我正在尝试验证“密码”的存在,但我不希望在我的数据库中有密码列...我将密码转换为密码盐。如何在没有密码列的情况下验证以前保存加密的密码是否存在?
SCHEMA:
migration "create users table" do
database.create_table :users do
primary_key :id
text :name
text :email
text :username
text :password_hash
text :password_salt
index :username, :unique => true
end
end
用户模特:
class User < Sequel::Model
require 'bcrypt'
def before_save
if password
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
def validate
super
validates_presence [:password,:email] if new?
validates_unique [:email]
end
def self.authenticate(email, password)
user = User.find(:email=>email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end
当我尝试验证密码的存在时,我得到了
NoMethodError: undefined method `password' for #<User @values={:email=>"foo@bar.com"}>
答案 0 :(得分:1)
好的,明白了......
我刚补充说:
attr_accessor :password
它在不尝试保存到密码列的情况下验证其存在。谢谢:))