web47core 1.0.5 → 1.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5a04d24fd691cb32029738a49005457f80c38043f6ffc8718ce6be6f369fdbc7
-  data.tar.gz: 113ee737740d6c85fec57c8c799d01804ea8dd689ea5837933469c2abc2236fc
+  metadata.gz: 7f9275f3f097ae096f3de33a7b387e107d1a0e08fa01ae37d369a22e814db22d
+  data.tar.gz: 3a2080a56ef021eccb2e398ec51f9c1bd474450924c00e1b8a0f82ad6fd13473
 SHA512:
-  metadata.gz: e69873bd07d0b85fab0ddea56caf9198ccedd97d09365d683be0ddb5dd98f371b7c2466e71356bfaf8a654254a33fba847d66c5060860b1726b08458cdd160f9
-  data.tar.gz: e4885a8a85209f77f13d0f103fd9e8f1d61742e3cb7fbf0b3101d6c671afda4eaf0ca5f7ae358e3c7573fd65753015a1fb9744767d8ee5ceff9ecb9449cd7ee7
+  metadata.gz: 9d7013d8e16ae68be5adfe2f8b38a9536d8acb4fda7b7907f0afe1d41c0fcda941a86bcef4c021d079211907c6a9081cdc22a5744eb6f7042fc94a9169edb0d4
+  data.tar.gz: 36bc38a23ee63292623e95d32035d9b7962ff1070c71f91d424ea62a65393f704bdee0544c9fad97ce0f0f1f2495e700559c5b61f9a9a81401d4e02adb3b19e5

data/lib/app/models/concerns/cipher_able.rb

@@ -0,0 +1,51 @@
+#
+# A mixin to help with encrypting data in a secure way
+#
+module CipherAble
+  extend ActiveSupport::Concern
+  # Add to the model
+  def self.included(base)
+    base.class_eval do
+      #
+      # Fields
+      #
+      field :secret_key, type: BSON::Binary
+    end
+  end
+
+  #
+  # Encrypt the given text
+  #
+  def encrypt(text)
+    cipher.encrypt_and_sign(text)
+  rescue StandardError => error
+    App47Logger.log_error("Unable to encrypt text for #{inspect}", error)
+    nil
+  end
+
+  #
+  # Decrypt the given text
+  #
+  def decrypt(text)
+    cipher.decrypt_and_verify(text)
+  rescue StandardError => error
+    App47Logger.log_warn("Unable to decrypt text for #{inspect}", error)
+    nil
+  end
+
+  #
+  # Get the cipher directly
+  #
+  def cipher
+    generate_key if secret_key.blank?
+    ActiveSupport::MessageEncryptor.new(secret_key.data)
+  end
+
+  private
+
+  def generate_key
+    len = ActiveSupport::MessageEncryptor.key_len
+    salt = SecureRandom.random_bytes(len)
+    set secret_key: BSON::Binary.new(ActiveSupport::KeyGenerator.new(id.to_s).generate_key(salt, len))
+  end
+end

data/lib/app/models/concerns/secure_password.rb

@@ -0,0 +1,41 @@
+#
+# Hold onto a secure password supporting both storage (setting) and retrieval ()getting) the password.
+#
+# The security will lie in the key that is offered by the object. By default it will be the ID of the object
+# however it should really use be combined with some other known value like account.id or something
+#
+module SecurePassword
+  extend ActiveSupport::Concern
+  #
+  # Base class extension
+  #
+  def self.included(base)
+    base.class_eval do
+      include CipherAble
+      #
+      # Fields
+      #
+      field :encrypted_password, type: String
+    end
+  end
+
+  #
+  # Retrieve the password
+  #
+  def password
+    cipher.decrypt_and_verify(encrypted_password)
+  rescue StandardError => error
+    App47Logger.log_warn("Unable to retrieve password for #{inspect}", error)
+    nil
+  end
+
+  #
+  # Set the password
+  #
+  def password=(password)
+    set encrypted_password: cipher.encrypt_and_sign(password)
+  rescue StandardError => error
+    App47Logger.log_error("Unable to store password for #{inspect}", error)
+    nil
+  end
+end

data/lib/web47core.rb

@@ -1,5 +1,6 @@
 require 'web47core/config'
 require 'app/models/concerns/app47_logger'
+require 'app/models/concerns/cipher_able'
 require 'app/models/concerns/cdn_url'
 require 'app/models/concerns/email_able'
 require 'app/models/concerns/search_able'
@@ -10,6 +11,7 @@ require 'app/models/concerns/switchboard_able'
 require 'app/models/concerns/core_system_configuration'
 require 'app/models/concerns/core_account'
 require 'app/models/concerns/secure_fields'
+require 'app/models/concerns/secure_password'
 require 'app/models/delayed_job'
 require 'app/models/redis_configuration'
 require 'app/models/notification'

data/lib/web47core/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Web47core
-  VERSION = '1.0.5'
+  VERSION = '1.0.6'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: web47core
 version: !ruby/object:Gem::Version
-  version: 1.0.5
+  version: 1.0.6
 platform: ruby
 authors:
 - Chris Schroeder
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-20 00:00:00.000000000 Z
+date: 2020-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -633,12 +633,14 @@ files:
 - lib/app/models/audit_log.rb
 - lib/app/models/concerns/app47_logger.rb
 - lib/app/models/concerns/cdn_url.rb
+- lib/app/models/concerns/cipher_able.rb
 - lib/app/models/concerns/core_account.rb
 - lib/app/models/concerns/core_system_configuration.rb
 - lib/app/models/concerns/email_able.rb
 - lib/app/models/concerns/role_able.rb
 - lib/app/models/concerns/search_able.rb
 - lib/app/models/concerns/secure_fields.rb
+- lib/app/models/concerns/secure_password.rb
 - lib/app/models/concerns/standard_model.rb
 - lib/app/models/concerns/switchboard_able.rb
 - lib/app/models/concerns/time_zone_able.rb