class PasswordRehasher
Constants
- VERSION
Public Class Methods
hash_password(plaintext_password)
click to toggle source
# File lib/password_rehasher.rb, line 33 def self.hash_password(plaintext_password) SCrypt::Password.create(plaintext_password).to_s end
nested_hash(sha1_password)
click to toggle source
# File lib/password_rehasher.rb, line 37 def self.nested_hash(sha1_password) "nested hash: #{SCrypt::Password.create(sha1_password)}" end
password_valid?(plaintext_password, hashed_password, salt = nil)
click to toggle source
# File lib/password_rehasher.rb, line 7 def self.password_valid?(plaintext_password, hashed_password, salt = nil) return false if plaintext_password.nil? || hashed_password.nil? case hashed_password.length when 40 return false unless salt hashed_password == Digest::SHA1.hexdigest("--#{salt}--#{plaintext_password}--") when 90 password = SCrypt::Password.new(hashed_password) password == plaintext_password when 103 return false unless salt scrypt_plus_sha1_hash = hashed_password[13..-1] sha1_hashed_password = Digest::SHA1.hexdigest("--#{salt}--#{plaintext_password}--") password = SCrypt::Password.new(scrypt_plus_sha1_hash) password == sha1_hashed_password else false end end
rehash_needed?(hashed_password)
click to toggle source
# File lib/password_rehasher.rb, line 28 def self.rehash_needed?(hashed_password) return false if hashed_password.nil? hashed_password.length != 90 end
validate_and_rehash?(user, plaintext_password, hashed_password)
click to toggle source
# File lib/password_rehasher.rb, line 41 def self.validate_and_rehash?(user, plaintext_password, hashed_password) if password_valid?(plaintext_password, hashed_password, user.salt) if (rehash_needed?(hashed_password)) user.update_attribute("crypted_password", hash_password(plaintext_password)) end return true else return false end end