将现有密码哈希转换为Devise [英] Converting existing password hash to Devise

问题描述

我正在尝试将现有的管理模型转换为Devise。我们已经有一个密码哈希，但显然不是Devise兼容的。我想做的是接受登录表单，并根据加密的密码检查提供的密码。如果不正确，请使用旧哈希来检查密码，如果匹配，请清空旧的password_hash字段，并将Devise的密码设置为提供的密码并保存模型。

I'm trying to convert an existing Admin model to Devise. We already have a password hash but it's obviously not Devise compatible. What I would like to do is accept the login form and check the provided password against the encrypted password. If it's not correct, use the old hash to check the password and if it matches, empty the old password_hash field and set Devise's password to the provided password and save the model.

前进的最好方法是什么？我怀疑我需要重写一些东西，也许在一个自定义控制器中，但是我并不完全确定如何继续。

What's the best way to move forward? I suspect that I need to override something, perhaps in a custom controller, but I'm not entirely sure how to proceed.

推荐答案

您可以让Devise用新的密码方案进行加密密码的辛勤工作，如 https：/ /gist.github.com/1704632 ：

You can let Devise do the "hard work" of encrypting the password with the new crypt scheme, as shown in https://gist.github.com/1704632:

class User < ActiveRecord::Base
  alias :devise_valid_password? :valid_password?

  def valid_password?(password)
    begin
      super(password)
    rescue BCrypt::Errors::InvalidHash
      return false unless Digest::SHA1.hexdigest(password) == encrypted_password
      logger.info "User #{email} is using the old password hashing method, updating attribute."
      self.password = password
      true
    end
  end
end

这篇关于将现有密码哈希转换为Devise的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！