module Authlogic::ActsAsAuthentic::Password::Methods::InstanceMethods
Public Instance Methods
The password
# File lib/authlogic/acts_as_authentic/password.rb, line 305 def password @password end
This is a virtual method. Once a password is passed to it, it will create new password salt as well as encrypt the password.
# File lib/authlogic/acts_as_authentic/password.rb, line 311 def password=(pass) return if ignore_blank_passwords? && pass.blank? before_password_set @password = pass if password_salt_field send("#{password_salt_field}=", Authlogic::Random.friendly_token) end encryptor_args_type = act_like_restful_authentication? ? :restful_authentication : nil send( "#{crypted_password_field}=", crypto_provider.encrypt( *encrypt_arguments(@password, false, encryptor_args_type) ) ) @password_changed = true after_password_set end
Resets the password to a random friendly token.
# File lib/authlogic/acts_as_authentic/password.rb, line 363 def reset_password friendly_token = Authlogic::Random.friendly_token self.password = friendly_token self.password_confirmation = friendly_token if self.class.require_password_confirmation end
Resets the password to a random friendly token and then saves the record.
# File lib/authlogic/acts_as_authentic/password.rb, line 371 def reset_password! reset_password save_without_session_maintenance(validate: false) end
Accepts a raw password to determine if it is the correct password.
-
attempted_password [String] - password entered by user
-
check_against_database [boolean] - Should we check the password against the value in the database or the value in the object? Default taken from config option check_passwords_against_database. See config method for more information.
# File lib/authlogic/acts_as_authentic/password.rb, line 336 def valid_password?( attempted_password, check_against_database = check_passwords_against_database? ) crypted = crypted_password_to_validate_against(check_against_database) return false if attempted_password.blank? || crypted.blank? before_password_verification crypto_providers.each_with_index do |encryptor, index| next unless encryptor_matches?( crypted, encryptor, index, attempted_password, check_against_database ) if transition_password?(index, encryptor, check_against_database) transition_password(attempted_password) end after_password_verification return true end false end
Private Instance Methods
# File lib/authlogic/acts_as_authentic/password.rb, line 387 def check_passwords_against_database? self.class.check_passwords_against_database == true end
# File lib/authlogic/acts_as_authentic/password.rb, line 482 def crypted_password_field self.class.crypted_password_field end
# File lib/authlogic/acts_as_authentic/password.rb, line 379 def crypted_password_to_validate_against(check_against_database) if check_against_database && send("#{crypted_password_field}_changed?") send("#{crypted_password_field}_was") else send(crypted_password_field) end end
# File lib/authlogic/acts_as_authentic/password.rb, line 490 def crypto_provider self.class.crypto_provider end
# File lib/authlogic/acts_as_authentic/password.rb, line 391 def crypto_providers [crypto_provider] + transition_from_crypto_providers end
Returns an array of arguments to be passed to a crypto provider, either its `matches?` or its `encrypt` method.
# File lib/authlogic/acts_as_authentic/password.rb, line 397 def encrypt_arguments(raw_password, check_against_database, arguments_type = nil) salt = nil if password_salt_field salt = if check_against_database && send("#{password_salt_field}_changed?") send("#{password_salt_field}_was") else send(password_salt_field) end end case arguments_type when :restful_authentication [REST_AUTH_SITE_KEY, salt, raw_password, REST_AUTH_SITE_KEY].compact when nil [raw_password, salt].compact else raise "Invalid encryptor arguments_type: #{arguments_type}" end end
Given `encryptor`, does `attempted_password` match the `crypted` password?
# File lib/authlogic/acts_as_authentic/password.rb, line 419 def encryptor_matches?( crypted, encryptor, index, attempted_password, check_against_database ) # The arguments_type for the transitioning from restful_authentication acting_restful = act_like_restful_authentication? && index.zero? transitioning = transition_from_restful_authentication? && index > 0 && encryptor == Authlogic::CryptoProviders::Sha1 restful = acting_restful || transitioning arguments_type = restful ? :restful_authentication : nil encryptor_args = encrypt_arguments( attempted_password, check_against_database, arguments_type ) encryptor.matches?(crypted, *encryptor_args) end
# File lib/authlogic/acts_as_authentic/password.rb, line 470 def ignore_blank_passwords? self.class.ignore_blank_passwords == true end
# File lib/authlogic/acts_as_authentic/password.rb, line 474 def password_changed? @password_changed == true end
# File lib/authlogic/acts_as_authentic/password.rb, line 486 def password_salt_field self.class.password_salt_field end
# File lib/authlogic/acts_as_authentic/password.rb, line 466 def require_password? new_record? || password_changed? || send(crypted_password_field).blank? end
# File lib/authlogic/acts_as_authentic/password.rb, line 478 def reset_password_changed @password_changed = nil end
# File lib/authlogic/acts_as_authentic/password.rb, line 494 def transition_from_crypto_providers self.class.transition_from_crypto_providers end
# File lib/authlogic/acts_as_authentic/password.rb, line 461 def transition_password(attempted_password) self.password = attempted_password save(validate: false) end
Determines if we need to transition the password.
-
If the index > 0 then we are using an “transition from” crypto provider.
-
If the encryptor has a cost and the cost it outdated.
-
If we aren't using database values
-
If we are using database values, only if the password hasn't changed so we don't overwrite any changes
# File lib/authlogic/acts_as_authentic/password.rb, line 449 def transition_password?(index, encryptor, check_against_database) ( index > 0 || (encryptor.respond_to?(:cost_matches?) && !encryptor.cost_matches?(send(crypted_password_field))) ) && ( !check_against_database || !send("#{crypted_password_field}_changed?") ) end