peiyush13/changes_in_login_form.html.erb

## changes_in_login_form.html.erb
<div class="input-container">
   <%= f.password_field :password, placeholder: "Password", tabindex: "2", required: "required", data: { encrypt: true } %>
</div>
<div class="hidden" id="public_key" data-value= "<%= sanitize @public_key %>"></div>

## encrypt.js
$(document).ready(function(){
   $('form').submit(function( event ) {
     var encrypt = new JSEncrypt();
     $('[data-encrypt]').each(function(){
       var unencrypted = $(this);
       encrypt.setKey($('#public_key').attr('data-value'));
       var encrypted = encrypt.encrypt(unencrypted.val());
       if(encrypted) {
         unencrypted.val(encrypted);
       }
     })
   });
 });

## rsa_encryptor.rb
# Class RsaEncryptor provides Public Encryption/Decryption for the data
#
# @author Peiyush13 <piyushwww13@gmail.com>
#
class RsaEncryptor
  attr_reader :rsa_key, :public_key

  def initialize
    @rsa_key = OpenSSL::PKey::RSA.generate(1024)
    @public_key = @rsa_key.public_key.to_s
  end

  # serializes the data extracted for the key in order to use it in session
  #
  #
  # @return [String] JSON serialized data
  #
  def serialized_data
    params = {}
    rsa_key.params.each { |k, v| params[k] = v.to_s }
    params.to_json
  end

  # Rebuilds RSA key from serialized data
  #
  # @param [String] serialized_key A serialized key
  #
  # @return [OpenSSL::PKey::RSA] A RSA key object
  #
  def self.build_key(serialized_key)
    rsa_key = OpenSSL::PKey::RSA.new(1024)
    rsa_key_params = JSON.parse(serialized_key)
    rsa_key_params.each { |k, v| rsa_key_params[k] = OpenSSL::BN.new(v) }
    rsa_key.set_key(rsa_key_params['n'], rsa_key_params['e'], rsa_key_params['d'])
    rsa_key.set_factors(rsa_key_params['p'], rsa_key_params['q'])
    rsa_key.set_crt_params(rsa_key_params['dmp1'], rsa_key_params['dmq1'], rsa_key_params['iqmp'])
    rsa_key
  end
end

## session_helper.rb
require 'rsa_encryptor'

# Module SessionsHelper provides public key encryption/decryption for password
#
# @author Peiyush13 <piyushwww13@gmail.com>
#
module SessionsHelper
  # initializes public key used for password encryption
  #
  def generate_rsa_key
    rsa_key = RsaEncryptor.new
    session[:rsa_key] = rsa_key.serialized_data
    @public_key = rsa_key.public_key.to_s
  end

  # decrypts the password using private key
  #
  # @param [Array<string>] user_params_keys An array specifying user parameters to be decrypted
  #
  def authenticate_encryptor(user_params_keys)
    rsa_key = RsaEncryptor.build_key(session[:rsa_key])
    user_params_keys.each do |key|
      request.params[:user][key] = rsa_key.private_decrypt(Base64.decode64(request.params[:user][key])) rescue ''
    end
  end
end

## sessions_controller.rb
class Users::SessionsController < Devise::SessionsController
  include SessionsHelper

  before_filter :generate_rsa_key, only: [:new]
  prepend_before_filter -> { authenticate_encryptor([:password]) }, only: [:create]

  def create
    # your own code
    super
  end

  def new
    # your own code
    super
  end
end
	<div class="input-container">
	<%= f.password_field :password, placeholder: "Password", tabindex: "2", required: "required", data: { encrypt: true } %>
	</div>
	<div class="hidden" id="public_key" data-value= "<%= sanitize @public_key %>"></div>
	$(document).ready(function(){
	$('form').submit(function( event ) {
	var encrypt = new JSEncrypt();
	$('[data-encrypt]').each(function(){
	var unencrypted = $(this);
	encrypt.setKey($('#public_key').attr('data-value'));
	var encrypted = encrypt.encrypt(unencrypted.val());
	if(encrypted) {
	unencrypted.val(encrypted);
	}
	})
	});
	});
	# Class RsaEncryptor provides Public Encryption/Decryption for the data
	#
	# @author Peiyush13 <piyushwww13@gmail.com>
	#
	class RsaEncryptor
	attr_reader :rsa_key, :public_key

	def initialize
	@rsa_key = OpenSSL::PKey::RSA.generate(1024)
	@public_key = @rsa_key.public_key.to_s
	end

	# serializes the data extracted for the key in order to use it in session
	#
	#
	# @return [String] JSON serialized data
	#
	def serialized_data
	params = {}
	rsa_key.params.each { \|k, v\| params[k] = v.to_s }
	params.to_json
	end

	# Rebuilds RSA key from serialized data
	#
	# @param [String] serialized_key A serialized key
	#
	# @return [OpenSSL::PKey::RSA] A RSA key object
	#
	def self.build_key(serialized_key)
	rsa_key = OpenSSL::PKey::RSA.new(1024)
	rsa_key_params = JSON.parse(serialized_key)
	rsa_key_params.each { \|k, v\| rsa_key_params[k] = OpenSSL::BN.new(v) }
	rsa_key.set_key(rsa_key_params['n'], rsa_key_params['e'], rsa_key_params['d'])
	rsa_key.set_factors(rsa_key_params['p'], rsa_key_params['q'])
	rsa_key.set_crt_params(rsa_key_params['dmp1'], rsa_key_params['dmq1'], rsa_key_params['iqmp'])
	rsa_key
	end
	end
	require 'rsa_encryptor'

	# Module SessionsHelper provides public key encryption/decryption for password
	#
	# @author Peiyush13 <piyushwww13@gmail.com>
	#
	module SessionsHelper
	# initializes public key used for password encryption
	#
	def generate_rsa_key
	rsa_key = RsaEncryptor.new
	session[:rsa_key] = rsa_key.serialized_data
	@public_key = rsa_key.public_key.to_s
	end

	# decrypts the password using private key
	#
	# @param [Array<string>] user_params_keys An array specifying user parameters to be decrypted
	#
	def authenticate_encryptor(user_params_keys)
	rsa_key = RsaEncryptor.build_key(session[:rsa_key])
	user_params_keys.each do \|key\|
	request.params[:user][key] = rsa_key.private_decrypt(Base64.decode64(request.params[:user][key])) rescue ''
	end
	end
	end
	class Users::SessionsController < Devise::SessionsController
	include SessionsHelper

	before_filter :generate_rsa_key, only: [:new]
	prepend_before_filter -> { authenticate_encryptor([:password]) }, only: [:create]

	def create
	# your own code
	super
	end

	def new
	# your own code
	super
	end
	end