Permalink
Browse files

New Devise Strategy encryptor to add compatibility with previous vers…

…ions of salva authentication
  • Loading branch information...
1 parent a58e6e1 commit e0945ef270c8fe89868e350e638c45d1880dc2a1 Ramón Martínez Olvera committed Feb 23, 2012
Showing with 25 additions and 4 deletions.
  1. +6 −2 app/models/user.rb
  2. +3 −2 config/initializers/devise.rb
  3. +16 −0 lib/salva/salva_sha512.rb
View
@@ -1,11 +1,15 @@
class User < ActiveRecord::Base
extend LDAP::Helpers::UserModel
extend Aleph::Helpers::UserModel
-
+
if ldap_enabled?
devise :ldap_authenticatable, :timeoutable, :lockable
else
- devise :database_authenticatable, :timeoutable, :lockable
+ # Uncomment this line if you are using a new database
+ # devise :database_authenticatable, :timeoutable, :lockable
+
+ # Comment this line if uncomment the previous line, it is useful for users with previous versions of salva
+ devise :database_authenticatable, :timeoutable, :lockable, :encryptable, :encryptor => :salva_sha512, :stretches => 40
end
# Setup accessible (or protected) attributes for your model
@@ -1,5 +1,6 @@
# Use this hook to configure devise mailer, warden hooks and so forth. The first
# four configuration values can also be set straight in your models.
+require File.join(Rails.root, "lib/salva/salva_sha512")
Devise.setup do |config|
# ==> LDAP Configuration
if File.exist? "#{Rails.root.to_s}/config/ldap.yml"
@@ -50,13 +51,13 @@
# ==> Configuration for :database_authenticatable
# For bcrypt, this is the cost for hashing the password and defaults to 10. If
# using other encryptors, it sets how many times you want the password re-encrypted.
- config.stretches = Rails.env.test? ? 1 : 10
+ config.stretches = Rails.env.test? ? 1 : 40
# Define which will be the encryption algorithm. Devise also supports encryptors
# from others authentication tools as :clearance_sha1, :authlogic_sha512 (then
# you should set stretches above to 20 for default behavior) and :restful_authentication_sha1
# (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
- config.encryptor = :bcrypt
+ config.encryptor = :salva_sha512
# Setup a pepper to generate the encrypted password.
config.pepper = "6d5fd821005a1bd59c44fdbaed84155c2a6c3adc014c39b2d2a3d5e6429c82fd6ae8a41fb7f8e7615456539aa2834fdbfcbdf0601264c26a713f44a77c871b26"
View
@@ -0,0 +1,16 @@
+require "digest/sha2"
+module Devise
+ module Encryptors
+ # = SalvaSha512
+ # Simulates Authlogic's default encryption mechanism.
+ # Warning: it uses Devise's stretches configuration to port Salva's one. Should be set to 40 in the initializer to simulate
+ # the default behavior.
+ class SalvaSha512 < Base
+ # Generates a default password digest based on salt, pepper and the
+ # incoming password.
+ def self.digest(password, stretches, salt, pepper)
+ Digest::SHA512.hexdigest(password + salt)
+ end
+ end
+ end
+end

0 comments on commit e0945ef

Please sign in to comment.