Add Secure Passwords With Rails And Bcrypt as a rails til

2026-01-03 23:28:02 +00:00 · 2019-02-05 11:38:04 -06:00
parent ee363335f7
commit eceb1ffa9e
2 changed files with 36 additions and 1 deletions
--- a/rails/secure-passwords-with-rails-and-bcrypt.md
+++ b/rails/secure-passwords-with-rails-and-bcrypt.md
@@ -0,0 +1,34 @@
+# Secure Passwords With Rails And Bcrypt
+
+If you are using [`bcrypt`](https://github.com/codahale/bcrypt-ruby) (at
+least version 3.1.7), then you can easily add secure password functionality
+to an
+[ActiveRecord](https://github.com/rails/rails/tree/master/activerecord)
+model. First, ensure that the table backing the model has a
+`password_digest` column. Then add
+[`has_secure_password`](https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html)
+to your model.
+
+```ruby
+class User < ActiveRecord::Base
+  has_secure_password
+
+  # other logic ...
+end
+```
+
+You can now instantiate a `User` instance with any required fields as well
+as `password` and `password_confirmation`. As long as `password` and
+`password_confirmation` match then an encrypted `password_digest` will be
+created and stored. You can later check a given password for the user using
+the `authenticate` method.
+
+```ruby
+user = User.find_by(email: user_params[:email])
+
+if(user.authenticate(user_params[:password]))
+  puts 'That is the correct password!'
+else
+  puts 'That password did not match!'
+end
+```