module Devision

Public Class Methods

bcrypt(klass, password) click to toggle source

Digests a password using bcrypt.

# File lib/devision.rb, line 40
def self.bcrypt(klass, password)
  ::BCrypt::Password.create("#{password}#{klass.pepper}", cost: klass.stretches).to_s
end
gem_version() click to toggle source
# File lib/devision/version.rb, line 16
def self.gem_version
  VERSION.gem_version
end
nice_token() click to toggle source

Generate a user friendly ‘nice’ string randomly to be used as token.

# File lib/devision.rb, line 25
def self.nice_token
  SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
end
secure_compare(a, b) click to toggle source

constant-time comparison algorithm to prevent timing attacks

# File lib/devision.rb, line 30
def self.secure_compare(a, b)
  return false if a.blank? || b.blank? || a.bytesize != b.bytesize
  l = a.unpack "C#{a.bytesize}"

  res = 0
  b.each_byte { |byte| res |= byte ^ l.shift }
  res == 0
end
setup() { |self| ... } click to toggle source

Default way to setup Devision. Just call this in an initializer

# File lib/devision.rb, line 45
def self.setup
  yield(self)
  self.initialize!
end
version() click to toggle source
# File lib/devision/version.rb, line 20
def self.version
  VERSION::STRING
end

Protected Class Methods

initialize!() click to toggle source
# File lib/devision.rb, line 51
def self.initialize!

  Devision.token_generator ||= begin
    if secret = Devision.secret_key
      Devision::TokenGenerator.new(
        Devision::CachingKeyGenerator.new(Devision::KeyGenerator.new(secret))
      )
    else
      raise Devision::Errors::Configuration.new('Devision.secret_key contain a value for encryption.')
    end
  end

end