Sha256: e708ed6ddc9bae738df37b93191c651c1d7988e43b0ce2659780e50be7eecc2d
Contents?: true
Size: 1.47 KB
Versions: 1
Compression:
Stored size: 1.47 KB
Contents
require 'openssl' require 'base64' module Clearance module PasswordStrategies module Blowfish DEPRECATION_MESSAGE = "[DEPRECATION] The Blowfish password strategy " \ "has been deprecated and will be removed from Clearance 2.0. BCrypt " \ "is the only officially supported strategy, though you are free to " \ "provide your own. To continue using this strategy add " \ "clearance-deprecated_password_strategies to your Gemfile." def authenticated?(password) warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}" encrypted_password == encrypt(password) end def password=(new_password) warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}" @password = new_password initialize_salt_if_necessary if new_password.present? self.encrypted_password = encrypt(new_password) end end protected def encrypt(string) generate_hash("--#{salt}--#{string}--") end def generate_hash(string) cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').encrypt cipher.key = Digest::SHA256.digest(salt) hash = cipher.update(string) << cipher.final Base64.encode64(hash).encode('utf-8') end def initialize_salt_if_necessary if salt.blank? self.salt = generate_salt end end def generate_salt Base64.encode64(SecureRandom.hex(20)).encode('utf-8') end end end end
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
clearance-1.10.1 | lib/clearance/password_strategies/blowfish.rb |