search for: crypted_password

I admit I am stuck. I am converting a legacy php site to ROR. The old site uses MD5, a security flaw waiting to happen. I upgraded to AAA and am adding code in the session_controller.rb file to see if crypted_password is blank. If it is, crypt and check the password against the old md5 version and write it in the new crypted_password field. Here is my code add on before the logged_in?: def create # if no password use old md5 and fill in with sha2 user = User.find_by_login(params[:login]) if #{user....

I recently ran a migration to add the following to an existing user model: t.string "crypted_password" t.string "password_salt" t.string "persistence_token" There is an existing (cleartext) password field, but authlogic doesn''t seem to be reading that on existing accounts. As a result, all logins for existing accounts fail. How can I get authlogic to...

...ncrypts :password for a user model. It is a bare bones model just to test Sentry. I have password defined as ''text'' in the users table. I have openssl library installed on Debian Sarge. The secret key is defined in environment.rb. But when I submit the form I get undefined method `crypted_password='' Thanks, bakki

...ame, :within => 3..40 validates_length_of :email, :within => 3..100 validates_uniqueness_of :username, :email, :case_sensitive => false def has_pal?(pal) # self.pals.find(pal) ? true : false end #validate # errors.add_to_base("No password") if crypted_password.blank? # end # Authenticates a user by their username name and unencrypted password. Returns the user or nil. def self.authenticate(username, crypted_password) login = find_by_username(username) # need to get the salt if login expected_password = encrypted_password(crypted_passw...

The code that comes with the plugin uses a method that looks like this: def password_required? crypted_password.blank? or not password.blank? end with validations that look like this: validates_presence_of :password, :if => :password_required? validates_presence_of :password_confirmation, :if => :password_required? validates_length_of :password, :within =&g...

..._select "span.button a[onclick]" end after(:each) do `rm #{@registrant.pdf_file_path}` end end **** And here is what in various directories: spec/fixtures/partners.yml - which contains 2 yaml records: sponsor: id: 1 username: rtv email: rocky at example.com crypted_password: "c8e5b51b237344fe0e72539af0cac7197f094a5e933ffacf6e7fa612363c5933f520710c6427ac31fc4c68a2d7bb48eae601c74b96e7838f9ca1a0740b67576a" password_salt: "Y4PPzYx2ert3vC0OhEMo" name: Rocky organization: Rock The Vote url: http://rockthevote.com address: 123 Wherever city: W...

hi all, i''m learning rspec and i can''t figure out how to test if a callback is executed in a model. my model code is: class User < ActiveRecord::Base before_save :encrypt_password ... def encrypt(password) self.class.encrypt(password, salt) end thanks a lot, cs. -- Posted via http://www.ruby-forum.com/.

...ne. But I am not able to encrypt the password. I am doing like this:- user=User.find(1) user.password="password" user.save My users.rb as follows :- "acts_as_authentic do |c| c.transition_from_restful_authentication = true end" It is creating the entry in users table with crypted_password is equal to "password". How should I fix this? Any help appreciated? Thanks, Tushar Gandhi -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to...

...can''t save: > u = User.new(:email => ''user-n8tE+Mx9DRM@public.gmane.org'', :password => ''123456'', :password_confirmation => ''123456'') => #<User id: nil, login: nil, email: "user-n8tE+Mx9DRM@public.gmane.org", crypted_password: nil, salt: nil, created_at: nil, updated_at: nil, remember_token: nil, remember_token_expires_at: nil, activation_code: nil, activated_at: nil, is_seller: false> >> u.save => false Any clues as to how I could create a user without actually being sent to the user controller''s...

...here is the following code generated by the restful_authentication template @user.regster! if user.valid? And this will save and the user record if it is valid. I understand that the statemachine will then change the state from passive to pending. It will guard against this by validating that the crypted_password and password getters are not blank. This I understand. I am not seeing anything in the code that actually does an ActiveRecord::Base.save on it. restful_authentication seems to be pretty much just generated templates and I cannot find any code that saves the record and there doesn''t seem t...

Hi! i want to configure dovecot to use a modified passwdfile. A linie in this file looks like this: "username: <TAB> crypted_password" how i have to use the auth_userdb and auth_passwd command? Now i have: auth_userdb = passwd-file /path/file auth_passwd = passwd-file /path/file (same file) dovecot is starting normaly (i think) but a authentification test via telnet doesnt work. Any suggestions? Thanx a lot. Mirko

Hello, I''m trying to use the authlogic to make my login in my app. The problem is when I change my user model. user model: class User < ActiveRecord::Base attr_accessible :crypted_password, :email, :password_salt, :persistence_token, :username acts_as_authentic end create_users migration class CreateUsers < ActiveRecord::Migration def change create_table :users do |t| t.string :username t.string :email t.string :crypted_password t.string :password...

...g : # Encrypts some data with the salt. def self.encrypt(password, salt) Digest::SHA1.hexdigest("--#{salt}--#{password}--") end # Encrypts the password with the user salt def encrypt(password) self.class.encrypt(password, salt) end def authenticated?(password) crypted_password = encrypt(password) end def encrypt_password self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--# {login}--") if new_record? self.crypted_password = encrypt(password) end please do tell me...

I have a user model and a status model. Each user has a specific status (accepted, rejected, declined, etc). I have a form that allows the adminstrator to change certain options for a user, including their status. I''m using a drop down menu populated with the different status values, and a default option that says "Choose a new status" with a value of "". I want to

...ord::StatementInvalid in ''SessionsController on signout redirects me to the home page'' Mysql::Error: Incorrect datetime value: ''2008-09-13 21:22:52 UTC'' for column ''remember_token_expires_at'' at row 1: INSERT INTO `users` (`salt`, `updated_at`, `crypted_password`, `remember_token_expires_at`, `id`, `remember_token`, `login`, `created_at`, `email`) VALUES (''356a192b7913b04c54574d18c28d46e6395428ab'', ''2008-09-12 21:22:52'', ''6165929d552bca405be2db0bb538613c8bad7b08'', ''2008-09-13 21:22:52 UTC'&...

...3b6dbd @errors=#<ActiveRecord::Errors:0x1a1a1c6 @errors={}, @base=#<User: 0x3b6dbd ...>>, @attributes={"salt"=>"d580c223adee13c8723434e3987a0787ad124e5b", "updated_at"=>Wed Jul 18 02:47:19 BST 2007, "remember_token_expires_at"=>nil, "crypted_password"=>"78dfec22ed3e7418647c7e90e22d0e4e93c5f375", "id"=>6, "remember_token"=>nil, "email"=>"erv2-7Ts6kVb0ZJk@public.gmane.org", "login"=>"erv2", "created_at"=>Wed Jul 18 02:47:19 BST 2007}, @new_recor...

....org'', :conditions => {:state => ''passive''}) User Load (0.000409) SELECT * FROM `users` WHERE (`users`.`email` = ''foo-+RB1Aph5k6s@public.gmane.org'') LIMIT 1 => #<User id: 2, login: nil, email: "foo-+RB1Aph5k6s@public.gmane.org", crypted_password: nil, salt: nil, created_at: "2008-02-07 00:48:48", updated_at: "2008-02-07 00:48:48", remember_token: nil, remember_token_expires_at: nil, activation_code: nil, activated_at: nil, state: "passive", deleted_at: nil, password_reset_at: nil, forgot_password_code: nil, na...

I know how to avoid SQL injection attacks when you use :conditions User.find :first, :conditions => ["login=?", params[:username]] but how about with :order, :limit or :group? # uh-oh...spaghetti-oh User.find :first, :order => "login; delete from users; select * from users" Pat --~--~---------~--~----~------------~-------~--~----~ You received this message because you

...on Rails (coming from a PHP background) and I have a question about proper database design. Let me give you a quick example of what I want to do: Database: CREATE TABLE `users` ( `id` int(11) NOT NULL auto_increment, `login` varchar(40) default NULL, `email` varchar(100) default NULL, `crypted_password` varchar(40) default NULL, `salt` varchar(40) default NULL, `created_at` datetime default NULL, `updated_at` datetime default NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; CREATE TABLE `messages` ( `id` int(11) NOT NULL auto_increment, `message` text NOT NULL, `da...

Hello, I need to have this for :create and :login how do I do so validates_presence_of :login, :password, :password_confirmation, :user_name, :email, :on => :create I do need it to be off in a number of places though -- Posted via http://www.ruby-forum.com/.