Hi,
I have user add/edit forms.While creating a user I tried the following
method to encrypt password and stored the encrypted password in the
table.
def self.sha1(pass)
Digest::SHA1.hexdigest("#{salt}--#{pass}--")
end
But when I try to edit the page I get the encrypted password in the
password field instead of the decrypted password. Is there any method
to decrypt the stored password.
Thanks.
Sainaba.
--
Posted via http://www.ruby-forum.com/.
Nope! That''s why the digest works so well as an encrypted password. You probably don''t want to edit the password as much as request Old/New/Confirmed-new to verify that the Old produces the same digest as what is stored, then save your New (assuming validates_confirmation_of, that is). -Rob At 1/23/2006 06:35 AM, you wrote:>Hi, > >I have user add/edit forms.While creating a user I tried the following >method to encrypt password and stored the encrypted password in the >table. > >def self.sha1(pass) > Digest::SHA1.hexdigest("#{salt}--#{pass}--") > end > > But when I try to edit the page I get the encrypted password in the >password field instead of the decrypted password. Is there any method >to decrypt the stored password. > >Thanks. >Sainaba. > >-- >Posted via http://www.ruby-forum.com/. >_______________________________________________ >Rails mailing list >Rails@lists.rubyonrails.org >http://lists.rubyonrails.org/mailman/listinfo/rails-------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060123/0415209c/attachment.html
You might look at sentry which does both encryption/decryption. http://sentry.rubyforge.org/ -bakki kudva On 1/23/06, sainaba sainu <sainaba@qburst.com> wrote:> > Hi, > > I have user add/edit forms.While creating a user I tried the following > method to encrypt password and stored the encrypted password in the > table. > > def self.sha1(pass) > Digest::SHA1.hexdigest("#{salt}--#{pass}--") > end > > But when I try to edit the page I get the encrypted password in the > password field instead of the decrypted password. Is there any method > to decrypt the stored password. > > Thanks. > Sainaba. > > -- > Posted via http://www.ruby-forum.com/. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >-------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060124/e54e389f/attachment.html
Sainaba Sainu wrote:> Hi, > > I have user add/edit forms.While creating a user I tried the following > method to encrypt password and stored the encrypted password in the > table. > > def self.sha1(pass) > Digest::SHA1.hexdigest("#{salt}--#{pass}--") > end > > But when I try to edit the page I get the encrypted password in the > password field instead of the decrypted password. Is there any method > to decrypt the stored password. > > Thanks. > Sainaba.YES. just add this line before "def self.sha1(pass)..." before_update :crypt_password -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---