Ensure all encryptor returns a symbol. Get the class using encryptor_class.

2022-11-09 12:18:31 -05:00 · 2009-11-22 22:32:54 -02:00 · 2009-11-22 22:32:54 -02:00 · a016819de8
commit a016819de8
parent 0b48772562
9 changed files with 34 additions and 46 deletions
--- a/lib/devise.rb
+++ b/lib/devise.rb
@ -46,15 +46,8 @@ module Devise
  @@confirm_within = 0.days

  # Used to define the password encryption algorithm.
-  def self.encryptor=(value)
-    @@encryptor = if value.is_a?(Symbol)
-      ::Devise::Encryptors.const_get(value.to_s.classify)
-    else
-      value
-    end
-  end
-  mattr_reader :encryptor
-  @@encryptor = ::Devise::Encryptors::Sha1
+  mattr_accessor :encryptor
+  @@encryptor = :sha1

  # Store scopes mappings.
  mattr_accessor :mappings
--- a/lib/devise/models.rb
+++ b/lib/devise/models.rb
@ -19,12 +19,6 @@ module Devise
    def self.config(mod, *accessors) #:nodoc:
      accessors.each do |accessor|
        mod.class_eval <<-METHOD, __FILE__, __LINE__
-          def #{accessor}
-            self.class.#{accessor}
-          end
-        METHOD
-
-        mod.const_get(:ClassMethods).class_eval <<-METHOD, __FILE__, __LINE__
          def #{accessor}
            if defined?(@#{accessor})
              @#{accessor}
--- a/lib/devise/models/authenticatable.rb
+++ b/lib/devise/models/authenticatable.rb
@ -54,9 +54,9 @@ module Devise

      protected

-        # Digests the password using the configured encryptor
+        # Digests the password using the configured encryptor.
        def password_digest(password)
-          encryptor.digest(password, stretches, password_salt, pepper)
+          self.class.encryptor_class.digest(password, self.class.stretches, password_salt, self.class.pepper)
        end

      module ClassMethods
@ -104,9 +104,14 @@ module Devise
          raise "#{self} cannot serialize from #{klass} session since it's not its ancestors" unless klass <= self
          klass.find(:first, :conditions => { :id => id })
        end
-      end

-      Devise::Models.config(self, :pepper, :stretches, :encryptor, :authentication_keys)
+        # Returns the class for the configured encryptor.
+        def encryptor_class
+          @encryptor_class ||= ::Devise::Encryptors.const_get(encryptor.to_s.classify)
+        end
+
+        Devise::Models.config(self, :pepper, :stretches, :encryptor, :authentication_keys)
+      end
    end
  end
 end
--- a/lib/devise/models/confirmable.rb
+++ b/lib/devise/models/confirmable.rb
@ -101,7 +101,7 @@ module Devise
        #
        def confirmation_period_valid?
          confirmation_sent_at &&
-            ((Time.now.utc - confirmation_sent_at.utc) < confirm_within)
+            ((Time.now.utc - confirmation_sent_at.utc) < self.class.confirm_within)
        end

        # Checks whether the record is confirmed or not, yielding to the block
@ -124,7 +124,6 @@ module Devise
        end

      module ClassMethods
-
        # Attempt to find a user by it's email. If a record is found, send new
        # confirmation instructions to it. If not user is found, returns a new user
        # with an email not found error.
@ -148,9 +147,9 @@ module Devise
          end
          confirmable
        end
-      end

-      Devise::Models.config(self, :confirm_within)
+        Devise::Models.config(self, :confirm_within)
+      end
    end
  end
 end
--- a/lib/devise/models/recoverable.rb
+++ b/lib/devise/models/recoverable.rb
@ -57,7 +57,6 @@ module Devise
        end

      module ClassMethods
-
        # Attempt to find a user by it's email. If a record is found, send new
        # password instructions to it. If not user is found, returns a new user
        # with an email not found error.
--- a/lib/devise/models/rememberable.rb
+++ b/lib/devise/models/rememberable.rb
@ -70,11 +70,10 @@ module Devise

      # Remember token expires at created time + remember_for configuration
      def remember_expires_at
-        remember_created_at + remember_for
+        remember_created_at + self.class.remember_for
      end

      module ClassMethods
-
        # Create the cookie key using the record id and remember_token
        def serialize_into_cookie(rememberable)
          "#{rememberable.id}::#{rememberable.remember_token}"
@ -86,9 +85,9 @@ module Devise
          rememberable = find_by_id(rememberable_id) if rememberable_id
          rememberable if rememberable.try(:valid_remember_token?, remember_token)
        end
-      end

-      Devise::Models.config(self, :remember_for)
+        Devise::Models.config(self, :remember_for)
+      end
    end
  end
 end
--- a/test/encryptors_test.rb
+++ b/test/encryptors_test.rb
@ -21,7 +21,7 @@ class Encryptors < ActiveSupport::TestCase
  Devise::ENCRYPTORS_LENGTH.each do |key, value|
    test "should have length #{value} for #{key.inspect}" do
      swap Devise, :encryptor => key do
-        assert_equal value, Devise.encryptor.digest('a', 2, 'b', 'c').size
+        assert_equal value, Devise::Encryptors.const_get(key.to_s.classify).digest('a', 2, 'b', 'c').size
      end
    end
  end
--- a/test/models/authenticatable_test.rb
+++ b/test/models/authenticatable_test.rb
@ -3,7 +3,7 @@ require 'digest/sha1'

 class AuthenticatableTest < ActiveSupport::TestCase

-  def encrypt_password(user, pepper=User.pepper, stretches=User.stretches, encryptor = ::Devise::Encryptors::Sha1)
+  def encrypt_password(user, pepper=User.pepper, stretches=User.stretches, encryptor=::Devise::Encryptors::Sha1)
    encryptor.digest('123456', stretches, user.password_salt, pepper)
  end

@ -82,24 +82,23 @@ class AuthenticatableTest < ActiveSupport::TestCase
  end

  test 'should fallback to devise stretches default configuring' do
-    begin
-      default_stretches = Devise.stretches
-      Devise.stretches = 1
+    swap Devise, :stretches => 1 do
      user = new_user
      assert_equal encrypt_password(user, nil, 1), user.encrypted_password
      assert_not_equal encrypt_password(user, nil, 2), user.encrypted_password
-    ensure
-      Devise.stretches = default_stretches
    end
  end

  test 'should respect encryptor configuration' do
-    begin
-      Devise.encryptor = ::Devise::Encryptors::Sha512
-      user = create_user
-      assert_equal user.encrypted_password, encrypt_password(user, User.pepper, User.stretches, ::Devise::Encryptors::Sha512)
-    ensure
-      Devise.encryptor = ::Devise::Encryptors::Sha1
+    User.instance_variable_set(:@encryptor_class, nil)
+
+    swap Devise, :encryptor => :sha512 do
+      begin
+        user = create_user
+        assert_equal user.encrypted_password, encrypt_password(user, User.pepper, User.stretches, ::Devise::Encryptors::Sha512)
+      ensure
+        User.instance_variable_set(:@encryptor_class, nil)
+      end
    end
  end

--- a/test/models_test.rb
+++ b/test/models_test.rb
@ -90,19 +90,19 @@ class ActiveRecordTest < ActiveSupport::TestCase
  end

  test 'set a default value for stretches' do
-    assert_equal 15, Configurable.new.stretches
+    assert_equal 15, Configurable.stretches
  end

  test 'set a default value for pepper' do
-    assert_equal 'abcdef', Configurable.new.pepper
+    assert_equal 'abcdef', Configurable.pepper
  end

  test 'set a default value for confirm_within' do
-    assert_equal 5.days, Configurable.new.confirm_within
+    assert_equal 5.days, Configurable.confirm_within
  end

  test 'set a default value for remember_for' do
-    assert_equal 7.days, Configurable.new.remember_for
+    assert_equal 7.days, Configurable.remember_for
  end

  test 'set null fields on migrations' do