Monday, March 6, 2017

Rails 5 - has_secure_password

has_secure_password(options = {})
Adds methods to set and authenticate against a BCrypt password. This mechanism requires you to have a password_digest attribute.
The following validations are added automatically:
  • Password must be present on creation
  • Password length should be less than or equal to 72 characters
  • Confirmation of password (using a password_confirmation attribute)
If password confirmation validation is not needed, simply leave out the value for password_confirmation (i.e. don't provide a form field for it). When this attribute has a nilvalue, the  validation will not be triggered.
For further customizability, it is possible to suppress the default validations by passing validations: false as an argument.
Add bcrypt (~> 3.1.7) to Gemfile to use has_secure_password:
gem 'bcrypt', '~> 3.1.7'
Example using Active Record (which automatically includes ActiveModel::SecurePassword):
# Schema: User(name:string, password_digest:string)
class User < ActiveRecord::Base
  has_secure_password
end

user = User.new(name: 'david', password: '', password_confirmation: 'nomatch')
user.save                                                       # => false, password required
user.password = 'mUc3m00RsqyRe'
user.save                                                       # => false, confirmation doesn't match
user.password_confirmation = 'mUc3m00RsqyRe'
user.save                                                       # => true
user.authenticate('notright')                                   # => false
user.authenticate('mUc3m00RsqyRe')                              # => user
User.find_by(name: 'david').try(:authenticate, 'notright')      # => false
User.find_by(name: 'david').try(:authenticate, 'mUc3m00RsqyRe') # => user
More at http://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html
https://rubyplus.com/episodes/311-Authentication-from-Scratch-in-Rails-5
https://rubyplus.com/articles/4171-Authentication-from-Scratch-in-Rails-5
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Welcome to Rails.. Rails... Rails !

In 1995, I started the popular Clipper...Clipper... Clipper website (no blogs then) which was very popular and linked by virtually every Clipper-related site. When I switched to Windows via Delphi in 1997, I started the Delphi... Delphi... Delphi site. In June 2007, I discovered Ruby on Rails and no prize for guessing what I am gonna name this blog. which I started on 2nd October 2007.

As at 10th June 2010, we have 13,364 unique visitors from more than 84 countries such as Angola, Andorra, Argentina, Australia, Austria, Algeria,Barbados, Bosnia and Herzogovina, Belgium, Brazil, Bulgaria, Bangladesh, Belarus, Bolivia, Chile, Cambodia, Cape Vede, Canada, China, Colombia, Costa Rica, Croatia, Cyprus, Czech Republic, Denmark, Egypt, Estonia, Finland, France, Guadeloupe, Guatemala, Germany, Greece, Hong Kong, Hungary, India, Indonesia, Ireland, Israel, Italy, Japan, Kenya, Korea, Lithuania, Latvia, Malaysia, Mexico, Macao, Netherlands, Nepal, Norway, New Zealand, Oman, Panama, Peru, Poland, Portugal,Paraguay , Philippines, Romania, Russian Federation, Saudi Arabia, Singapore, Spain, Slovakia, Slovenia, Serbia, South Korea, Slovenia, South Africa, Spain, Switzerland, Sri Lanka, Sweden, Taiwan, Thailand, Turkey, United Arab Emirates, Ukraine, USA, UK, Venezuela, Vietnam

CCH
10th June 2010, 19:42