mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
a8769933d1
This logic is generic and reusable -- hash a secret; and take an unhashed secret and compare it to a hashed secret. This breaks this out to make it reusable in other places. Specifically, we use this in our own token auth at Bonobos that we plan to split out as a Devise extension. This will make that possible without copy & pasting this code.
22 lines
656 B
Ruby
22 lines
656 B
Ruby
require 'bcrypt'
|
|
|
|
module Devise
|
|
module Encryptor
|
|
def self.digest(klass, password)
|
|
if klass.pepper.present?
|
|
password = "#{password}#{klass.pepper}"
|
|
end
|
|
::BCrypt::Password.create(password, cost: klass.stretches).to_s
|
|
end
|
|
|
|
def self.compare(klass, encrypted_password, password)
|
|
return false if encrypted_password.blank?
|
|
bcrypt = ::BCrypt::Password.new(encrypted_password)
|
|
if klass.pepper.present?
|
|
password = "#{password}#{klass.pepper}"
|
|
end
|
|
password = ::BCrypt::Engine.hash_secret(password, bcrypt.salt)
|
|
Devise.secure_compare(password, encrypted_password)
|
|
end
|
|
end
|
|
end
|