Strengthen password hashing algorithm
[rails.git] / test / unit / password_hash_test.rb
1 require File.dirname(__FILE__) + '/../test_helper'
2
3 class PasswordHashTest < ActiveSupport::TestCase
4   def test_md5_without_salt
5     assert_equal true, PasswordHash.check("5f4dcc3b5aa765d61d8327deb882cf99", nil, "password")
6     assert_equal false, PasswordHash.check("5f4dcc3b5aa765d61d8327deb882cf99", nil, "wrong")
7   end
8
9   def test_md5_with_salt
10     assert_equal true, PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "salt", "password")
11     assert_equal false, PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "salt", "wrong")
12     assert_equal false, PasswordHash.check("67a1e09bb1f83f5007dc119c14d663aa", "wrong", "password")
13   end
14
15   def test_default
16     hash1, salt1 = PasswordHash.create("password")
17     hash2, salt2 = PasswordHash.create("password")
18     assert_not_equal hash1, hash2
19     assert_not_equal salt1, salt2
20     assert_equal true, PasswordHash.check(hash1, salt1, "password")
21     assert_equal false, PasswordHash.check(hash1, salt1, "wrong")
22     assert_equal true, PasswordHash.check(hash2, salt2, "password")
23     assert_equal false, PasswordHash.check(hash2, salt2, "wrong")
24   end
25 end