Class: DoorMat::Actor

Inherits:
ActiveRecord::Base
  • Object
show all
Defined in:
app/models/door_mat/actor.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#current_emailObject

Returns the value of attribute current_email.



27
28
29
 
# File 'app/models/door_mat/actor.rb', line 27

def current_email
  @current_email
end

Class Method Details

.authenticate_with(address, password) ⇒ Object 



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'app/models/door_mat/actor.rb', line 48

def self.authenticate_with(address, password)
  actor = nil
  matching_emails = DoorMat::Email.matching(address)

  # As with a secure_compare, spend constant time
  # testing the password against all the accounts, all the time, even if
  # the first account is matching
  matching_emails.each do |e|
    if e.actor.authenticate(password)
      actor = e.actor
      actor.current_email = e
    end
  end

  actor
end

.create_with(password) ⇒ Object 



31
32
33
34
35
36
37
38
39
 
# File 'app/models/door_mat/actor.rb', line 31

def self.create_with(password)
  actor = self.new

  actor.re_key_with(password)

  actor.system_key = DoorMat::Crypto::SymmetricStore.random_key

  actor
end

Instance Method Details

#authenticate(password) ⇒ Object 



103
104
105
106
107
108
 
# File 'app/models/door_mat/actor.rb', line 103

def authenticate(password)
  DoorMat::Crypto::secure_compare(
      self.password_hash,
      DoorMat::Crypto::PasswordHash.bcrypt_hash(password, self.password_salt)
  )
end

#can_add_email?(email) ⇒ Boolean

Returns:

  • (Boolean) 


73
74
75
76
77
78
79
80
81
82
83
84
85
 
# File 'app/models/door_mat/actor.rb', line 73

def can_add_email?(email)
  if emails.count >= DoorMat::configuration.max_email_count_per_actor
    email.errors[:base] << I18n.t("door_mat.actor.max_email_count_per_actor_reached")
    return false
  end

  if emails.where(:address_hash => email.address_hash).count > 0
    email.errors[:base] << I18n.t("door_mat.actor.email_already_associated")
    return false
  end

  true
end

#confirm_email_activitiesObject 



65
66
67
 
# File 'app/models/door_mat/actor.rb', line 65

def confirm_email_activities
  activities.started.where(type: "DoorMat::ActivityConfirmEmail")
end

#decrypt_shared_key(key, session) ⇒ Object 



122
123
124
125
126
 
# File 'app/models/door_mat/actor.rb', line 122

def decrypt_shared_key(key, session)
  pem_key = session.decrypt(self.encrypted_pem_key)
  private_key = DoorMat::Crypto::AsymmetricStore.private_key_from_pem_encrypted_pkey_pair(self.pem_encrypted_pkey, pem_key)
  DoorMat::Crypto::AsymmetricStore.decrypt(key, private_key)
end

#download_recovery_key_activitiesObject 



69
70
71
 
# File 'app/models/door_mat/actor.rb', line 69

def download_recovery_key_activities
  activities.started.where(type: "DoorMat::ActivityDownloadRecoveryKey")
end

#email_from_urlsafe_encoded(encoded_address) ⇒ Object 



91
92
93
 
# File 'app/models/door_mat/actor.rb', line 91

def email_from_urlsafe_encoded(encoded_address)
  emails.where(:address_hash => DoorMat::Email.address_hash_from_encoded_address(encoded_address)).first
end

#encrypt_shared_key(key) ⇒ Object 



117
118
119
120
 
# File 'app/models/door_mat/actor.rb', line 117

def encrypt_shared_key(key)
  self_pub_key = DoorMat::Crypto::AsymmetricStore.public_key_from_pem_public_key(self.pem_public_key)
  DoorMat::Crypto::AsymmetricStore.encrypt(key, self_pub_key)
end

#has_primary_email?Boolean

Returns:

  • (Boolean) 


87
88
89
 
# File 'app/models/door_mat/actor.rb', line 87

def has_primary_email?
  emails.map {|e| e.primary?}.inject(false, :|)
end

#keep_only_this_session!(session) ⇒ Object 



142
143
144
145
146
 
# File 'app/models/door_mat/actor.rb', line 142

def keep_only_this_session!(session)
  sessions.each do |s|
    s.destroy! unless s == session
  end
end

#re_key_with(password) ⇒ Object 



41
42
43
44
45
46
 
# File 'app/models/door_mat/actor.rb', line 41

def re_key_with(password)
  self.key_salt = DoorMat::Crypto::PasswordHash.pbkdf2_salt

  self.password_salt = DoorMat::Crypto::PasswordHash.bcrypt_salt
  self.password_hash = DoorMat::Crypto::PasswordHash.bcrypt_hash(password, self.password_salt)
end

#setup_public_key_pairs(session) ⇒ Object 



110
111
112
113
114
115
 
# File 'app/models/door_mat/actor.rb', line 110

def setup_public_key_pairs(session)
  pem_encrypted_pkey_pair_and_key = DoorMat::Crypto::AsymmetricStore.generate_pem_encrypted_pkey_pair_and_key
  self.encrypted_pem_key = session.encrypt(pem_encrypted_pkey_pair_and_key[:key])
  self.pem_encrypted_pkey = pem_encrypted_pkey_pair_and_key[:pem_encrypted_pkey]
  self.pem_public_key = DoorMat::Crypto::AsymmetricStore.pem_public_key_from_pem_encrypted_pkey_pair(pem_encrypted_pkey_pair_and_key[:pem_encrypted_pkey], pem_encrypted_pkey_pair_and_key[:key])
end

#share_with(other, secrets, with_key = nil) ⇒ Object 



128
129
130
131
132
133
134
135
136
137
138
139
140
 
# File 'app/models/door_mat/actor.rb', line 128

def share_with(other, secrets, with_key=nil)
  secrets = Array(secrets)
  with_key ||= DoorMat::Crypto::SymmetricStore.random_key
  self_shared_key = self.encrypt_shared_key(with_key)
  other_shared_key = other.encrypt_shared_key(with_key)
  encrypted_secrets = DoorMat::Crypto.encrypt_shared(secrets, with_key)

  {
      key: self_shared_key,
      other_key: other_shared_key,
      secrets: encrypted_secrets
  }
end

#system_decrypt(ciphertext) ⇒ Object 



99
100
101
 
# File 'app/models/door_mat/actor.rb', line 99

def system_decrypt(ciphertext)
  DoorMat::Crypto::SymmetricStore.decrypt(ciphertext, self.system_key)
end

#system_encrypt(message) ⇒ Object 



95
96
97
 
# File 'app/models/door_mat/actor.rb', line 95

def system_encrypt(message)
  DoorMat::Crypto::SymmetricStore.encrypt(message, self.system_key)[:ciphertext]
end