BCrypt: Can't validate passwords
I can't seem to get BCrypt to validate my passwords.
I'm trying to get back into rails with 7.
Can't seem to get passed password validation for my Admin:
As I understand it. It's a very straight forward process:
- Create and run db:migration Admin that has 'username', email & password_digest. All set to be strings.
- Uncomment BCrypt in the gemfile,
- run 'bundle install'
- in the Model file add 'has_secure_password'
- open rails console and create a new Admin. So far so good. I can see that the password is [Filtered] so I presume we're all good. However when I try to validate the password I always get the same error.
michael@LAPTOP-9C2OU27A:~/projects/rails/mctie$ rails c
Loading development environment (Rails 7.0.2.3)
irb(main):001:0> admin = Admin.new(username: 'screenbeam', email: 'screenbeam@screenbeam.com', password_digest: 'password')
=> #
irb(main):002:0> admin.save
TRANSACTION (0.3ms) BEGIN
Admin Exists? (0.7ms) SELECT 1 AS one FROM "admins" WHERE LOWER("admins"."username") = LOWER($1) LIMIT $2 [["username", "screenbeam"], ["LIMIT", 1]]
Admin Create (0.5ms) INSERT INTO "admins" ("username", "email", "password_digest", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5) RETURNING "id" [["username", "screenbeam"], ["email", "screenbeam@screenbeam.com"], ["password_digest", "[FILTERED]"], ["created_at", "2022-03-25 10:54:35.072350"], ["updated_at", "2022-03-25 10:54:35.072350"]]
TRANSACTION (9.8ms) COMMIT
=> true
irb(main):003:0> admin.authenticate('password')
/home/michael/.rbenv/versions/3.0.3/lib/ruby/gems/3.0.0/gems/bcrypt-3.1.17/lib/bcrypt/password.rb:60:in `initialize': invalid hash (BCrypt::Errors::InvalidHash)
Just got an answer to this from stackoverflow. I need to have both 'password' and 'password_digest' in my columns of the DB table. and I should only use the password, the password_digest is left alone (at least for this small scenario)