, ["~> 2.3.0"])
+    s.add_dependency(%q<rspec-rails>, [">= 0"])
+    s.add_dependency(%q<ruby-debug19>, [">= 0"])
+    s.add_dependency(%q<sqlite3-ruby>, [">= 0"])
+    s.add_dependency(%q<yard>, ["~> 0.6.0"])
+    s.add_dependency(%q<cucumber>, [">= 0"])
+    s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+    s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
+    s.add_dependency(%q<simplecov>, [">= 0.3.8"])
+  end
+end

data/spec/rails3/Gemfile CHANGED Viewed

@@ -3,7 +3,8 @@ source 'http://rubygems.org'
 gem 'rails', '3.0.3'
 gem 'sqlite3-ruby', :require => 'sqlite3'
 gem "sorcery", '0.1.0', :path => '../../../'
+gem 'bcrypt-ruby', '~> 2.1.4', :require => 'bcrypt'
 group :development do
   gem 'rspec'
   gem 'rspec-rails'

data/spec/rails3/Gemfile.lock CHANGED Viewed

@@ -35,6 +35,7 @@ GEM
     activesupport (3.0.3)
     archive-tar-minitar (0.5.2)
     arel (2.0.6)
+    bcrypt-ruby (2.1.4)
     builder (2.1.2)
     columnize (0.3.2)
     diff-lcs (1.1.2)
@@ -105,6 +106,7 @@ PLATFORMS
   ruby
 DEPENDENCIES
+  bcrypt-ruby (~> 2.1.4)
   rails (= 3.0.3)
   rspec
   rspec-rails

data/spec/rails3/user_spec.rb CHANGED Viewed

@@ -93,7 +93,7 @@ describe "User with no submodules (core)" do
   # ----------------- PLUGIN ACTIVATED -----------------------
   describe User, "when activated with sorcery" do
     before(:all) do
-      plugin_model_configure
+      plugin_model_configure()
     end
     before(:each) do
@@ -137,7 +137,7 @@ describe "User with no submodules (core)" do
     it "should encrypt password when a new user is saved" do
       create_new_user
-      @user.send(User.sorcery_config.crypted_password_attribute_name).should == User.encrypt('secret',@user.salt)
+      User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
     end
     it "should clear the virtual password field if the encryption process worked" do
@@ -171,14 +171,14 @@ describe "User with no submodules (core)" do
       create_new_user
       @user.email = "blup@bla.com"
       @user.save!
-      @user.send(User.sorcery_config.crypted_password_attribute_name).should == User.encrypt('secret',@user.salt)
+      User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
     end
     it "should replace the crypted_password in case a new password is set" do
       create_new_user
       @user.password = 'new_secret'
       @user.save!
-      @user.send(User.sorcery_config.crypted_password_attribute_name).should == User.encrypt('new_secret',@user.salt)
+      User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_false
     end
   end
@@ -209,6 +209,10 @@ describe "User with no submodules (core)" do
         def self.encrypt(*tokens)
           tokens.flatten.join('').gsub(/e/,'A')
         end
+        def self.matches?(crypted,*tokens)
+          crypted = encrypt(*tokens)
+        end
       end
       plugin_set_model_config_property(:encryption_algorithm, :custom)
       plugin_set_model_config_property(:custom_encryption_provider, MyCrypto)

metadata CHANGED Viewed

@@ -1,12 +1,8 @@
 --- !ruby/object:Gem::Specification
 name: sorcery
 version: !ruby/object:Gem::Version
-  prerelease: false
-  segments:
-  - 0
-  - 1
-  - 0
-  version: 0.1.0
+  prerelease:
+  version: 0.1.1
 platform: ruby
 authors:
 - Noam Ben Ari
@@ -14,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-02-01 00:00:00 +02:00
+date: 2011-02-04 00:00:00 +02:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -24,10 +20,6 @@ dependencies:
     requirements:
     - - "="
       - !ruby/object:Gem::Version
-        segments:
-        - 3
-        - 0
-        - 3
         version: 3.0.3
   type: :development
   prerelease: false
@@ -39,10 +31,6 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        segments:
-        - 2
-        - 3
-        - 0
         version: 2.3.0
   type: :development
   prerelease: false
@@ -54,8 +42,6 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-        - 0
         version: "0"
   type: :development
   prerelease: false
@@ -67,8 +53,6 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-        - 0
         version: "0"
   type: :development
   prerelease: false
@@ -80,8 +64,6 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-        - 0
         version: "0"
   type: :development
   prerelease: false
@@ -93,10 +75,6 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        segments:
-        - 0
-        - 6
-        - 0
         version: 0.6.0
   type: :development
   prerelease: false
@@ -108,8 +86,6 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-        - 0
         version: "0"
   type: :development
   prerelease: false
@@ -121,10 +97,6 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        segments:
-        - 1
-        - 0
-        - 0
         version: 1.0.0
   type: :development
   prerelease: false
@@ -136,10 +108,6 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        segments:
-        - 1
-        - 5
-        - 2
         version: 1.5.2
   type: :development
   prerelease: false
@@ -151,10 +119,6 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-        - 0
-        - 3
-        - 8
         version: 0.3.8
   type: :development
   prerelease: false
@@ -194,6 +158,7 @@ files:
 - lib/sorcery/model/submodules/password_reset.rb
 - lib/sorcery/model/submodules/remember_me.rb
 - lib/sorcery/model/submodules/user_activation.rb
+- sorcery.gemspec
 - spec/Gemfile
 - spec/Gemfile.lock
 - spec/Rakefile
@@ -283,21 +248,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      segments:
-      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      segments:
-      - 0
       version: "0"
 requirements: []
 rubyforge_project:
-rubygems_version: 1.3.7
+rubygems_version: 1.5.0
 signing_key:
 specification_version: 3
 summary: Magical authentication for Rails 3 applications