From bcf4e4f2b02157cecc1f1727a95cdf5bfa471771 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Sat, 18 Dec 2010 13:38:05 -0800
Subject: Added ActiveRecord::Base#has_secure_password (via
 ActiveModel::SecurePassword) to encapsulate dead-simple password usage with
 SHA2 encryption and salting

---
 activerecord/CHANGELOG                 | 19 +++++++++++++++++++
 activerecord/lib/active_record/base.rb |  1 +
 2 files changed, 20 insertions(+)

(limited to 'activerecord')

diff --git a/activerecord/CHANGELOG b/activerecord/CHANGELOG
index 056de18cde..0f7e65e8cd 100644
--- a/activerecord/CHANGELOG
+++ b/activerecord/CHANGELOG
@@ -1,5 +1,24 @@
 *Rails 3.1.0 (unreleased)*
 
+* Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting [DHH]. Example:
+
+    # Schema: User(name:string, password_digest:string, password_salt:string)
+    class User < ActiveRecord::Base
+      has_secure_password
+    end
+    
+    user = User.new(:name => "david", :password => "secret", :password_confirmation => "nomatch")
+    user.save                                                      # => false, password not long enough
+    user.password = "mUc3m00RsqyRe"                                
+    user.save                                                      # => false, confirmation doesn't match
+    user.password_confirmation = "mUc3m00RsqyRe"                   
+    user.save                                                      # => true
+    user.authenticate("notright")                                  # => false
+    user.authenticate("mUc3m00RsqyRe")                             # => user
+    User.find_by_name("david").try(:authenticate, "notright")      # => nil
+    User.find_by_name("david").try(:authenticate, "mUc3m00RsqyRe") # => user
+
+
 * When a model is generated add_index is added by default for belongs_to or references columns 
 
   rails g model post user:belongs_to will generate the following:
diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb
index d0f33c1d18..858ccebbfa 100644
--- a/activerecord/lib/active_record/base.rb
+++ b/activerecord/lib/active_record/base.rb
@@ -1851,6 +1851,7 @@ MSG
     include ActiveModel::MassAssignmentSecurity
     include Callbacks, ActiveModel::Observing, Timestamp
     include Associations, AssociationPreload, NamedScope
+    include ActiveModel::SecurePassword
 
     # AutosaveAssociation needs to be included before Transactions, because we want
     # #save_with_autosave_associations to be wrapped inside a transaction.
-- 
cgit v1.2.3