Module: Authentication::ByPassword::ModelClassMethods
- Defined in:
- lib/branston/vendor/plugins/restful_authentication/lib/authentication/by_password.rb
Overview
Class Methods
Instance Method Summary collapse
-
#password_digest(password, salt) ⇒ Object
This provides a modest increased defense against a dictionary attack if your db were ever compromised, but will invalidate existing passwords.
Instance Method Details
#password_digest(password, salt) ⇒ Object
This provides a modest increased defense against a dictionary attack if your db were ever compromised, but will invalidate existing passwords. See the README and the file config/initializers/site_keys.rb
It may not be obvious, but if you set REST_AUTH_SITE_KEY to nil and REST_AUTH_DIGEST_STRETCHES to 1 you’ll have backwards compatibility with older versions of restful-authentication.
30 31 32 33 34 35 36 |
# File 'lib/branston/vendor/plugins/restful_authentication/lib/authentication/by_password.rb', line 30 def password_digest(password, salt) digest = REST_AUTH_SITE_KEY REST_AUTH_DIGEST_STRETCHES.times do digest = secure_digest(digest, salt, password, REST_AUTH_SITE_KEY) end digest end |