Sha256: 3b01a07cea34ca418f2c7cc592afbc681e6f82b466367794b2710ba94f4e9f61
Contents?: true
Size: 1.39 KB
Versions: 7
Compression:
Stored size: 1.39 KB
Contents
# frozen_string_literal: true
module MinimalistAuthentication
class Password
class << self
# Create a bcrypt password hash with a calibrated cost factor.
def create(secret)
new ::BCrypt::Engine.hash_secret(secret, BCrypt::Engine.generate_salt(cost))
end
# Cache the calibrated bcrypt cost factor.
def cost
@cost ||= calibrate_cost
end
private
# Calibrates cost so that new user passwords can automatically take
# advantage of faster server hardware in the future.
# Sets cost to BCrypt::Engine::MIN_COST in the test environment
def calibrate_cost
::Rails.env.test? ? ::BCrypt::Engine::MIN_COST : ::BCrypt::Engine.calibrate(750)
end
end
attr_accessor :bcrypt_password
# Returns a password object wrapping a valid BCrypt password or a NullPassword
def initialize(password_hash)
self.bcrypt_password = ::BCrypt::Password.new(password_hash)
rescue ::BCrypt::Errors::InvalidHash
self.bcrypt_password = NullPassword.new
end
# Delegate methods to bcrypt_password
delegate :==, :to_s, :cost, to: :bcrypt_password
# Temporary access to checksum and salt for backwards compatibility
delegate :checksum, :salt, to: :bcrypt_password
# Checks if the password_hash cost factor is less than the current cost.
def stale?
cost < self.class.cost
end
end
end
Version data entries
7 entries across 7 versions & 1 rubygems