Module: Negroni::Models::Authenticable

Extended by:

ActiveSupport::Concern

Defined in:

lib/negroni/models/authenticable.rb

Overview

The ‘Authenticable` module should be included in any application classes that should be authenticable via a JSON web token.

This module makes a few assumptions about your class:

* It has an `email` attribute

Defined Under Namespace

Modules: ClassMethods

Updating a Record

• #destroy_with_password(current_password) ⇒ Object

  Destroy record when :current_password matches, otherwise returns error on :current_password.

• #update_with_password(params, *options) ⇒ Object

  Update record attributes when :current_password matches, otherwise returns error on :current_password.

• #update_without_password(params, *options) ⇒ Object

  Updates record attributes without asking for the current password.

Authentication Methods

• #authenticate(unencrypted_password) ⇒ Boolean

  Authenticates the including class with ‘unencrypted_password`.

• #authenticate!(unencrypted_password) ⇒ Boolean

  Authenticates the including class with ‘unencrypted_password`.

Class Method Summary

• .required_fields(klass) ⇒ Object

  Required fields for this module.

Instance Method Summary

• #authenticable_salt ⇒ String

  Reliably returns the salt, regardless of implementation.

• #password=(new_password) ⇒ Object

  Generates a hashed password based on the given value.

• #valid_password?(password) ⇒ Boolean

  Checks if a password is valid for the given instance.

Class Method Details

.required_fields(klass) ⇒ Object

Required fields for this module

# File 'lib/negroni/models/authenticable.rb', line 26

def self.required_fields(klass)
  [:password_digest] + klass.authentication_keys
end

Instance Method Details

#authenticable_salt ⇒ String

Reliably returns the salt, regardless of implementation

Returns:

• (String)

# File 'lib/negroni/models/authenticable.rb', line 136

def authenticable_salt
  password_digest[0, 29] if password_digest
end

#authenticate(unencrypted_password) ⇒ Boolean

Authenticates the including class with ‘unencrypted_password`.

Parameters:

• unencrypted_password (String) —

  the password to auth against

Returns:

• (Boolean) —

  if the user is successfully authenticated

# File 'lib/negroni/models/authenticable.rb', line 115

def authenticate(unencrypted_password)
  valid_password?(unencrypted_password) && self
end

#authenticate!(unencrypted_password) ⇒ Boolean

Authenticates the including class with ‘unencrypted_password`.

Parameters:

• unencrypted_password (String) —

  the password to auth against

Returns:

• (Boolean) —

  if the user is successfully authenticated

Raises:

• (ActiveRecord::RecordNotFound) —

  if the user is not successfully authenticated

# File 'lib/negroni/models/authenticable.rb', line 127

def authenticate!(unencrypted_password)
  authenticate(unencrypted_password) || raise('Bad password!')
end

#destroy_with_password(current_password) ⇒ Object

Destroy record when :current_password matches, otherwise returns error on :current_password. It also automatically rejects :current_password if it is blank.

Parameters:

• current_password (String) —

  the current password for the record

# File 'lib/negroni/models/authenticable.rb', line 95

def destroy_with_password(current_password)
  result = if valid_password?(current_password)
             destroy # rubocop:disable Rails/SaveBang
           else
             valid?
             message = current_password.blank? ? :blank : :invalid
             errors.add(:current_password, message)
             false
           end

  result
end

#password=(new_password) ⇒ Object

Generates a hashed password based on the given value.

# File 'lib/negroni/models/authenticable.rb', line 31

def password=(new_password)
  @password = new_password
  self.password_digest = digest_password(@password) if @password.present?
end

#update_with_password(params, *options) ⇒ Object

Update record attributes when :current_password matches, otherwise returns error on :current_password.

This method also rejects the password field if it is blank (allowing users to change relevant information like the e-mail without changing their password). In case the password field is rejected, the confirmation is also rejected as long as it is also blank.

Parameters:

• params (Hash) —

  params from the controller

• options (Hash) —

  a hash of options

# File 'lib/negroni/models/authenticable.rb', line 53

def update_with_password(params, *options)
  current_password = params.delete :current_password

  params = _sanitize_password_params(params)

  result = if valid_password?(current_password)
             update_attributes(params, *options)
           else
             _invalid_update(current_password, params, *options)
           end

  clean_up_passwords
  result
end

#update_without_password(params, *options) ⇒ Object

Updates record attributes without asking for the current password. Never allows a change to the current password. If you are using this method, you should probably override this method to protect other attributes you would not like to be updated without a password.

Examples:

def update_without_password(params, *options)
  params.delete(:email)
  super(params)
end

# File 'lib/negroni/models/authenticable.rb', line 80

def update_without_password(params, *options)
  params.delete(:password)
  params.delete(:password_confirmation)

  result = update_attributes(params, *options)
  clean_up_passwords
  result
end

#valid_password?(password) ⇒ Boolean

Checks if a password is valid for the given instance

Returns:

• (Boolean)

# File 'lib/negroni/models/authenticable.rb', line 37

def valid_password?(password)
  Negroni::Encryptor.compare(self.class, password_digest, password)
end