Sha256: 1d1b4661997eb40cf6bfee6236b5521bf98ca9307d06a747556eb00776d50fbf
Contents?: true
Size: 1.86 KB
Versions: 1
Compression:
Stored size: 1.86 KB
Contents
require 'bcrypt' class Account < CouchRest::Model::Base include CouchdbOAuth2::Model::Base property :email, String property :encrypted_password, String timestamps! view_by :email validates_uniqueness_of :email attr_reader :password def password=(new_password) @password = new_password self.encrypted_password = password_digest(@password) if @password.present? end def valid_password?(password) return false if encrypted_password.blank? bcrypt = ::BCrypt::Password.new(self.encrypted_password) password = ::BCrypt::Engine.hash_secret("#{password}#{self.class.pepper}", bcrypt.salt) Account.secure_compare(password, self.encrypted_password) end def clean_up_passwords self.password = self.password_confirmation = "" end # A reliable way to expose the salt regardless of the implementation. def authenticatable_salt self.encrypted_password[0,29] if self.encrypted_password end def access_tokens AccessToken.view(:by_account_id, :key => self['_id']) end def refresh_tokens RefreshToken.view(:by_account_id, :key => self['_id']) end protected # Downcase case-insensitive keys def downcase_keys (self.class.case_insensitive_keys || []).each { |k| self[k].try(:downcase!) } end # Digests the password using bcrypt. def password_digest(password) ::BCrypt::Password.create("#{password}#{self.class.pepper}", :cost => self.class.stretches).to_s end def self.stretches 5 end def self.pepper '5ad96cc293abadd5322908c597a363205b909c99fab13b59895b6e3fc93540f2f276800d6718fa174c9a9720e1148b4da19ee58c779078efe98ca2c76c8cdd40' end def self.secure_compare(a, b) return false if a.blank? || b.blank? || a.bytesize != b.bytesize l = a.unpack "C#{a.bytesize}" res = 0 b.each_byte { |byte| res |= byte ^ l.shift } res == 0 end end
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
rack-couchdb-oauth2-0.1.0 | lib/couchdb_oauth2/model/account.rb |