Module: Rack::CouchdbOAuth2::Model::Account

Defined in:

lib/couchdb_oauth2/model/account.rb

Class Method Summary

• .included(klass) ⇒ Object

Instance Method Summary

• #access_tokens ⇒ Object
• #authenticatable_salt ⇒ Object

  A reliable way to expose the salt regardless of the implementation.

• #clean_up_passwords ⇒ Object
• #password=(new_password) ⇒ Object
• #password_changed? ⇒ Boolean
• #refresh_tokens ⇒ Object
• #valid_password?(password) ⇒ Boolean

Class Method Details

.included(klass) ⇒ Object

# File 'lib/couchdb_oauth2/model/account.rb', line 7

def self.included(klass)
  klass.class_eval do

    property  :email,   String
    property  :encrypted_password,  String, :protected => true
    property  :pepper,  String, :protected => true

    view_by   :email
    
    validates_presence_of :email
    validates_uniqueness_of :email
    validates_confirmation_of :password
    validates_presence_of :encrypted_password, :message => 'password should not be empty'
    validates_presence_of :password_confirmation, :if => :password_changed?
    
    attr_reader :password

    def self.stretches
      5
    end

    def self.secure_compare(a, b)
      return false if a.blank? || b.blank? || a.bytesize != b.bytesize
      l = a.unpack "C#{a.bytesize}"

      res = 0
      b.each_byte { |byte| res |= byte ^ l.shift }
      res == 0
    end

    def self.find_account(identity)
      raise 'implement me'
    end
  end
end

Instance Method Details

#access_tokens ⇒ Object

# File 'lib/couchdb_oauth2/model/account.rb', line 69

def access_tokens
  AccessToken.view(:by_account_id, :key => self['_id'])
end

#authenticatable_salt ⇒ Object

A reliable way to expose the salt regardless of the implementation.

# File 'lib/couchdb_oauth2/model/account.rb', line 65

def authenticatable_salt
  self.encrypted_password[0,29] if self.encrypted_password
end

#clean_up_passwords ⇒ Object

# File 'lib/couchdb_oauth2/model/account.rb', line 60

def clean_up_passwords
  self.password = self.password_confirmation = ""
end

#password=(new_password) ⇒ Object

# File 'lib/couchdb_oauth2/model/account.rb', line 43

def password=(new_password)
  @password = new_password
  self.pepper = BCrypt::Engine.generate_salt
  self.encrypted_password = password_digest(@password) if @password.present?
end

#password_changed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/couchdb_oauth2/model/account.rb', line 49

def password_changed?
  self.encrypted_password_changed?
end

#refresh_tokens ⇒ Object

# File 'lib/couchdb_oauth2/model/account.rb', line 73

def refresh_tokens
  RefreshToken.view(:by_account_id, :key => self['_id'])
end

#valid_password?(password) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/couchdb_oauth2/model/account.rb', line 53

def valid_password?(password)
  return false if encrypted_password.blank?
  bcrypt   = ::BCrypt::Password.new(self.encrypted_password)
  password = ::BCrypt::Engine.hash_secret("#{password}#{self.pepper}", bcrypt.salt)
  self.class.secure_compare(password, self.encrypted_password)
end