Class: Authmagic::Modules::LoginPassword

Inherits:
Object
  • Object
show all
Defined in:
lib/authmagic/rails/modules/login_password.rb

Overview

Login/password authentication provider for Rails.

DEPENDENCIES

application_framework

Defined Under Namespace

Modules: SessionControllerMethods

Constant Summary collapse

DEPENDENCIES = 
[:application_framework].freeze

Instance Method Summary collapse

Constructor Details

#initialize(context) ⇒ LoginPassword

Returns a new instance of LoginPassword.



7
8
9
 
# File 'lib/authmagic/rails/modules/login_password.rb', line 7

def initialize(context)
  @context = context
end

Instance Method Details

#enrollObject 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'lib/authmagic/rails/modules/login_password.rb', line 11

def enroll
  principal = @context.principal

  cfg = @context.config.principal
   = cfg.fetch(:login_field, :login)
  case_sensitive = case cfg.fetch(:compare, :case_sensitive)
  when :cs, :case_sensitive then true
  when :ci, :case_insensitive then false
  else raise 'bad :compare value'
  end
  password_get = cfg.fetch(:password_field, :password)
  password_set, password_var = :"#{password_get}=", :"@#{password_get}"
  password_valid = :"#{password_get}_valid?"
  password_hash = cfg.fetch(:password_hash_field, :"#{password_get}_hash")
  password_hash_set = :"#{password_hash}="
  salt_get = cfg.fetch(:password_salt_field, :"#{password_get}_salt")
  salt_set = :"#{salt_get}="
  encryptor = :"encrypt_#{password_get}"
  generate_salt = :"generate_#{salt_get}"

  digest = cfg.fetch(:digest) do
    require 'digest/sha2'
    Digest::SHA512
  end
  digest = "Digest::#{digest.camelize}".constantize unless digest.is_a?(Class)
  stretches = cfg.fetch(:stretches, 100)
  salt_length = cfg.fetch(:salt_length, 64)

  cols = principal.columns_hash
  col_pass_hash, col_salt = cols[password_hash.to_s], cols[salt_get.to_s]
  raise "missing required attribute #{password_hash} from #{principal} model" unless col_pass_hash
  raise "missing required attribute #{salt_get} from #{principal} model" unless col_salt

  hexdigest = col_pass_hash.type != :binary
  secran_salt = col_salt.type == :binary ? :random_bytes : :hex

  principal.class_eval do
    self.class.send(:define_method, :authenticate_with_login_password) do |options|
      conditions = case_sensitive ?
        { => options[]} :
        ["lower(#{connection.quote_column_name()}) = lower(?)", options[]]
      returning first(:conditions => conditions) do |p|
        raise AccountNotFound unless p
        raise BadPassword unless p.send(password_valid, options[password_get])
      end
    end

    attr_reader password_get

    define_method password_set do |passw|
      instance_variable_set(password_var, passw)
      send(generate_salt)
      send(password_hash_set, send(encryptor, passw))
    end

    define_method password_valid do |passw|
      send(password_hash) == send(encryptor, passw)
    end

    define_method encryptor do |plaintext|
      dg, salt, hash = digest.new, send(salt_get), ''
	stretches.times { hash = (dg << salt << plaintext << hash).digest! }
      hexdigest ? Digest.hexencode(hash) : hash
    end

    define_method generate_salt do
      send(salt_set, ActiveSupport::SecureRandom.send(secran_salt, salt_length))
    end
  end

			@context.config.session_controller_name.constantize.send(:include, SessionControllerMethods)
end