1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00

add a class method so you can encrypt passwords from fixtures

This commit is contained in:
Aaron Patterson 2013-08-28 11:23:41 -07:00 committed by Vasiliy Ermolovich
parent 93f59dd63a
commit 5300bdabc8
2 changed files with 16 additions and 6 deletions

View file

@ -2,6 +2,11 @@ require 'devise/strategies/database_authenticatable'
require 'bcrypt' require 'bcrypt'
module Devise module Devise
# Digests the password using bcrypt.
def self.bcrypt(klass, password)
::BCrypt::Password.create("#{password}#{klass.pepper}", :cost => klass.stretches).to_s
end
module Models module Models
# Authenticatable Module, responsible for encrypting password and validating # Authenticatable Module, responsible for encrypting password and validating
# authenticity of a user while signing in. # authenticity of a user while signing in.
@ -34,7 +39,7 @@ module Devise
# Generates password encryption based on the given value. # Generates password encryption based on the given value.
def password=(new_password) def password=(new_password)
@password = new_password @password = new_password
self.encrypted_password = password_digest(@password) if @password.present? self.encrypted_password = Devise.bcrypt(self.class, @password) if @password.present?
end end
# Verifies whether an password (ie from sign in) is the user password. # Verifies whether an password (ie from sign in) is the user password.
@ -120,11 +125,6 @@ module Devise
protected protected
# Digests the password using bcrypt.
def password_digest(password)
::BCrypt::Password.create("#{password}#{self.class.pepper}", :cost => self.class.stretches).to_s
end
module ClassMethods module ClassMethods
Devise::Models.config(self, :pepper, :stretches) Devise::Models.config(self, :pepper, :stretches)

View file

@ -11,6 +11,16 @@ module Devise
end end
class DeviseTest < ActiveSupport::TestCase class DeviseTest < ActiveSupport::TestCase
test 'bcrypt on the class' do
password = "super secret"
klass = Struct.new(:pepper, :stretches).new("blahblah", 2)
hash = Devise.bcrypt(klass, password)
assert_equal hash, Devise.bcrypt(klass, password)
klass = Struct.new(:pepper, :stretches).new("bla", 2)
assert_not_equal hash, Devise.bcrypt(klass, password)
end
test 'model options can be configured through Devise' do test 'model options can be configured through Devise' do
swap Devise, :allow_unconfirmed_access_for => 113, :pepper => "foo" do swap Devise, :allow_unconfirmed_access_for => 113, :pepper => "foo" do
assert_equal 113, Devise.allow_unconfirmed_access_for assert_equal 113, Devise.allow_unconfirmed_access_for