abdullah/til
1
0
Fork 0
mirror of https://github.com/jbranchaud/til synced 2026-01-04 23:58:01 +00:00
Code Issues Projects Releases Wiki Activity

Add Secure Passwords With Rails And Bcrypt as a rails til

Browse Source
This commit is contained in:
jbranchaud
2019-02-05 11:38:04 -06:00
parent ee363335f7
commit eceb1ffa9e
2 changed files with 36 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -10,7 +10,7 @@ smart people at [Hashrocket](http://hashrocket.com/).
For a steady stream of TILs from a variety of rocketeers, checkout
[til.hashrocket.com](https://til.hashrocket.com/).
_758 TILs and counting..._
_759 TILs and counting..._
---
@@ -481,6 +481,7 @@ _758 TILs and counting..._
- [Remove The Default Value On A Column](rails/remove-the-default-value-on-a-column.md)
- [Rescue From](rails/rescue-from.md)
- [Retrieve An Object If It Exists](rails/retrieve-an-object-if-it-exists.md)
- [Secure Passwords With Rails And Bcrypt](rails/secure-passwords-with-rails-and-bcrypt.md)
- [Select A Select By Selector](rails/select-a-select-by-selector.md)
- [Select Value For SQL Counts](rails/select-value-for-sql-counts.md)
- [Set Schema Search Path](rails/set-schema-search-path.md)

34
rails/secure-passwords-with-rails-and-bcrypt.md Normal file
View File

@@ -0,0 +1,34 @@
# Secure Passwords With Rails And Bcrypt
If you are using [`bcrypt`](https://github.com/codahale/bcrypt-ruby) (at
least version 3.1.7), then you can easily add secure password functionality
to an
[ActiveRecord](https://github.com/rails/rails/tree/master/activerecord)
model. First, ensure that the table backing the model has a
`password_digest` column. Then add
[`has_secure_password`](https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html)
to your model.
```ruby
class User < ActiveRecord::Base
has_secure_password
# other logic ...
end
```
You can now instantiate a `User` instance with any required fields as well
as `password` and `password_confirmation`. As long as `password` and
`password_confirmation` match then an encrypted `password_digest` will be
created and stored. You can later check a given password for the user using
the `authenticate` method.
```ruby
user = User.find_by(email: user_params[:email])
if(user.authenticate(user_params[:password]))
puts 'That is the correct password!'
else
puts 'That password did not match!'
end
```