- BCrypt is active
- Model : has_secure_password
- Rails 7.0.2.3
- Ubuntu 20.04 via WSL2 Windows 10
I can create, but I can't authenticate the passwords. When trying this following in the Rails Console I end up with an invalid hash (last line):
irb(main):001:0> admin = Admin.new(username: 'screenbeam', email: '[email protected]', password_digest: 'password')
=> #<Admin:0x000055c2cc1fd080 id: nil, username: "screenbeam", email: "[email protected]", password_digest: "[FILTERED]", created_at: nil, updated_at: nil>
irb(main):002:0> admin.save
TRANSACTION (0.3ms) BEGIN
Admin Exists? (0.7ms) SELECT 1 AS one FROM "admins" WHERE LOWER("admins"."username") = LOWER($1) LIMIT $2 [["username", "screenbeam"], ["LIMIT", 1]]
Admin Create (0.5ms) INSERT INTO "admins" ("username", "email", "password_digest", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5) RETURNING "id" [["username", "screenbeam"], ["email", "[email protected]"], ["password_digest", "[FILTERED]"], ["created_at", "2022-03-25 10:54:35.072350"], ["updated_at", "2022-03-25 10:54:35.072350"]]
TRANSACTION (9.8ms) COMMIT
=> true
irb(main):003:0> admin.authenticate('password')
/home/michael/.rbenv/versions/3.0.3/lib/ruby/gems/3.0.0/gems/bcrypt-3.1.17/lib/bcrypt/password.rb:60:in `initialize': invalid hash (BCrypt::Errors::InvalidHash)
irb(main):004:0>
CodePudding user response:
You tried to set the hash directly...
password_digest: 'password'
Need to let has_secure_password
do its thing, and just set the password when creating the user...
Admin.new(username: 'screenbeam', email: '[email protected]', password: 'password')