Module: Devision

Defined in:

lib/devision.rb,
lib/devision/errors.rb,
lib/devision/version.rb,
lib/devision/models/config.rb,
lib/devision/models/lockable.rb,
lib/devision/token_generator.rb,
lib/devision/models/confirmable.rb,
lib/devision/models/recoverable.rb,
lib/devision/models/tokenizable.rb,
lib/devision/models/validatable.rb,
lib/devision/models/rememberable.rb,
lib/devision/configuration_options.rb,
lib/devision/models/authenticatable.rb,
lib/devision/models/database_authenticatable.rb

Defined Under Namespace

Modules: Errors, Lockable, Models, VERSION Classes: CachingKeyGenerator, KeyGenerator, TokenGenerator

Constant Summary

@@authentication_keys =

[ :email ]

@@reset_password_keys =

[ :email ]

@@reset_password_within =

6.hours

@@email_regexp =

/\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/

@@password_range =

6..128

@@remember_for =

2.weeks

@@extend_remember_period =

false

@@allow_unconfirmed_access_for =

0.days

@@confirm_within =

nil

@@confirmation_keys =

[ :email ]

@@reconfirmable =

false

@@lock_strategy =

:failed_attempts

@@unlock_keys =

[ :email ]

@@unlock_strategy =

:both

@@maximum_attempts =

20

@@unlock_in =

1.hour

@@token_generator =

nil

@@secret_key =

nil

@@stretches =

10

@@pepper =

nil

Class Method Summary

• .bcrypt(klass, password) ⇒ Object

  Digests a password using bcrypt.

• .gem_version ⇒ Object
• .nice_token ⇒ Object

  Generate a user friendly ‘nice’ string randomly to be used as token.

• .secure_compare(a, b) ⇒ Object

  constant-time comparison algorithm to prevent timing attacks.

• .setup {|_self| ... } ⇒ Object

  Default way to setup Devision.

• .version ⇒ Object

Class Method Details

.bcrypt(klass, password) ⇒ Object

Digests a password using bcrypt.

# File 'lib/devision.rb', line 39

def self.bcrypt(klass, password)
  ::BCrypt::Password.create("#{password}#{klass.pepper}", cost: klass.stretches).to_s
end

.gem_version ⇒ Object

# File 'lib/devision/version.rb', line 16

def self.gem_version
  VERSION.gem_version
end

.nice_token ⇒ Object

Generate a user friendly ‘nice’ string randomly to be used as token.

# File 'lib/devision.rb', line 24

def self.nice_token
  SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
end

.secure_compare(a, b) ⇒ Object

constant-time comparison algorithm to prevent timing attacks

# File 'lib/devision.rb', line 29

def self.secure_compare(a, b)
  return false if a.blank? || b.blank? || a.bytesize != b.bytesize
  l = a.unpack "C#{a.bytesize}"

  res = 0
  b.each_byte { |byte| res |= byte ^ l.shift }
  res == 0
end

.setup {|_self| ... } ⇒ Object

Default way to setup Devision. Just call this in an initializer

Yields:

• (_self)

Yield Parameters:

• _self (Devision) —

  the object that the method was called on

# File 'lib/devision.rb', line 44

def self.setup
  yield(self)
  self.initialize!
end

.version ⇒ Object

# File 'lib/devision/version.rb', line 20

def self.version
  VERSION::STRING
end