Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: crystal-lang/crystal
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: afeaee47a835
Choose a base ref
...
head repository: crystal-lang/crystal
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 9ba6ba93e3cd
Choose a head ref
  • 2 commits
  • 2 files changed
  • 2 contributors

Commits on Jul 8, 2018

  1. Copy the full SHA
    ad5fb0a View commit details

Commits on Jul 9, 2018

  1. Merge pull request #6356 from straight-shoota/jm/fix/bcrypt-password-eq

    Fix: Add type restriction to Crypto::Bcrypt::Password#==
    ysbaddaden authored Jul 9, 2018
    Copy the full SHA
    9ba6ba9 View commit details
Showing with 12 additions and 1 deletion.
  1. +11 −0 spec/std/crypto/bcrypt/password_spec.cr
  2. +1 −1 src/crypto/bcrypt/password.cr
11 changes: 11 additions & 0 deletions spec/std/crypto/bcrypt/password_spec.cr
Original file line number Diff line number Diff line change
@@ -48,5 +48,16 @@ describe "Crypto::Bcrypt::Password" do
it "verifies password is correct" do
(password == "secret").should be_true
end

it "works with Password" do
(password == password).should be_true

other_password = Crypto::Bcrypt::Password.create("wrong", 4)
(password == other_password).should be_false
end

it "works with other types" do
(password == 0.815).should be_false
end
end
end
2 changes: 1 addition & 1 deletion src/crypto/bcrypt/password.cr
Original file line number Diff line number Diff line change
@@ -58,7 +58,7 @@ class Crypto::Bcrypt::Password
# password == "wrong secret" # => false
# password == "super secret" # => true
# ```
def ==(password)
def ==(password : String) : Bool
hashed_password = Bcrypt.new(password, salt, cost)
Crypto::Subtle.constant_time_compare(@raw_hash, hashed_password)
end