Merge pull request #12339 from tjschuck/bcrypt_cost_attr

Use bcrypt's public cost attr instead of internal constant
author: Jeremy Kemper <jeremy@bitsweat.net> 2013-10-10 09:11:05 -0700
committer: Jeremy Kemper <jeremy@bitsweat.net> 2013-10-10 09:11:05 -0700
commit: a8a33ac663fce963a59517132c1154f43e9a85ad (patch)
tree: 15b3adf8d41331c8366ef7666127d0b5ffc7f8ab /activemodel
parent: 9dbd208562ccd3d68009a72d37cbfe29b94f98c4 (diff)
parent: 5d7b413d84e5858dba50e716c31981b42c40aba6 (diff)
download: rails-a8a33ac663fce963a59517132c1154f43e9a85ad.tar.gz
rails-a8a33ac663fce963a59517132c1154f43e9a85ad.tar.bz2
rails-a8a33ac663fce963a59517132c1154f43e9a85ad.zip
3 files changed, 13 insertions, 1 deletions
diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md
index eb21b69163..e8602ecbcf 100644
--- a/activemodel/CHANGELOG.md
+++ b/activemodel/CHANGELOG.md
@@ -1,3 +1,7 @@
+*   Fix `has_secure_password` to honor bcrypt-ruby's cost attribute.
+
+    *T.J. Schuck*
+
 *   Updated the `ActiveModel::Dirty#changed_attributes` method to be indifferent between using
     symbols and strings as keys.
 
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb
index 17fafe4be9..f87c36e39e 100644
--- a/activemodel/lib/active_model/secure_password.rb
+++ b/activemodel/lib/active_model/secure_password.rb
@@ -103,7 +103,7 @@ module ActiveModel
       def password=(unencrypted_password)
         unless unencrypted_password.blank?
           @password = unencrypted_password
-          cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine::DEFAULT_COST
+          cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
           self.password_digest = BCrypt::Password.create(unencrypted_password, cost: cost)
         end
       end
diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb
index 98e5c747d5..41d0b2263e 100644
--- a/activemodel/test/cases/secure_password_test.rb
+++ b/activemodel/test/cases/secure_password_test.rb
@@ -82,6 +82,14 @@ class SecurePasswordTest < ActiveModel::TestCase
     assert_equal BCrypt::Engine::DEFAULT_COST, @user.password_digest.cost
   end
 
+  test "Password digest cost honors bcrypt cost attribute when min_cost is false" do
+    ActiveModel::SecurePassword.min_cost = false
+    BCrypt::Engine.cost = 5
+
+    @user.password = "secret"
+    assert_equal BCrypt::Engine.cost, @user.password_digest.cost
+  end
+
   test "Password digest cost can be set to bcrypt min cost to speed up tests" do
     ActiveModel::SecurePassword.min_cost = true
author	Jeremy Kemper <jeremy@bitsweat.net>	2013-10-10 09:11:05 -0700
committer	Jeremy Kemper <jeremy@bitsweat.net>	2013-10-10 09:11:05 -0700
commit	a8a33ac663fce963a59517132c1154f43e9a85ad (patch)
tree	15b3adf8d41331c8366ef7666127d0b5ffc7f8ab /activemodel
parent	9dbd208562ccd3d68009a72d37cbfe29b94f98c4 (diff)
parent	5d7b413d84e5858dba50e716c31981b42c40aba6 (diff)
download	rails-a8a33ac663fce963a59517132c1154f43e9a85ad.tar.gz rails-a8a33ac663fce963a59517132c1154f43e9a85ad.tar.bz2 rails-a8a33ac663fce963a59517132c1154f43e9a85ad.zip