123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- module PasswordHash
- include ApplicationLib
-
- extend self
- def crypt(password)
- argon2.create(password)
- end
- def verified?(pw_hash, password)
- Argon2::Password.verify_password(password, pw_hash, secret)
- rescue
- false
- end
- def crypted?(pw_hash)
- return if !pw_hash
-
- return if pw_hash !~ /^\$argon2i\$.{,112}/
- true
- end
- def legacy?(pw_hash, password)
- return if pw_hash.blank?
- return if !password
- legacy_sha2?(pw_hash, password)
- end
- private
- def legacy_sha2?(pw_hash, password)
- return if !pw_hash.start_with?('{sha2}')
- crypted = Digest::SHA2.hexdigest(password)
- pw_hash == "{sha2}#{crypted}"
- end
- def argon2
- return @argon2 if @argon2
- @argon2 = Argon2::Password.new(secret: secret)
- end
- def secret
- Setting.get('application_secret')
- end
- end
|