/
bcrypt.rb
42 lines (38 loc) · 1.31 KB
/
bcrypt.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
module Clearance
module PasswordStrategies
# Uses BCrypt to authenticate users and store encrypted passwords.
#
# BCrypt has a `cost` argument which determines how computationally
# expensive the hash is to calculate. The higher the cost, the harder it is
# for attackers to crack passwords even if they posess a database dump of
# the encrypted passwords. Clearance uses the `bcrypt-ruby` default cost
# except in the test environment, where it uses the minimum cost value for
# speed. If you wish to increase the cost over the default, you can do so
# by setting a higher cost in an initializer:
# `BCrypt::Engine.cost = 12`
module BCrypt
require 'bcrypt'
def authenticated?(password)
if encrypted_password.present?
::BCrypt::Password.new(encrypted_password) == password
end
end
def password=(new_password)
@password = new_password
if new_password.present?
self.encrypted_password = ::BCrypt::Password.create(
new_password,
cost: configured_bcrypt_cost,
)
end
end
def configured_bcrypt_cost
if defined?(::Rails) && ::Rails.env.test?
::BCrypt::Engine::MIN_COST
else
::BCrypt::Engine.cost
end
end
end
end
end