Want more GoRails?

GoRails is packed full with 719 lessons just like this one.

Sign up to get full access or log in to your account and sit back.

Unlock this lesson
Log In

Authenticate By & Password Challenge Methods In Rails 7.1

September 20, 2023

ActiveModel
ActiveRecord
Track your progress

Sign in to track your progress and access subscription-only lessons.

Log In

Your Teacher

Collin Jilbert

Ruby on Rails Developer | Lover of Music | Skateboarder | Proud Papa | Co-editor @therubyradar | Launched @fleur_de_ruby

About This Episode

Has secure password is boasting some new benefits in Rails 7.1 with the addition of the authenticate_by method which reduces timing-based enumeration attack vulnerabilities. Also being introduced is the ability to provide a required password challenge.

Notes

Resources

Here is the commit which introduced the authenticate_by method along with the method as it currently stands on main

Here is the comment section which speaks about the password_challenge or XXX_challenge (the _challenge method is dynamically defined based on the attribute name you pass to has_secure_password

Want to stay up-to-date with Ruby on Rails?

Join 86,796+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.