Class: Aikotoba::Account::Password::Argon2

Inherits:

Object

• Object
• Aikotoba::Account::Password::Argon2

Defined in:

app/models/aikotoba/account/password/argon2.rb

Instance Method Summary

• #generate_hash ⇒ Object
• #initialize(password:) ⇒ Argon2 constructor

  A new instance of Argon2.

• #verify_password?(digest) ⇒ Boolean

Constructor Details

#initialize(password:) ⇒ Argon2

Returns a new instance of Argon2.

# File 'app/models/aikotoba/account/password/argon2.rb', line 7

def initialize(password:)
  @password = password
end

Instance Method Details

#generate_hash ⇒ Object

# File 'app/models/aikotoba/account/password/argon2.rb', line 17

def generate_hash
  # NOTE: Adjusted to be OWASAP's recommended value by default.
  # > Use Argon2id with a minimum configuration of 15 MiB of memory, an iteration count of 2, and 1 degree of parallelism.
  # > https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#introduction
  argon = Argon2::Password.new(t_cost: 2, m_cost: 14, p_cost: 1)
  argon.create(@password)
end

#verify_password?(digest) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/aikotoba/account/password/argon2.rb', line 11

def verify_password?(digest)
  Argon2::Password.verify_password(@password, digest)
rescue Argon2::ArgonHashFail # NOTE: If an invalid digest is passed, consider it a mismatch.
  false
end