Plugin adds BCrypt authentication and password hashing to Sequel models.
Model using this plugin should have password_digest
field.
This plugin was created by extracting has_secure_password
strategy from rails.
Installation
Add this line to your application's Gemfile:
gem 'sequel_secure_password'
And then execute:
$ bundle
Or install it yourself as:
$ gem install sequel_secure_password
Usage
Plugin should be used in subclasses of Sequel::Model
.
Always call super in validate
method of your model, otherwise password
validations won't be executed.
It does not set_allowed_columns
and mass assignment policy must be managed
separately.
Example model:
class User < Sequel::Model
plugin :secure_password
end
# cost option can be used to change computational complexity of BCrypt
class HighCostUser < Sequel::Model
plugin :secure_password, cost: 12
end
# include_validations option can be used to disable default password
# presence and confirmation
class UserWithoutValidations < Sequel::Model
plugin :secure_password, include_validations: false
end
# digest_column option can be used to use an alternate database column.
# the default column is "password_digest"
class UserWithAlternateDigestColumn < Sequel::Model
plugin :secure_password, digest_column: :password_hash
end
user = User.new
user.password = "foo"
user.password_confirmation = "bar"
user.valid? # => false
user.password_confirmation = "foo"
user.valid? # => true
user.authenticate("foo") # => user
user.authenticate("bar") # => nil
Contributing
- Open an issue
- Discuss proposed change
- Once we both agree on the change I'll implement it or if you want it really badly, fork the project and create a pull request.
Acknowledgements
- Thanks to @send for implementing the
:cost
option; - Thanks to @badosu for motivating me to add
:include_validations
option. - Thanks to @AlexWayfer for fixing a bug that prevented inheriting from classes using the plugin.