Contents

# frozen_string_literal: true

module Maquina
  module RetainPasswords
    extend ActiveSupport::Concern

    included do
      validate :password_uniqueness, if: ->(user) { user.password_digest_changed? }
      after_create :store_password_digest
      after_update :store_password_digest, if: ->(user) { user.previous_changes.has_key?(:password_digest) }

      private

      def password_uniqueness
        return if Maquina.configuration.password_retain_count.blank? || Maquina.configuration.password_retain_count.zero?

        used_before = Maquina::UsedPassword.where(user: self).detect do |used_password|
          bcrypt = ::BCrypt::Password.new(used_password.password_digest)
          hashed_value = ::BCrypt::Engine.hash_secret(password, bcrypt.salt)

          ActiveSupport::SecurityUtils.secure_compare(hashed_value, used_password.password_digest)
        end

        errors.add(:password, :password_already_used) if used_before.present?
      end

      def store_password_digest
        Maquina::UsedPassword.store_password_digest(id, password_digest)
      end
    end
  end
end

Version data entries

11 entries across 11 versions & 1 rubygems

Version	Path
maquina-0.5.2	app/models/concerns/maquina/retain_passwords.rb
maquina-0.5.1	app/models/concerns/maquina/retain_passwords.rb
maquina-0.4.0	app/models/concerns/maquina/retain_passwords.rb
maquina-0.3.0	app/models/concerns/maquina/retain_passwords.rb
maquina-0.2.5	app/models/concerns/maquina/retain_passwords.rb
maquina-0.2.4	app/models/concerns/maquina/retain_passwords.rb
maquina-0.2.3	app/models/concerns/maquina/retain_passwords.rb
maquina-0.2.2	app/models/concerns/maquina/retain_passwords.rb
maquina-0.2.1	app/models/concerns/maquina/retain_passwords.rb
maquina-0.2.0	app/models/concerns/maquina/retain_passwords.rb
maquina-0.1.0	app/models/concerns/maquina/retain_passwords.rb