Add argon generation

nygrenh · nygrenh · commit 708a73622059 · 2020-02-06T16:55:38.000+02:00
diff --git a/Gemfile b/Gemfile
@@ -47,6 +47,7 @@ gem 'rack-mini-profiler', '~> 1.0', '>= 1.0.1'
 gem 'flamegraph', '~> 0.9.5'
 gem 'stackprof', '~> 0.2.12'
 gem 'ruby-kafka', '~> 0.7.10'
+gem 'argon2', '~> 2.0', '>= 2.0.2'
 
 group :assets do
   gem 'jquery-rails', '~> 3.1.2'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -47,6 +47,9 @@ GEM
       public_suffix (>= 2.0.2, < 4.0)
     andand (1.3.3)
     arel (6.0.4)
+    argon2 (2.0.2)
+      ffi (~> 1.9)
+      ffi-compiler (>= 0.1)
     ast (2.4.0)
     autoprefixer-rails (8.2.0)
       execjs
@@ -96,6 +99,9 @@ GEM
     faraday (0.14.0)
       multipart-post (>= 1.2, < 3)
     ffi (1.9.23)
+    ffi-compiler (1.0.1)
+      ffi (>= 1.0.0)
+      rake
     flamegraph (0.9.5)
     font-awesome-rails (4.7.0.3)
       railties (>= 3.2, < 5.2)
@@ -376,6 +382,7 @@ DEPENDENCIES
   activerecord-import (~> 0.28.1)
   activerecord-session_store (~> 1.0.0)
   andand
+  argon2 (~> 2.0, >= 2.0.2)
   bootstrap (~> 4.0.0.beta2.1)
   brakeman
   bundler-audit
@@ -435,4 +442,4 @@ DEPENDENCIES
   xml-simple (~> 1.1.1)
 
 BUNDLED WITH
-   1.17.1
+   1.17.2
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -330,4 +330,8 @@ def reject_common_login_mistakes
       errors.add(:email, 'may not end with "@ad.helsinki.fi". You cannot receive any emails with this address -- it\'s only used for your webmail login. Figure out what your real email address is and try again. It is usually of the form firstname.lastname@helsinki.fi but verify this first.') if email.end_with?('@ad.helsinki.fi')
       errors.add(:email, 'is incorrect. You probably meant firstname.lastname@helsinki.fi. Keep in mind that your email address does not contain your University of Helsinki username.') if email.end_with?('@helsinki.fi') && !/.*\..*@helsinki.fi/.match?(email)
     end
+
+    def _generate_argon
+      update(argon_hash: Argon2::Password.new(t_cost: 4, m_cost: 15).create(password_hash))
+    end
 end
diff --git a/db/migrate/20200115143302_add_argon_hash.rb b/db/migrate/20200115143302_add_argon_hash.rb
@@ -0,0 +1,5 @@
+class AddArgonHash < ActiveRecord::Migration
+  def change
+    add_column :users, :argon_hash, :string
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
@@ -11,7 +11,8 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20200112230124) do
+ActiveRecord::Schema.define(version: 20200115143302) do
+
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
 
@@ -478,6 +479,7 @@
     t.text     "email",              default: "",    null: false
     t.boolean  "legitimate_student", default: true,  null: false
     t.boolean  "email_verified",     default: false, null: false
+    t.string   "argon_hash"
   end
 
   add_index "users", ["login"], name: "index_users_on_login", unique: true, using: :btree

-Original file line number
+Diff line change
       errors.add(:email, 'may not end with "@ad.helsinki.fi". You cannot receive any emails with this address -- it\'s only used for your webmail login. Figure out what your real email address is and try again. It is usually of the form [email protected] but verify this first.') if email.end_with?('@ad.helsinki.fi')
       errors.add(:email, 'is incorrect. You probably meant [email protected]. Keep in mind that your email address does not contain your University of Helsinki username.') if email.end_with?('@helsinki.fi') && !/.*\..*@helsinki.fi/.match?(email)
     end
++
 +    def _generate_argon
 +      update(argon_hash: Argon2::Password.new(t_cost: 4, m_cost: 15).create(password_hash))
 +    end
 end