Module: Authlogic::ActsAsAuthentic::Password::Methods

Defined in:

lib/authlogic/acts_as_authentic/password.rb

Overview

The methods related to the password field.

Class Method Summary

• .included(klass) ⇒ Object

Instance Method Summary

• #password ⇒ Object

  The password.

• #password=(pass) ⇒ Object

  This is a virtual method.

• #reset_password ⇒ Object (also: #randomize_password)

  Resets the password to a random friendly token.

• #reset_password! ⇒ Object (also: #randomize_password!)

  Resets the password to a random friendly token and then saves the record.

• #valid_password?(attempted_password) ⇒ Boolean

  Accepts a raw password to determine if it is the correct password or not.

Class Method Details

.included(klass) ⇒ Object

# File 'lib/authlogic/acts_as_authentic/password.rb', line 120

def self.included(klass)
  klass.class_eval do
    if validate_password_field
      validates_length_of :password, validates_length_of_password_field_options
      validates_confirmation_of :password, validates_confirmation_of_password_field_options
      validates_length_of :password_confirmation, validates_length_of_password_confirmation_field_options
    end
  end
end

Instance Method Details

#password ⇒ Object

The password

# File 'lib/authlogic/acts_as_authentic/password.rb', line 131

def password
  @password
end

#password=(pass) ⇒ Object

This is a virtual method. Once a password is passed to it, it will create new password salt as well as encrypt the password.

# File 'lib/authlogic/acts_as_authentic/password.rb', line 137

def password=(pass)
  return if pass.blank?
  before_password_set
  @password = pass
  send("#{password_salt_field}=", Authlogic::Random.friendly_token) if password_salt_field
  send("#{crypted_password_field}=", crypto_provider.encrypt(*encrypt_arguments(@password, act_like_restful_authentication? ? :restful_authentication : nil)))
  after_password_set
end

#reset_password ⇒ Object Also known as: randomize_password

Resets the password to a random friendly token.

# File 'lib/authlogic/acts_as_authentic/password.rb', line 178

def reset_password
  friendly_token = Authlogic::Random.friendly_token
  self.password = friendly_token
  self.password_confirmation = friendly_token
end

#reset_password! ⇒ Object Also known as: randomize_password!

Resets the password to a random friendly token and then saves the record.

# File 'lib/authlogic/acts_as_authentic/password.rb', line 186

def reset_password!
  reset_password
  save_without_session_maintenance(false)
end

#valid_password?(attempted_password) ⇒ Boolean

Accepts a raw password to determine if it is the correct password or not.

Returns:

• (Boolean)

# File 'lib/authlogic/acts_as_authentic/password.rb', line 147

def valid_password?(attempted_password)
  return false if attempted_password.blank? || send(crypted_password_field).blank?
  
  before_password_verification
  
  crypto_providers = [crypto_provider] + transition_from_crypto_providers
  crypto_providers.each_with_index do |encryptor, index|
    # The arguments_type of for the transitioning from restful_authentication
    arguments_type = (act_like_restful_authentication? && index == 0) ||
      (transition_from_restful_authentication? && index > 0 && encryptor == Authlogic::CryptoProviders::Sha1) ?
      :restful_authentication : nil
    
    if encryptor.matches?(send(crypted_password_field), *encrypt_arguments(attempted_password, arguments_type))
      # If we are transitioning from an older encryption algorithm and the password is still using the old algorithm
      # then let's reset the password using the new algorithm. If the algorithm has a cost (BCrypt) and the cost has changed, update the password with
      # the new cost.
      if index > 0 || (encryptor.respond_to?(:cost_matches?) && !encryptor.cost_matches?(send(crypted_password_field)))
        self.password = attempted_password
        save(false)
      end
      
      after_password_verification
      
      return true
    end
  end
  
  false
end