Class: Kankri::SimpleAuthenticator
- Inherits:
-
Object
- Object
- Kankri::SimpleAuthenticator
- Extended by:
- Forwardable
- Defined in:
- lib/kankri/simple_authenticator.rb
Overview
An object that takes in a user hash and authenticates users
This object holds user data in memory, including passwords. It is thus not secure for mission-critical applications.
Class Method Summary collapse
-
.digest_hasher(usernames, hasher) ⇒ Hash
Makes hashing functions for users based on a Digest implementation.
-
.sha256_hasher(usernames) ⇒ Hash
Makes hashing functions for users based on SHA256.
Instance Method Summary collapse
-
#authenticate(username, password) ⇒ PrivilegeSet
Attempts to authenticate with the given username and password.
-
#initialize(users, hash_maker = nil) ⇒ SimpleAuthenticator
constructor
Initialises the SimpleAuthenticator.
Constructor Details
#initialize(users, hash_maker = nil) ⇒ SimpleAuthenticator
Initialises the SimpleAuthenticator
87 88 89 90 91 92 93 94 |
# File 'lib/kankri/simple_authenticator.rb', line 87 def initialize(users, hash_maker = nil) hash_maker ||= self.class.method(:sha256_hasher) @users = users @hashers = hash_maker.call(@users.keys) @passwords = passwords @privilege_sets = privilege_sets end |
Class Method Details
.digest_hasher(usernames, hasher) ⇒ Hash
Makes hashing functions for users based on a Digest implementation
Each hashing function uses a random salt value, which is stored inside the function and unique to the username.
43 44 45 46 47 48 49 50 |
# File 'lib/kankri/simple_authenticator.rb', line 43 def self.digest_hasher(usernames, hasher) Hash[ usernames.map do |username| salt = SecureRandom.random_bytes [username, ->(password) { hasher.digest(password + salt) }] end ] end |
.sha256_hasher(usernames) ⇒ Hash
Makes hashing functions for users based on SHA256
24 25 26 |
# File 'lib/kankri/simple_authenticator.rb', line 24 def self.sha256_hasher(usernames) digest_hasher(usernames, Digest::SHA256) end |
Instance Method Details
#authenticate(username, password) ⇒ PrivilegeSet
Attempts to authenticate with the given username and password
This will fail with an AuthenticationFailure exception if the credentials are invalid.
113 114 115 116 |
# File 'lib/kankri/simple_authenticator.rb', line 113 def authenticate(username, password) auth_fail unless auth_ok?(username.intern, password.to_s) privileges_for(username.intern) end |