從穩定身份驗證遷移到設計

Question

許多Rails 2.3應用程序都使用了Restful Authentication，但該插件似乎對Rails 3有一些問題。在升級到Rails 3時，我一直在使用Devise。有沒有什麼辦法可以平穩地從Restful Authentication過渡到Devise？有沒有人做過顯示如何更新用戶模型的遷移？

Answer 1

我已將我的應用程序從Restful Authentication更新爲Devise。這裏是我的遷移：

class AlterUsersForDevise < ActiveRecord::Migration 
    def self.up 
    remove_column :users, :name 
    change_column :users, :email, :string, :default => "", :null => false, :limit => 128 
    rename_column :users, :crypted_password, :encrypted_password 
    change_column :users, :encrypted_password, :string, :limit => 128, :default => "", :null => false 
    rename_column :users, :salt, :password_salt 
    change_column :users, :password_salt, :string, :default => "", :null => false, :limit => 255 
    add_column :users, :reset_password_token, :string 
    change_column :users, :remember_token, :string, :limit => 255 
    rename_column :users, :remember_token_expires_at, :remember_created_at 

    add_column :users, :sign_in_count, :integer, :default => 0 
    add_column :users, :current_sign_in_at, :datetime 
    add_column :users, :last_sign_in_at, :datetime 
    add_column :users, :current_sign_in_ip, :string 
    add_column :users, :last_sign_in_ip, :string 

    rename_column :users, :activation_code, :confirmation_token 
    change_column :users, :confirmation_token, :string, :limit => 255 
    rename_column :users, :activated_at, :confirmed_at 

    add_column :users, :confirmation_sent_at, :datetime 
    end 

    def self.down 
    add_column :users, :name, :string, :limit => 100, :default => "" 
    rename_column :users, :encrypted_password, :crypted_password 
    change_column :users, :crypted_password, :string, :limit => 40 
    rename_column :users, :password_salt, :salt 
    change_column :users, :salt, :string, :limit => 40 
    remove_column :users, :reset_password_token 
    change_column :users, :remember_token, :string, :limit => 40 
    rename_column :users, :remember_created_at, :remember_token_expires_at 

    remove_column :users, :sign_in_count 
    remove_column :users, :current_sign_in_at 
    remove_column :users, :last_sign_in_at 
    remove_column :users, :current_sign_in_ip 
    remove_column :users, :last_sign_in_ip 

    rename_column :users, :confirmation_token, :activation_code 
    change_column :users, :confirmation_token, :string, :limit => 40 
    rename_column :users, :confirmed_at, :activated_at 

    remove_column :users, :confirmation_sent_at 
    end 
end 

我的應用程序目前還沒有生活。所以我使用Devise的密碼加密，而不是Restful Authorization的加密。如果您的應用程序已處於活動狀態並且擁有活動用戶，則應將Devise配置爲使用來自Restful Authentication的SHA1來解密和解密密碼。否則，所有用戶都必須申請一個新密碼。

您可以在設計初始值設定項中對此進行配置。

希望幫助...

Answer 2

我是有密碼的加密問題（但我找到了答案，看到我的其他響應）。舊的應用程序使用舊版本的Restful Authentication。據處理口令加密，像這樣：

# before filter 
def encrypt_password 
    return if password.blank? 
    self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record? 
    self.crypted_password = encrypt(password) 
end 

# Encrypts some data with the salt. 
def self.encrypt(password, salt) 
    Digest::SHA1.hexdigest("--#{salt}--#{password}--") 
end 

# Encrypts the password with the user salt 
def encrypt(password) 
    self.class.encrypt(password, salt) 
end 

如果我設置設計的config.encryptor到:restful_authentication_sha1這是行不通的。

Answer 3

這裏是如何克服密碼的問題：

你需要創建一個自定義加密，像這樣：

# /config/initializers/devise_encryptor.rb 
require "digest/sha1" 

module Devise 
    module Encryptors 
    class OldRestfulAuthentication < Base 
     def self.digest(password, stretches, salt, pepper) 
     Digest::SHA1.hexdigest("--#{salt}--#{password}--") 
     end 
    end 
    end 
end 

，然後選擇它devise.rb像這樣：

config.encryptor = :old_restful_authentication 

那應該這樣做！

Answer 4

這裏是從restful_authentication遷移一個很好的指導，制定

https://github.com/plataformatec/devise/wiki/How-To:-Migrate-from-restful_authentication-to-Devise

原因編輯：之前鏈接了鄉親到一個空白頁。

Answer 5

在我的情況下，它的工作原理（analized authentication.rb和by_password.rb在老寶石restful_authentication）：

配置/初始化/ devise.rb補充一點：

config.encryptor = :restful_authentication 
config.stretches = 10 #REST_AUTH_DIGEST_STRETCHES frome Restful Authentication file config/initializers/site_key.rb 
config.pepper = 'mashauronilavrechkumyachik' #REST_AUTH_SITE_KEY frome Restful Authentication file config/initializers/site_key.rb 

app/models/user.rb add：可加密

devise :database_authenticatable, :registerable, 
     :recoverable, :rememberable, :trackable, :validatable, 
     :encryptable, :omniauthable, :authentication_keys => [:login] 

配置/初始化/ devise_encryptor.rb本該創造：

# -*- encoding : utf-8 -*- 
require "digest/sha1" 

module Devise 
    module Encryptable 
    module Encryptors 
     class RestfulAuthentication < Base 

     def self.digest(password, stretches, salt, pepper) 
      digest = pepper 
      stretches.times do 
      digest = secure_digest(digest, salt, password, pepper) 
      end 
      digest 
     end 

     def self.secure_digest(*args) 
      Digest::SHA1.hexdigest(args.flatten.join('--')) 
     end 

     def self.encrypt_password 
      return if password.blank? 
      self.password_salt = make_token if new_record? 
      self.encrypted_password = encrypt(password) 
     end 

     def self.make_token 
      secure_digest(Time.now, (1..10).map{ rand.to_s }) 
     end 

     def self.encrypt(password) 
      self.password_digest(password, stretches, salt, pepper) 
     end 
     end 
    end 
    end 
end