Authlogic: passwords saved in the DB are not working as expected.
Posted
by
user570459
on Stack Overflow
See other posts from Stack Overflow
or by user570459
Published on 2011-01-10T21:51:17Z
Indexed on
2011/01/10
21:53 UTC
Read the original article
Hit count: 155
ruby-on-rails3
|authlogic
Hello everyone, Im having trouble with authlogic on my production server. Im able to update passwords in the database but when i try to validate a user using the new password, the validation fails. Please check the below console output. Notice how the salt and crypted_password fields get update before and after the new password is saved.
The issue is only on my production server (running passenger). Everything works fine on my development machine.
=> #<User id: 3, login: "saravk", email: "[email protected]", crypted_password: "9bc86247105e940bb748ab680c0e77d9c44a82ea", salt: "WdVpQIdwl68k8lJWOU">
irb(main):003:0> u.password = "kettik123"
=> "kettik123"
irb(main):004:0> u.password_confirmation = "kettik123"
=> "kettik123"
irb(main):005:0> u.save!
=> true
irb(main):006:0> u.valid_password?("kettik123")
=> true
irb(main):007:0> u.reload
=> #<User id: 3, login: "saravk", email: "[email protected]", crypted_password: "f059007c56f498a12c63209c849c1e65bb151174", salt: "lVmmczhyGE0gxsbV421A">
irb(main):008:0> u.valid_password?("kettik123")
=> false
The authlogic configuration in my User model..
class User < ActiveRecord::Base
acts_as_authentic do |c|
c.login_field :email
c.validate_login_field false
c.validate_email_field false
c.perishable_token_valid_for = 1.day
c.disable_perishable_token_maintenance = true
end
I use the email field as the main key for the user. Also the email field is allowed to be blank in some cases (eg a facebook user)
Also i belive that my schema is proper (in terms of the length of the salt & crypted password fields)
create_table "users", :force => true do |t|
t.string "login"
t.string "email"
t.string "crypted_password", :limit => 128, :default => ""
t.string "salt",
Any help on this would be highly appreciated. Thanks.
© Stack Overflow or respective owner