similar to: MySQL syntax for self.authenticate

Hello all, I have a client with an older Rails 1.8 app (was recently upgraded from 1.6) and I need to integrate a php site to use the same user login creds. I''m not very versed with Ruby but I think this is the code that encrypts the password. [code] # Encrypts some data with the salt. def self.encrypt(password, salt) Digest::SHA1.hexdigest("--#{salt}--#{password}--")

Hey all, I understand that a def self.abc, for example, is a class method, which allows you to call its contents by just referencing model.abc (rather than model.new.abc). However, what is its role when located in a method inside a model like in the code below. Also in the code below, you see :: located in the method. Isn''t that used for modules and namespaces? If so, why is it located

Im still following the authorization recipe from the book, now all works fine but im getting trouble in how handle the model authorization result, if the user and pass are correct, it goes to a welcome screen(admin.rhtml) but if wrong the model prints a message in an ugly exception like page "usr and pass not correct", i want to redirect the user to the login

Hello everyone, I'm trying to make dovecot do user authentication against a SQL database. The passwords (managed by Django) are stored as salted SHA1 encoded in hex. I monkey patched Django's password method so that the password hash is made with <password><salt> (Django does <salt><password>, the patched method was verified to return same value as

I admit I am stuck. I am converting a legacy php site to ROR. The old site uses MD5, a security flaw waiting to happen. I upgraded to AAA and am adding code in the session_controller.rb file to see if crypted_password is blank. If it is, crypt and check the password against the old md5 version and write it in the new crypted_password field. Here is my code add on before the logged_in?: def

what i have done is as follows password = Digest::SHA1.hexdigest("#{salt}:#{password}") pass1 = Digest::SHA1.hexdigest("#{salt}:asdfgh") pass2 = Digest::SHA1.hexdigest("#{salt}:asdfgh") pass3 = Digest::SHA1.hexdigest("#{salt}:qwerty") puts pass1==pass2 puts pass1==pass3 This works fine but i need to get the decrypted password how can i get it any help is

Hi, I have user add/edit forms.While creating a user I tried the following method to encrypt password and stored the encrypted password in the table. def self.sha1(pass) Digest::SHA1.hexdigest("#{salt}--#{pass}--") end But when I try to edit the page I get the encrypted password in the password field instead of the decrypted password. Is there any method to decrypt

I'm trying to configure SSHA512 passwords and when testing discovered that they were not working as expected. At first i was using Centos 6.4 which doesn't have the glibc CRYPT newest functions ($6$salt$pass) so had to rollback to the Dovecot format ({SSHA512.HEX}saltedpassword+salt ) but I'm unable to let dovecot authenticate properly. Some logs and details: Apr 16 02:55:37

I created a simple registration form. One column doesn''t seem to be taking the input. I''ve yet to put in any validation or error checking. The column in the database is called ''level'' and is type ''int'' The controller method is fairly simple: def register c = User.new(params[:user]) c.save redirect_to :controller =>

Hello all, Thank you in advance for your help with this. I am trying to implement the user authentication method from Ruby Recipes which calls for the use of SHA 2. Here is the code for the password: def password=(pass) salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp self.password_salt, self.password_hash = salt, Digest::SHA256.hexdigest(pass + salt) end I open

I have most of my books open as I''m trying to create this app. Still not sure how to make this work - hopefully some help / hints can get me further. First I used the "authorizing users" recipe from Rails Recipes. Though I did add some more generic type of registration fields (email, address, etc). I want the registration form on the main page(index) of the site. What I have

I just got the rails recipes book and i couldnt be more happy, but inside the book there are some details, mostly typos but this one its one i cant fix, im following the Authorization recipe on page 128 i create the table and the model, the problem comes when i try to assign a password to a user in the console, here is the output: >> justin = User.create(:username =>

I''m in the process of creating a sign up form for an online application. The form collects account info, company info, and then info for an administrative user. The method looks like this: def create @account = Account.create!(params[:account]) @company = @account.companies.create!(params[:company]) @user = @company.users.create!(params[:user]) end However, this inevitably fails

Hi, I seem to have a split brain issue, but I cannot figure out where this is and what it is, can someone help me pls, I cant find what to fix here. ========== root at salt-001:~# salt gluster* cmd.run 'df -h' glusterp2.graywitch.co.nz: Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root

How do I find what "eafb8799-4e7a-4264-9213-26997c5a4693" is? https://docs.gluster.org/en/v3/Troubleshooting/gfid-to-path/ On May 21, 2018 3:22:01 PM PDT, Thing <thing.thing at gmail.com> wrote: >Hi, > >I seem to have a split brain issue, but I cannot figure out where this >is >and what it is, can someone help me pls, I cant find what to fix here. >

Hello everyone and Timo in particular, about a year ago I implemented a SHA-1 variant of the HMAC(-MD5) present in Dovecot. I had always disliked this a bit, because it replicates a lot of code. This patch generalizes the HMAC function to take a hash_method struct as parameter, and changes existing code which uses the "old" HMAC function to use this new one. I'm not really sure

Hello -- I would like to setup a system where a user can generate a "ticket". This ticket will be stored indefinitely. The ticket will be sent to someone who does not have an account on the system and therefore, I would like to ensure some level of security in that ticket number. Basically, the other user would receive an email like: --- Please click on the link below to view this

The idea of salted hash algorithms is to generate a different hash even if the same text is entered. That can be easily seen with dovecotpw: using NON-salted SHA256, same hash is generated for a given password [root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM= [root at correio ~]# dovecotpw -s SHA256 -p 123

Hello, I'm setting up a new server and, again, seek for a decently secure (from a security specialist's POV) way to store and verify user passwords in a database. Additionally now, GDPR requires me to use a solid state-of-the-art solution. My OS is Ubuntu 20.04, Dovecot version 2.3.7, database backend with PostgreSQL 12. Obviously, storing the plaintext password is a terrible idea.

Hi, Which version of gluster you are using? You can find which file is that using the following command find <brickpath> -samefile <brickpath/.glusterfs/<first two bits of gfid>/<next 2 bits of gfid>/<full gfid> Please provide the getfatr output of the file which is in split brain. The steps to recover from split-brain can be found here,