Module: OmniAuth::Identity::SecurePassword

Included in:: Models::ActiveRecord

Defined in:: lib/omniauth/identity/secure_password.rb

Overview

This is lightly edited from Rails 6.1 code and is used if
the version of ActiveModel that’s being used does not
include SecurePassword. The only difference is that instead of
using ActiveSupport::Concern, it checks to see if there is already
a has_secure_password method.

Provides secure password hashing and authentication using BCrypt.

Examples:

Basic Usage

class User
  include OmniAuth::Identity::SecurePassword

  has_secure_password
end

user = User.new(password: 'secret')
user.authenticate('secret') # => user

Defined Under Namespace

Modules: ClassMethods Classes: InstanceMethodsOnActivation

Constant Summary collapse

MAX_PASSWORD_LENGTH_ALLOWED = BCrypt hash function can handle maximum 72 bytes, and if we pass password of length more than 72 bytes it ignores extra characters. Hence need to put a restriction on password length. Returns: (Integer) — The maximum allowed password length in bytes.

BCrypt::Engine::MAX_SECRET_BYTESIZE

Class Attribute Summary collapse

.min_cost ⇒ true, false
Controls whether to use minimum cost for BCrypt hashing (for testing).

Instance Attribute Summary collapse

#MAX_PASSWORD_LENGTH_ALLOWED ⇒ Integer readonly
BCrypt hash function can handle maximum 72 bytes, and if we pass password of length more than 72 bytes it ignores extra characters.

Class Method Summary collapse

.included(base) ⇒ void
Called when this module is included in a model class.

Class Attribute Details

.min_cost ⇒ `true`, `false`

Controls whether to use minimum cost for BCrypt hashing (for testing).

Returns:

(true, false)



46
47
48

# File 'lib/omniauth/identity/secure_password.rb', line 46

def min_cost
  @min_cost
end

Instance Attribute Details

#MAX_PASSWORD_LENGTH_ALLOWED ⇒ `Integer` (readonly)

BCrypt hash function can handle maximum 72 bytes, and if we pass
password of length more than 72 bytes it ignores extra characters.
Hence need to put a restriction on password length.

Returns:

(Integer) —
The maximum allowed password length in bytes.

40	# File 'lib/omniauth/identity/secure_password.rb', line 40 MAX_PASSWORD_LENGTH_ALLOWED = BCrypt::Engine::MAX_SECRET_BYTESIZE

Class Method Details

.included(base) ⇒ `void`

This method returns an undefined value.

Called when this module is included in a model class.

Extends the base class with ClassMethods unless it already responds to has_secure_password.

Parameters:

base (Class) —
the model class including this module



31
32
33

# File 'lib/omniauth/identity/secure_password.rb', line 31

def self.included(base)
  base.extend(ClassMethods) unless base.respond_to?(:has_secure_password)
end