Tidying up encryptors.

CHANGELOG.rdoc

@@ -1,6 +1,6 @@
 * enhancements
-  * Moved encryption strategy into the Encryptors module to allow several algorithms
-  * Implemented encryptors for Clearance, Authlogic and Restful-Authentication
+  * Moved encryption strategy into the Encryptors module to allow several algorithms (by github.com/mhfs)
+  * Implemented encryptors for Clearance, Authlogic and Restful-Authentication (by github.com/mhfs)
 
 == 0.4.3
 

README.rdoc

@@ -27,7 +27,7 @@ All gems are on gemcutter, so you need to add gemcutter to your sources if you h
 
   sudo gem sources -a http://gemcutter.org/
 
-Install warden gem if you don't have it installed (requires 0.5.1 or higher):
+Install warden gem if you don't have it installed (requires 0.5.2 or higher):
 
   sudo gem install warden
 
@@ -236,6 +236,12 @@ Devise implements encryption strategies for Clearance, Authlogic and Restful-Aut
 
 Please refer to TODO file.
 
+== Contributors
+
+* José Valim (http://github.com/josevalim)
+* Carlos Antônio da Silva (http://github.com/carlosantoniodasilva)
+* Marcelo Silveira (http://github.com/mhfs)
+
 == Bugs and Feedback
 
 If you discover any bugs or want to drop a line, feel free to create an issue on

TODO

@@ -3,6 +3,3 @@
 * Use request_ip in session cookies
 * Devise::BruteForceProtection
 * Devise::MagicColumns
-* Improve Generators to pass modules as arguments
-* Different cryptography providers
-* Devise::Invitable

app/controllers/confirmations_controller.rb

@@ -18,7 +18,7 @@ class ConfirmationsController < ApplicationController
     end
   end
 
-  # GET /resource/confirmation?perishable_token=abcdef
+  # GET /resource/confirmation?confirmation_token=abcdef
   def show
     self.resource = resource_class.confirm!(:confirmation_token => params[:confirmation_token])
 

app/controllers/passwords_controller.rb

@@ -20,7 +20,7 @@ class PasswordsController < ApplicationController
     end
   end
 
-  # GET /resource/password/edit?perishable_token=abcdef
+  # GET /resource/password/edit?reset_password_token=abcdef
   def edit
     self.resource = resource_class.new
     resource.reset_password_token = params[:reset_password_token]

generators/devise/templates/migration.rb

@@ -1,7 +1,7 @@
 class DeviseCreate<%= table_name.camelize %> < ActiveRecord::Migration
   def self.up
     create_table(:<%= table_name %>) do |t|
-      t.authenticatable
+      t.authenticatable :encryptor => :sha1
       t.confirmable
       t.recoverable
       t.rememberable

generators/devise_install/templates/devise.rb

@@ -8,15 +8,12 @@ Devise.setup do |config|
   # Configure how many times you want the password is reencrypted. Default is 10.
   # config.stretches = 10
 
-  # Define what will be the encryption algorithm. Sha1 is the default.
-  # Supported encryptions:
-  #  ::Devise::Encryptors::Sha1
-  #  ::Devise::Encryptors::Sha512
-  #  ::Devise::Encryptors::ClearanceSha1
-  #  ::Devise::Encryptors::AuthlogicSha512 (Should set stretches to 20 for default behavior)
-  #  ::Devise::Encryptors::RestfulAuthenticationSha1 (Should set stretches to 10 and copy REST_AUTH_SITE_KEY to pepper 
-  #    for default behavior)
-  # config.encryptor = ::Devise::Encryptors::Sha1
+  # Define which will be the encryption algorithm. Supported algorithms are :sha1
+  # (default) and :sha512. Devise also supports encryptors from others authentication
+  # frameworks as :clearance_sha1, :authlogic_sha512 (then you should set stretches
+  # above to 20 for default behavior) and :restful_authentication_sha1 (then you
+  # should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
+  # config.encryptor = :sha1
 
   # The time you want give to your user to confirm his account. During this time
   # he will be able to access your application without confirming. Default is nil.

lib/devise.rb

@@ -18,14 +18,19 @@ module Devise
     :unconfirmed => :failure
   }
 
+  # Declare encryptors length which are used in migrations.
+  ENCRYPTORS_LENGTH = {
+    :sha1   => 40,
+    :sha512 => 128,
+    :clearance_sha1 => 40,
+    :restful_authentication_sha1 => 40,
+    :authlogic_sha512 => 128
+  }
+
   # Used to encrypt password. Please generate one with rake secret
   mattr_accessor :pepper
   @@pepper = nil
   
-  # Used to define the password encryption algorithm
-  mattr_accessor :encryptor
-  @@encryptor = ::Devise::Encryptors::Sha1
-  
   # The number of times to encrypt password.
   mattr_accessor :stretches
   @@stretches = 10
@@ -38,6 +43,17 @@ module Devise
   mattr_accessor :confirm_within
   @@confirm_within = 0.days
 
+  # Used to define the password encryption algorithm.
+  def self.encryptor=(value)
+    @@encryptor = if value.is_a?(Symbol)
+      ::Devise::Encryptors.const_get(value.to_s.classify)
+    else
+      value
+    end
+  end
+  mattr_reader :encryptor
+  @@encryptor = ::Devise::Encryptors::Sha1
+
   # Store scopes mappings.
   mattr_accessor :mappings
   @@mappings = {}

lib/devise/encryptors/sha1.rb

@@ -1,4 +1,4 @@
-require 'digest/sha1'
+require "digest/sha1"
 
 module Devise
   # Implements a way of adding different encryptions.

lib/devise/migrations.rb

@@ -19,11 +19,17 @@ module Devise
 
     # Creates email, encrypted_password and password_salt.
     #
+    # == Options
+    # * :null when true, allow columns to be null
+    # * :encryptor The encryptor going to be used, necessary for setting the proper encrypter password length
+    #
     def authenticatable(options={})
       null = options[:null] || false
-      string :email,              :limit => 100, :null => null
-      string :encrypted_password, :limit => 128, :null => null
-      string :password_salt,      :limit =>  20, :null => null
+      encryptor = options[:encryptor] || :sha1
+
+      string :email,              :null => null, :limit => 100
+      string :encrypted_password, :null => null, :limit => Devise::ENCRYPTORS_LENGTH[encryptor]
+      string :password_salt,      :null => null, :limit => 20
     end
 
     # Creates confirmation_token, confirmed_at and confirmation_sent_at.

test/encryptors_test.rb

@@ -18,4 +18,11 @@ class Encryptors < ActiveSupport::TestCase
     assert_equal clearance, encryptor
   end
 
+  Devise::ENCRYPTORS_LENGTH.each do |key, value|
+    test "should have length #{value} for #{key.inspect}" do
+      swap Devise, :encryptor => key do
+        assert_equal value, Devise.encryptor.digest('a', 2, 'b', 'c').size
+      end
+    end
+  end
 end