2014-03-25 13:44:40 +00:00
|
|
|
require 'bcrypt'
|
|
|
|
|
|
|
|
module Devise
|
|
|
|
module Encryptor
|
|
|
|
def self.digest(klass, password)
|
|
|
|
if klass.pepper.present?
|
|
|
|
password = "#{password}#{klass.pepper}"
|
|
|
|
end
|
|
|
|
::BCrypt::Password.create(password, cost: klass.stretches).to_s
|
|
|
|
end
|
|
|
|
|
2016-02-10 19:00:49 +00:00
|
|
|
def self.compare(klass, hashed_password, password)
|
|
|
|
return false if hashed_password.blank?
|
|
|
|
bcrypt = ::BCrypt::Password.new(hashed_password)
|
2014-03-25 13:44:40 +00:00
|
|
|
if klass.pepper.present?
|
|
|
|
password = "#{password}#{klass.pepper}"
|
|
|
|
end
|
|
|
|
password = ::BCrypt::Engine.hash_secret(password, bcrypt.salt)
|
2016-02-10 19:00:49 +00:00
|
|
|
Devise.secure_compare(password, hashed_password)
|
2014-03-25 13:44:40 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|