Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Modified BCrpytt class to use root level class

  • Loading branch information...
commit 11e5ce17dbf44660d77f4abe76f346aeeb685a4c 1 parent 387c12c
@binarylogic binarylogic authored
View
6 CHANGELOG.rdoc
@@ -1,8 +1,12 @@
+== 1.3.2 released 2008-11-22
+
+* Updated code to work better with BCrypt, using root level class now.
+
== 1.3.1 released 2008-11-22
* Fixed typo in acts_as_authentic config when passing the :scope option.
* Added :act_like_restful_authentication option for acts_as_authentic
-* Added a new crypto provider: BCrypt, this is for the hardcore paranoid, or for those storing the nuclear launch codes in their apps
+* Added a new crypto provider: BCrypt, this is for those storing the nuclear launch codes in their apps
== 1.3.0 released 2008-11-21
View
1  Manifest
@@ -3,6 +3,7 @@ init.rb
lib/authlogic/controller_adapters/abstract_adapter.rb
lib/authlogic/controller_adapters/merb_adapter.rb
lib/authlogic/controller_adapters/rails_adapter.rb
+lib/authlogic/crypto_providers/bcrypt.rb
lib/authlogic/crypto_providers/sha1.rb
lib/authlogic/crypto_providers/sha512.rb
lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb
View
13 README.rdoc
@@ -363,6 +363,19 @@ Obviously there is a little more to it than this, but hopefully this clarifies a
When things come together like this I think its a sign that you are doing something right. Put that in your pipe and smoke it!
+== Migrating from restful_authentication
+
+Migrating from the restful_authentication plugin? I made an option especially for you. Just do the following and everything will be taken care of, your users won't even know anything changed:
+
+ # app/models/user.rb
+ class User < ActiveRecord::Base
+ acts_as_authentic :acts_like_restful_authentication => true
+ end
+
+**What's the difference?**
+
+restful\_authentication uses Sha1 with 10 stretches to encrypt the password. Authlogic uses Sha512 with 20 stretches. Sha512 is stronger and more secure.
+
== Framework agnostic (Rails, Merb, etc.)
I designed Authlogic to be framework agnostic, meaning it doesn't care what framework you use it in. Right out of the box it supports rails and merb. I have not had the opportunity to use other frameworks, but the only thing stopping Authlogic from being used in other frameworks is a simple adapter. Check out controller_adapters/rails_adapter, or controller_adapters/merb_adapter.
View
14 lib/authlogic/crypto_providers/bcrypt.rb
@@ -28,20 +28,28 @@ module CryptoProviders
# Decided BCrypt is for you? Just insall the bcrypt gem:
#
# gem install bcrypt-ruby
- class Bcrypt
+ #
+ # Tell acts_as_authentic to use it:
+ #
+ # acts_as_authentic :crypto_provider => Authlogic::CryptoProviders::BCrypt
+ #
+ # You are good to go!
+ class BCrypt
class << self
+ # This is the :cost option for the BCrpyt library. The higher the cost the more secure it is and the longer is take the generate a hash. By default this is 10.
def cost
@cost ||= 10
end
attr_writer :cost
+ # Creates a BCrypt hash for the password passed.
def encrypt(pass)
- BCrypt::Password.create(pass, :cost => cost)
+ ::BCrypt::Password.create(pass, :cost => cost)
end
# This does not actually decrypt the password, BCrypt is *not* reversible. The way the bcrypt library is set up requires us to do it this way.
def decrypt(crypted_pass)
- BCrypt::Password.create(crypted_pass)
+ ::BCrypt::Password.new(crypted_pass)
end
end
end
View
2  lib/authlogic/version.rb
@@ -44,7 +44,7 @@ def to_a
MAJOR = 1
MINOR = 3
- TINY = 0
+ TINY = 2
# The current version as a Version instance
CURRENT = new(MAJOR, MINOR, TINY)
View
14 test/crypto_provider_tests/bcrypt_test.rb
@@ -0,0 +1,14 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTests
+ class BCrpytTest < ActiveSupport::TestCase
+ def test_encrypt
+ assert Authlogic::CryptoProviders::BCrypt.encrypt("mypass")
+ end
+
+ def test_decrypt
+ hash = Authlogic::CryptoProviders::BCrypt.encrypt("mypass")
+ assert Authlogic::CryptoProviders::BCrypt.decrypt(hash) == "mypass"
+ end
+ end
+end
View
9 test/crypto_provider_tests/sha1_test.rb
@@ -0,0 +1,9 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTests
+ class Sha1Test < ActiveSupport::TestCase
+ def test_encrypt
+ assert Authlogic::CryptoProviders::Sha1.encrypt("mypass")
+ end
+ end
+end
View
9 test/crypto_provider_tests/sha512_test.rb
@@ -0,0 +1,9 @@
+require File.dirname(__FILE__) + '/../test_helper.rb'
+
+module CryptoProviderTests
+ class Sha512Test < ActiveSupport::TestCase
+ def test_encrypt
+ assert Authlogic::CryptoProviders::Sha512.encrypt("mypass")
+ end
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.