Hi all, I would like to get feedback on a proposal for ActiveModel::SecurePassword before I send a PR: Currently, ActiveModel::SecurePassword has a class method #min_cost which can be set to true/false - false by default. When true, cost is set to MIN_COST of 4 and false it is set to DEFAULT_COST of 10. BCrypt''s cost factor can be set from 1 to 31. I''d like to propose deprecating #min_cost in favor of just #cost. The cost class method would have a default value of 10, keeping consistency. This would then allow developers to have more control on setting the cost, depending on the application in which they''re building. An example would be setting the cost to 1 for tests (as devise does) or to something higher than 10 for an application that requires it. Thoughts or concerns? Thanks! Robert -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-core/-/MDs5N8aB4EMJ. To post to this group, send email to rubyonrails-core@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-core+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.
min_cost doesn''t need to be deprecated, since it was just added to master. I think it''s fine for it to be a cost number, similar to devise, though, but others might have different opinions on that. On Wed, Nov 28, 2012 at 8:29 PM, Robert Evans <robert@codewranglers.org>wrote:> devise-- At. Carlos Antonio -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to rubyonrails-core@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-core+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.
I think it is fine too Rafael Mendonça França http://twitter.com/rafaelfranca https://github.com/rafaelfranca On Wed, Nov 28, 2012 at 8:42 PM, Carlos Antonio da Silva < carlosantoniodasilva@gmail.com> wrote:> min_cost doesn''t need to be deprecated, since it was just added to master. > I think it''s fine for it to be a cost number, similar to devise, though, > but others might have different opinions on that. > > On Wed, Nov 28, 2012 at 8:29 PM, Robert Evans <robert@codewranglers.org>wrote: > >> devise > > > > > -- > At. > Carlos Antonio > > -- > You received this message because you are subscribed to the Google Groups > "Ruby on Rails: Core" group. > To post to this group, send email to rubyonrails-core@googlegroups.com. > To unsubscribe from this group, send email to > rubyonrails-core+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/rubyonrails-core?hl=en. >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to rubyonrails-core@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-core+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.
I opened a PR of the implementation and some dialog on what I think would be even better: https://github.com/rails/rails/pull/8408 On Wednesday, November 28, 2012 2:29:13 PM UTC-8, Robert Evans wrote:> > Hi all, > > I would like to get feedback on a proposal for ActiveModel::SecurePassword > before I send a PR: > > Currently, ActiveModel::SecurePassword has a class method #min_cost which > can be set to true/false - false by default. When true, cost is set to > MIN_COST of 4 and false it is set to DEFAULT_COST of 10. > > BCrypt''s cost factor can be set from 1 to 31. > > I''d like to propose deprecating #min_cost in favor of just #cost. The cost > class method would have a default value of 10, keeping consistency. This > would then allow developers to have more control on setting the cost, > depending on the application in which they''re building. > > An example would be setting the cost to 1 for tests (as devise does) or to > something higher than 10 for an application that requires it. > > Thoughts or concerns? > > Thanks! > > Robert > >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-core/-/qTh7K52W3GEJ. To post to this group, send email to rubyonrails-core@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-core+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.