RubygemsResearch

Sha256: 82aa56efb5bb0e55bce5237d9bcac81737a73e89522c8a53ece1e44fe78b234c

Contents?: true

Size: 1.92 KB

Versions: 2

Compression:

Stored size: 1.92 KB

# :namespace
module Credentials
  
# Associates a password with the user account.
class Password < ::Credential
  # Virtual attribute: the user's password.
  attr_accessor :password
  validates :password, :confirmation => true, :presence => true

  # Virtual attribute: confirmation for the user's password.
  attr_accessor :password_confirmation

  # A user can have a single password
  validates :user_id, :uniqueness => true

  # Compares the given password against the user's stored password.
  #
  # Returns +true+ for a match, +false+ otherwise.
  def authenticate(password)
    return false unless key
    key == self.class.hash_password(password, key.split('|', 2).first)
  end
  
  # Password virtual attribute.
  def password=(new_password)
    @password = new_password
    salt = self.class.random_salt
    self.key = new_password && self.class.hash_password(new_password, salt)
  end

  # Resets the virtual password attributes.
  def clear_plaintext
    @password = @password_confirmation = nil
  end

  # The authenticated user or nil.
  def self.authenticate_email(email, password)
    email_cred = Credentials::Email.where(:name => email).
                                    includes(:user => :credentials).first
    return nil unless email_cred    
    credential = email_cred.user.credentials.
                            find { |c| c.kind_of? Credentials::Password }
    credential.authenticate(password) ? email_cred.user : nil
  end

  # Computes a password hash from a raw password and a salt.
  def self.hash_password(password, salt)
    salt + '|' + Digest::SHA2.hexdigest(password + salt)
  end
  
  # Generates a random salt value.
  def self.random_salt
    [(0...12).map { |i| 1 + rand(255) }.pack('C*')].pack('m').strip
  end  
end  # class Credentials::Password

end  # namespace Credentials

module Authpwn::UserModel::InstanceMethods
  def password_credential
    credentials.find { |c| c.instance_of?(Credentials::Password) }
  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version	Path
authpwn_rails-0.10.1	lib/authpwn_rails/credentials/password.rb
authpwn_rails-0.10.0	lib/authpwn_rails/credentials/password.rb