Does anyone know how I'd run plain text passwords through the authlogic hasing algorithm without using rails? It looks like the default for authlogic is sha512.
I have a database of plain text passwords (yes, I know... bad) and need to import them into a new DB that uses the authlogic setup.
This ruby script is outside of rails so I don't want to use the rails based authlogic commands.
I have
require 'authlogic'
in the ruby script
I'm new to ruby modules but was trying to call the password method like:
Authlogic::ActsAsAuthentic::Password::Methods::InstanceMethods.password('password_here')
I got a 'no password method' error from that, but there is a 'password' method under that stack of modules in the authlogic code.
Thanks!
I wouldn't just try and import them straight up, because remember you'll probably need to create the "salt" as well. You should just create a whole new "user" for each of your current ones:
User.create({:username => username, :email => email, :password => password, :password_confirmation => password })
and that way you'll know it's doing it the way authlogic intended. And as long as your User model is using authlogic, it'll use authlogic's methods to save the passwords.
You could use the
transition_from_crypto_providers
option to Authlogic.
Quoting from the documentation
Let's say you originally encrypted your passwords with Sha1. Sha1 is starting to join the party with MD5 and you want to switch to something stronger. No problem, just specify your new and improved algorithm with the crypt_provider option and then let Authlogic know you are transitioning from Sha1 using this option. Authlogic will take care of everything, including transitioning your users to the new algorithm. The next time a user logs in, they will be granted access using the old algorithm and their password will be resaved with the new algorithm. All new users will obviously use the new algorithm as well.
This way you can just import your old users with their existing passwords and they will be updated as users login.
Of course if you just want to use the crypto methodology from Authlogic, without any Rails stuff at all, just copy the code from http://github.com/binarylogic/authlogic/blob/master/lib/authlogic/crypto_providers/sha512.rb
Note on the answer above: Be sure to use script/console and then:
load 'ruby_script.rb'
to run it. I was trying to get this to work with irb and of course this wasn't working.
来源:https://stackoverflow.com/questions/2330994/rails-authlogic-password-hashing-algorithm-using-ruby-only