我試圖實現一種方法,允許密碼從另一個服務之外的設計改變。Rails>設計密碼加密
# Profile password change
def change_password(oldpass, newpass)
pepper = nil
cost = 10
# Encrypt plain text passwords
encrypt_old = ::BCrypt::Password.create("#{oldpass}#{pepper}", :cost => cost).to_s
# Validate old
if self.encrypted_password == encrypt_old
encrypt_new = ::BCrypt::Password.create("#{newpass}#{pepper}", :cost => cost).to_s
self.encrypted_password = encrypt_new
self.save
else
Logger.new("Wrong old password!")
end
end
看來我得到了密碼加密錯誤oldpass包含舊密碼的明文,我需要它哈希看它是否匹配,那麼當前的密碼允許存儲新的密碼。然而,我所得到的是錯誤的密碼。
返工:
def change_password(oldpass, newpass)
if valid_password?(oldpass)
password = newpass
save
return true
else
return false
end
end
如果你使用的設計,那麼你就需要自己處理加密。設計默認使用加密:https://github.com/plataformatec/devise/blob/master/lib/generators/templates/devise.rb#L174 – joshhepworth 2013-03-26 21:04:10