Ask A Question

Notifications

You’re not receiving notifications from this thread.

BCrypt: Can't validate passwords

sweedledee asked in Rails

I can't seem to get BCrypt to validate my passwords.
I'm trying to get back into rails with 7.
Can't seem to get passed password validation for my Admin:

As I understand it. It's a very straight forward process:

  • Create and run db:migration Admin that has 'username', email & password_digest. All set to be strings.
  • Uncomment BCrypt in the gemfile,
  • run 'bundle install'
  • in the Model file add 'has_secure_password'
  • open rails console and create a new Admin. So far so good. I can see that the password is [Filtered] so I presume we're all good. However when I try to validate the password I always get the same error.

michael@LAPTOP-9C2OU27A:~/projects/rails/mctie$ rails c
Loading development environment (Rails 7.0.2.3)
irb(main):001:0> admin = Admin.new(username: 'screenbeam', email: 'screenbeam@screenbeam.com', password_digest: 'password')
=> #
irb(main):002:0> admin.save
TRANSACTION (0.3ms) BEGIN
Admin Exists? (0.7ms) SELECT 1 AS one FROM "admins" WHERE LOWER("admins"."username") = LOWER($1) LIMIT $2 [["username", "screenbeam"], ["LIMIT", 1]]
Admin Create (0.5ms) INSERT INTO "admins" ("username", "email", "password_digest", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5) RETURNING "id" [["username", "screenbeam"], ["email", "screenbeam@screenbeam.com"], ["password_digest", "[FILTERED]"], ["created_at", "2022-03-25 10:54:35.072350"], ["updated_at", "2022-03-25 10:54:35.072350"]]
TRANSACTION (9.8ms) COMMIT
=> true
irb(main):003:0> admin.authenticate('password')
/home/michael/.rbenv/versions/3.0.3/lib/ruby/gems/3.0.0/gems/bcrypt-3.1.17/lib/bcrypt/password.rb:60:in `initialize': invalid hash (BCrypt::Errors::InvalidHash)

Reply

Just got an answer to this from stackoverflow. I need to have both 'password' and 'password_digest' in my columns of the DB table. and I should only use the password, the password_digest is left alone (at least for this small scenario)

Reply
Join the discussion

Want to stay up-to-date with Ruby on Rails?

Join 74,071+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.

    Screencast tutorials to help you learn Ruby on Rails, Javascript, Hotwire, Turbo, Stimulus.js, PostgreSQL, MySQL, Ubuntu, and more. Icons by Icons8

    © 2023 GoRails, LLC. All rights reserved.