mirror of
https://github.com/discourse/discourse.git
synced 2024-12-30 15:23:48 +08:00
67 lines
2.1 KiB
Ruby
67 lines
2.1 KiB
Ruby
|
# frozen_string_literal: true
|
||
|
|
||
|
describe PasswordHasher do
|
||
|
def hash(password: "mypass", salt: "mysalt", algorithm:)
|
||
|
PasswordHasher.hash_password(password: password, salt: salt, algorithm: algorithm)
|
||
|
end
|
||
|
|
||
|
describe "pbkdf2-sha256 algorithm" do
|
||
|
it "can hash correctly" do
|
||
|
result = hash(password: "mypass", salt: "mysalt", algorithm: "$pbkdf2-sha256$i=3,l=32$")
|
||
|
expect(result).to eq("8d4f9a685ff73eef7b06e07ab5889784775290a0a9cebb6eb4492a695c93a51e")
|
||
|
end
|
||
|
|
||
|
it "supports different iteration numbers" do
|
||
|
iter_3 = hash(algorithm: "$pbkdf2-sha256$i=3,l=32$")
|
||
|
iter_4 = hash(algorithm: "$pbkdf2-sha256$i=4,l=32$")
|
||
|
|
||
|
expect(iter_3).not_to eq(iter_4)
|
||
|
end
|
||
|
|
||
|
it "raises an error for non-standard length" do
|
||
|
expect { hash(algorithm: "$pbkdf2-sha256$i=3,l=20$") }.to raise_error(
|
||
|
PasswordHasher::UnsupportedAlgorithmError,
|
||
|
)
|
||
|
end
|
||
|
|
||
|
it "raises an error for missing length param" do
|
||
|
expect { hash(algorithm: "$pbkdf2-sha256$i=3$") }.to raise_error(
|
||
|
PasswordHasher::UnsupportedAlgorithmError,
|
||
|
)
|
||
|
end
|
||
|
|
||
|
it "raises an error for missing iteration param" do
|
||
|
expect { hash(algorithm: "$pbkdf2-sha256$l=32$") }.to raise_error(
|
||
|
PasswordHasher::UnsupportedAlgorithmError,
|
||
|
)
|
||
|
end
|
||
|
|
||
|
it "raises an error for missing salt" do
|
||
|
expect { hash(salt: nil, algorithm: "$pbkdf2-sha256$l=32,i=3$") }.to raise_error(
|
||
|
ArgumentError,
|
||
|
)
|
||
|
end
|
||
|
|
||
|
it "raises an error for missing password" do
|
||
|
expect { hash(password: nil, algorithm: "$pbkdf2-sha256$l=32,i=3$") }.to raise_error(
|
||
|
ArgumentError,
|
||
|
)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
it "raises error for invalid algorithm" do
|
||
|
expect { hash(algorithm: "$pbkdf2-sha256$l=32$somethinginvalid") }.to raise_error(
|
||
|
PasswordHasher::InvalidAlgorithmError,
|
||
|
)
|
||
|
end
|
||
|
|
||
|
it "raises error for unknown algorithm" do
|
||
|
expect { hash(algorithm: "$pbkdf2-invalid$l=32$") }.to raise_error(
|
||
|
PasswordHasher::UnsupportedAlgorithmError,
|
||
|
)
|
||
|
expect { hash(algorithm: "$unknown$l=32$") }.to raise_error(
|
||
|
PasswordHasher::UnsupportedAlgorithmError,
|
||
|
)
|
||
|
end
|
||
|
end
|