Want more GoRails?

GoRails is packed full with 675 lessons just like this one.

Sign up to get full access or log in to your account and sit back.

Authenticate By & Password Challenge Methods In Rails 7.1

Track your progress

Sign in to track your progress and access subscription-only lessons.

Log In

Your Teacher

Collin Jilbert

Ruby on Rails Developer | Lover of Music | Skateboarder | Proud Papa | Co-editor @therubyradar | Launched @fleur_de_ruby

About This Episode

Has secure password is boasting some new benefits in Rails 7.1 with the addition of the authenticate_by method which reduces timing-based enumeration attack vulnerabilities. Also being introduced is the ability to provide a required password challenge.



Here is the commit which introduced the authenticate_by method along with the method as it currently stands on main

Here is the comment section which speaks about the password_challenge or XXX_challenge (the _challenge method is dynamically defined based on the attribute name you pass to has_secure_password

Want to stay up-to-date with Ruby on Rails?

Join 81,149+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more.

    © 2024 GoRails, LLC. All rights reserved.