tachiban 0.8.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d18cad68d32567d0d583c417d817bd6980861ad662a505afd97cdfefe1c71f09
-  data.tar.gz: 720f7cb6014086b2de126283248ed728fabf003a9aa76772798b4e9ee3fbef33
+  metadata.gz: 2b2e100df48cb7de260705114b0c7d282bf2e67f8073442d987cb0295e985d48
+  data.tar.gz: 810a6b68cef7fd9177ef3083b05b0cc083eaecbc26e02b0621194c7f8c582db3
 SHA512:
-  metadata.gz: bb298b0167b10f277c44ef4383c5d28e2e231e1a3ea731aca592c662afca362a42bbc25e55a854c1c330fef750b9d641ec26031a5a8cc412e312168f02ca86c1
-  data.tar.gz: cde4bc49bbef7f438732aff48502daabd750862a8fcf9d1feea9b5495e49e0f45b09952a292ef0ac105467981ec207ea186e3e36728be509528a271ad905718e
+  metadata.gz: b884dd3638bc74fb54ccd11a1957d5fa6d4b32bf5a20aff39cfc300ce794069d4812b1decef520a2f31db2b91e2c4d41424e1747b4892b8321b67c0680dbe4e5
+  data.tar.gz: 64b5a67347b6cfc4c62ef3df0afb8e21305ef140807334ebbf3748fba2d8d9445d014b385735434fa238fb1b441df00b4e341156e78e9650b3df16e962779a91

data/README.md

@@ -2,7 +2,7 @@
 
 [![Join the chat at https://gitter.im/sebastjan-hribar/tachiban](https://badges.gitter.im/sebastjan-hribar/tachiban.svg)](https://gitter.im/sebastjan-hribar/tachiban?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [![Gem Version](https://badge.fury.io/rb/tachiban.svg)](https://badge.fury.io/rb/tachiban) [![Build Status](https://travis-ci.org/sebastjan-hribar/tachiban.svg?branch=master)](https://travis-ci.org/sebastjan-hribar/tachiban)
 
-Tachiban (立ち番 - standing watch) provides simple authentication system for [Hanami web applications](http://hanamirb.org/) by using bcrypt for password hashing and
+Tachiban (立ち番 - standing watch) provides simple authentication system for [Hanami web applications](http://hanamirb.org/) by using Argon2 for password hashing and
 offers the following functionalities (with methods listed below
   under Methods by features):
 - Signup
@@ -182,6 +182,11 @@ password_reset_url_valid?(link_validity)
 
 ### Changelog
 
+#### 1.0.0
+
+BCrypt was replaced by Argon2.
+
+
 #### 0.8.0
 
 Bug fix for determining the validity of the password update linke. Greater than instead of less than was used

data/lib/tachiban/version.rb

@@ -1,3 +1,3 @@
 module Tachiban
-  VERSION = "0.8.0"
+  VERSION = "1.0.0"
 end

data/lib/tachiban.rb

@@ -1,21 +1,24 @@
 require 'tachiban/version'
-require 'bcrypt'
 require 'hanami/controller'
 require 'hanami/action/session'
+require 'argon2'
 
 module Hanami
   module Tachiban
 private
 
+
   # ### Signup ###
 
   # The hashed_password method generates a hashed version of the user's
-  # password. By default it includes a salt and the default cost factor
-  # of 10 provided by BCrypt. Hashed password should be stored in the database
-  # as a user's attribute so it can be retrieved during the login process.
+  # password. Password hashing is provided by Argon2. Hashed password
+  # by default includes a salt and the default cost factorr.
+  #
+  # Hashed password should be stored in the database as an user's
+  # attribute so it can be retrieved during the login process.
 
     def hashed_password(password)
-      BCrypt::Password.create(password)
+      Argon2::Password.create(password)
     end
 
   # ### Login ###
@@ -26,7 +29,7 @@ private
   # - a user's hashed password from the database matches the input password
 
     def authenticated?(input_pass)
-      @user && BCrypt::Password.new(@user.hashed_pass) == input_pass
+      @user && Argon2::Password.verify_password(input_pass, @user.hashed_pass)
     end
 
   # The login method can be used in combination with the authenticated? method to

data/tachiban.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Sebastjan Hribar"]
   spec.email         = ["sebastjan.hribar@gmail.com"]
 
-  spec.summary       = %q{Tachiban provides simple password hashing for user authentication with bcrypt for Hanami web applications.}
+  spec.summary       = %q{Tachiban provides simple password hashing for user authentication with Argon2 for Hanami web applications.}
   spec.homepage      = "https://github.com/sebastjan-hribar/tachiban"
   spec.license       = "MIT"
 
@@ -26,7 +26,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'hanami-router', "~> 1.0"
   spec.add_development_dependency 'pry', "~> 0"
 
-  spec.add_runtime_dependency "bcrypt", "~> 3.1"
+  spec.add_runtime_dependency "argon2", "~> 2.3"
   spec.add_runtime_dependency 'hanami-controller', "~> 1.0"
   spec.add_runtime_dependency 'hanami-router', "~> 1.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tachiban
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Sebastjan Hribar
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-09-15 00:00:00.000000000 Z
+date: 2023-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -129,19 +129,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: bcrypt
+  name: argon2
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '2.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '2.3'
 - !ruby/object:Gem::Dependency
   name: hanami-controller
   requirement: !ruby/object:Gem::Requirement
@@ -212,10 +212,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
-summary: Tachiban provides simple password hashing for user authentication with bcrypt
+summary: Tachiban provides simple password hashing for user authentication with Argon2
   for Hanami web applications.
 test_files: []