Rapid Prototyping with Rails: Lesson 3, Working with has_secured_password

05 Nov 2014

Steps:

Install bcrypt-ruby gem
Add password_digest column to users table
Add hassecuredpassword to user model
Turned off validations for hassecuredpassword

Creating password in console:

bob = User.first
bob.password = "password"
bob.password_confirmation = "password"
bob.save

To check what password is in console:

You can never retrieve the password directly, but you can verify using the authenticate

bob.authenticate('password')

will return False, if guess is incorrect or retrieve the user object if True.

Password Digest column includes salts to prevent against rainbow attacks. Salts adds a small chunk of random data to password to prevent those attacks.

grit| commit

Rapid Prototyping with Rails: Lesson 3, Working with has_secured_password

Steps:

Creating password in console:

To check what password is in console:

Related Posts

Metaprogramming Ruby Ch1 09 Sep 2015

Course3 Elasticsearch 20 Jul 2015

Build Robust & Production Quality Applications - Lesson 8: - Mocks & Stubs 18 Jul 2015