将密码迁移到Devise [英] Migrating passwords to Devise

问题描述

我将迁移用户数据库从PHP迁移到Rails。我已经安装了Devise Gem，它现在工作得很好。另外，我已经找到一个提示如何迁移现有用户的密码到Rails
我已经将旧密码添加到相同的 encrypted_pa​​ssword 字段，因为Devise保持，所以当devise失败检查旧密码：

 ＃user.rb 
 def valid_password？（password）
如果encrypted_pa​​ssword.blank返回false？ 
 require'digest / sha1'
 password_salt ='my_php_framework_salt'
 Devise.secure_compare（Digest :: SHA1.hexdigest（password_salt + password），self.encrypted_pa​​ssword）
 end 
  

它允许使用旧密码登录，但不适用于新用户的原始Devise密码。我认为这个 valid_password？方法应该返回true 用于设计密码。如何解决这个问题？

解决方案

我相信如果你手动填写'my_php_framework_salt'到旧用户的db行，然后刚刚使用：

self.password_salt 而不是 password_salt 它会工作。

我记得ruby返回函数中最后一行的结果。 Devise.secure_compare 应该返回一个bool，这意味着 valid_password？也会返回一个布尔值。

简而言之：

  require'digest / sha1'
 
＃... 
 
 def valid_password？（password）
如果encrypted_pa​​ssword.blank，返回false？ 
 Devise.secure_compare（Digest :: SHA1.hexdigest（self.password_salt + password），self.encrypted_pa​​ssword）
 end 
  

I'm migration users database from PHP to Rails. I have already instaled Devise Gem and it is working well now. Also, I have found a hint how to migrate existing users' passwords to Rails I have added old passwords to same encrypted_password field as Devise holds, so when devise fails to auth, checking for old password:

# user.rb      
def valid_password?(password)
  return false if encrypted_password.blank?
  require 'digest/sha1'
  password_salt = 'my_php_framework_salt'
  Devise.secure_compare(Digest::SHA1.hexdigest(password_salt+password), self.encrypted_password)
end

It allows to login with old passwords, but doesn't work with original Devise passwords for new users. I think this valid_password? method should return true for devise passwords. How to fix this?

解决方案

I believe if you manually filled in 'my_php_framework_salt' into the db rows for old users then just used:

self.password_salt instead of password_salt it would work.

As I remember ruby returns the result of the last line in a function. Devise.secure_compare should return a bool, which means valid_password? would return a boolean as well.

In short:

require 'digest/sha1'  

# ...

def valid_password?(password)
  return false if encrypted_password.blank?
  Devise.secure_compare(Digest::SHA1.hexdigest(self.password_salt+password), self.encrypted_password)
end

这篇关于将密码迁移到Devise的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！