mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
add a class method so you can encrypt passwords from fixtures
This commit is contained in:
parent
93f59dd63a
commit
5300bdabc8
2 changed files with 16 additions and 6 deletions
|
@ -2,6 +2,11 @@ require 'devise/strategies/database_authenticatable'
|
||||||
require 'bcrypt'
|
require 'bcrypt'
|
||||||
|
|
||||||
module Devise
|
module Devise
|
||||||
|
# Digests the password using bcrypt.
|
||||||
|
def self.bcrypt(klass, password)
|
||||||
|
::BCrypt::Password.create("#{password}#{klass.pepper}", :cost => klass.stretches).to_s
|
||||||
|
end
|
||||||
|
|
||||||
module Models
|
module Models
|
||||||
# Authenticatable Module, responsible for encrypting password and validating
|
# Authenticatable Module, responsible for encrypting password and validating
|
||||||
# authenticity of a user while signing in.
|
# authenticity of a user while signing in.
|
||||||
|
@ -34,7 +39,7 @@ module Devise
|
||||||
# Generates password encryption based on the given value.
|
# Generates password encryption based on the given value.
|
||||||
def password=(new_password)
|
def password=(new_password)
|
||||||
@password = new_password
|
@password = new_password
|
||||||
self.encrypted_password = password_digest(@password) if @password.present?
|
self.encrypted_password = Devise.bcrypt(self.class, @password) if @password.present?
|
||||||
end
|
end
|
||||||
|
|
||||||
# Verifies whether an password (ie from sign in) is the user password.
|
# Verifies whether an password (ie from sign in) is the user password.
|
||||||
|
@ -120,11 +125,6 @@ module Devise
|
||||||
|
|
||||||
protected
|
protected
|
||||||
|
|
||||||
# Digests the password using bcrypt.
|
|
||||||
def password_digest(password)
|
|
||||||
::BCrypt::Password.create("#{password}#{self.class.pepper}", :cost => self.class.stretches).to_s
|
|
||||||
end
|
|
||||||
|
|
||||||
module ClassMethods
|
module ClassMethods
|
||||||
Devise::Models.config(self, :pepper, :stretches)
|
Devise::Models.config(self, :pepper, :stretches)
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,16 @@ module Devise
|
||||||
end
|
end
|
||||||
|
|
||||||
class DeviseTest < ActiveSupport::TestCase
|
class DeviseTest < ActiveSupport::TestCase
|
||||||
|
test 'bcrypt on the class' do
|
||||||
|
password = "super secret"
|
||||||
|
klass = Struct.new(:pepper, :stretches).new("blahblah", 2)
|
||||||
|
hash = Devise.bcrypt(klass, password)
|
||||||
|
assert_equal hash, Devise.bcrypt(klass, password)
|
||||||
|
|
||||||
|
klass = Struct.new(:pepper, :stretches).new("bla", 2)
|
||||||
|
assert_not_equal hash, Devise.bcrypt(klass, password)
|
||||||
|
end
|
||||||
|
|
||||||
test 'model options can be configured through Devise' do
|
test 'model options can be configured through Devise' do
|
||||||
swap Devise, :allow_unconfirmed_access_for => 113, :pepper => "foo" do
|
swap Devise, :allow_unconfirmed_access_for => 113, :pepper => "foo" do
|
||||||
assert_equal 113, Devise.allow_unconfirmed_access_for
|
assert_equal 113, Devise.allow_unconfirmed_access_for
|
||||||
|
|
Loading…
Reference in a new issue