Module: Card::Auth
- Extended by:
- Current, Permissions, Proxy, Setup, Token
- Defined in:
- card/lib/card/auth.rb,
card/lib/card/auth/proxy.rb,
card/lib/card/auth/setup.rb,
card/lib/card/auth/token.rb,
card/lib/card/auth/current.rb,
card/lib/card/auth/permissions.rb,
mod/api_key/lib/card/auth/api_key.rb
Overview
Singleton methods for account authentication and contextualization.
Manages current user, “as” user, and password verification.
Defined Under Namespace
Modules: ApiKey, Current, Permissions, Proxy, Setup, Token
Constant Summary
Constants included from Setup
Constants included from Token
Class Method Summary collapse
-
.authenticate(email, password) ⇒ +*account card?
authenticate a user by their login name and unencrypted password.
-
.encrypt(password, salt) ⇒ SHA1 String
encrypt password string with the given salt.
-
.password_valid?(account, password) ⇒ Boolean
check whether password is correct for account card.
-
.serialize ⇒ Object
Methods included from Permissions
admin?, always_ok?, createable_types, update_always_cache
Methods included from Proxy
as, as_bot, as_card, as_id, with
Methods included from Setup
instant_account_activation, needs_setup?, simulate_setup!
Methods included from Current
current_card, current_id, current_id=, current_roles, find_account_by_email, reset, session, session_user_key, signed_in?, signin, signin_with, signin_with_session
Methods included from Token
decode, encode, expiration, signin_with_token, validate!
Class Method Details
.authenticate(email, password) ⇒ +*account card?
authenticate a user by their login name and unencrypted password.
20 21 22 23 24 25 26 27 28 |
# File 'card/lib/card/auth.rb', line 20 def authenticate email, password account = Auth.find_account_by_email email case when !account then nil when !account.active? then nil when Card.config.no_authentication then account when password_valid?(account, password.strip) then account end end |
.encrypt(password, salt) ⇒ SHA1 String
encrypt password string with the given salt.
39 40 41 |
# File 'card/lib/card/auth.rb', line 39 def encrypt password, salt Digest::SHA1.hexdigest "#{salt}--#{password}--" end |
.password_valid?(account, password) ⇒ Boolean
check whether password is correct for account card
33 34 35 |
# File 'card/lib/card/auth.rb', line 33 def password_valid? account, password account.password == encrypt(password, account.salt) end |
.serialize ⇒ Object
43 44 45 |
# File 'card/lib/card/auth.rb', line 43 def serialize { as_id: as_id, current_id: current_id } end |