我之前已在我的网站上实施Authlogic授权。现在我希望切换到使用Devise,我想知道是否有人对此有任何经验。也许有人看过关于这个主题的博客文章?
谢谢。
答案 0 :(得分:48)
我自己最近从Authlogic切换到Devise,也没找到任何文章。但是,在简单的情况下,一旦你抛弃了所有的user_session和其他与authlogic相关的代码,主要的工作就是将你的旧用户表转换为设计所期望的格式。
我的旧桌子看起来像这样:
Column | Type | Modifiers
-------------------+--------------------------+----------------------------------------------------
id | integer | not null default nextval('users_id_seq'::regclass)
login | character varying(256) | not null
password | character varying(64) | not null
created_at | timestamp with time zone | not null
updated_at | timestamp with time zone | not null
persistence_token | character varying(255) | not null
Indexes:
"users_pkey" PRIMARY KEY, btree (id)
"index_users_on_persistence_token" UNIQUE, btree (persistence_token)
"users_login_key" UNIQUE, btree (login)
我确定该表必须至少包含以下设计信息(启用了许多可选功能):
id | integer | not null default nextval('contributors_id_seq'::regclass)
email | character varying(255) | not null default ''::character varying
encrypted_password | character varying(128) | not null default ''::character varying
password_salt | character varying(255) | not null default ''::character varying
confirmation_token | character varying(255) |
confirmed_at | timestamp without time zone |
confirmation_sent_at | timestamp without time zone |
reset_password_token | character varying(255) |
remember_token | character varying(255) |
remember_created_at | timestamp without time zone |
sign_in_count | integer | default 0
current_sign_in_at | timestamp without time zone |
last_sign_in_at | timestamp without time zone |
current_sign_in_ip | character varying(255) |
last_sign_in_ip | character varying(255) |
failed_attempts | integer | default 0
unlock_token | character varying(255) |
locked_at | timestamp without time zone |
created_at | timestamp without time zone |
updated_at | timestamp without time zone |
所以我在迁移类
中定义了一个简单的activerecord类 class ConversionUser < ActiveRecord::Base
set_table_name "users"
end
然后这是我最终使用的“up”迁移代码(使用PostgreSQL):
add_column :users, :email, :string, :limit => 255
execute "UPDATE users SET email = login || '@somedomain.net'"
execute "ALTER TABLE users ALTER email SET NOT NULL"
add_column :users, :encrypted_password, :string, :limit => 128
add_column :users, :password_salt, :string, :limit => 255
require 'devise/encryptors/bcrypt'
ConversionUser.find(:all).each do |u|
password_salt = Devise::Encryptors::Bcrypt.salt(Devise.stretches)
u.update_attributes!(:password_salt => password_salt,
:encrypted_password => Devise::Encryptors::Bcrypt.digest(u.password, Devise.stretches, password_salt, Devise.pepper))
end
add_column :users, :confirmation_token, :string, :limit => 255
add_column :users, :confirmed_at, :timestamp
add_column :users, :confirmation_sent_at, :timestamp
execute "UPDATE users SET confirmed_at = created_at, confirmation_sent_at = created_at"
add_column :users, :reset_password_token, :string, :limit => 255
add_column :users, :remember_token, :string, :limit => 255
add_column :users, :remember_created_at, :timestamp
add_column :users, :sign_in_count, :integer, :default => 0
add_column :users, :current_sign_in_at, :timestamp
add_column :users, :last_sign_in_at, :timestamp
add_column :users, :current_sign_in_ip, :string, :limit => 255
add_column :users, :last_sign_in_ip, :string, :limit => 255
add_column :users, :failed_attempts, :integer, :default => 0
add_column :users, :unlock_token, :string, :limit => 255
add_column :users, :locked_at, :timestamp
remove_column :users, :password
remove_column :users, :persistence_token
add_index :users, :email, :unique => true
add_index :users, :confirmation_token, :unique => true
add_index :users, :reset_password_token, :unique => true
add_index :users, :unlock_token, :unique => true
请注意,这里我已将普通密码列转换为Devise的bcrypt加密列 - 如果您使用Authlogic加密密码,那么您可能只想重命名该列(如有必要)和在config/initializers/devise.rb
中选择正确的加密器模块。
作为参考,我的User模型中的“devise”子句如下所示:
devise :database_authenticatable, :registerable, :recoverable,
:rememberable, :trackable, :validatable, :confirmable, :lockable,
:timeoutable, :authentication_keys => [ :login ]
请注意,覆盖这样的:authentication_keys
以便用户使用他们的登录而不是他们的电子邮件地址登录时,我需要修改一些设计视图:rails generate devise:views
,然后编辑文件。
希望这会有所帮助。祝你好运!
答案 1 :(得分:21)
但我有一个不同版本的authlogic加密密码,我最后的升级是:
rename_column :users, :crypted_password, :encrypted_password
add_column :users, :confirmation_token, :string, :limit => 255
add_column :users, :confirmed_at, :timestamp
add_column :users, :confirmation_sent_at, :timestamp
execute "UPDATE users SET confirmed_at = created_at, confirmation_sent_at = created_at"
add_column :users, :reset_password_token, :string, :limit => 255
add_column :users, :remember_token, :string, :limit => 255
add_column :users, :remember_created_at, :timestamp
rename_column :users, :login_count, :sign_in_count
rename_column :users, :current_login_at, :current_sign_in_at
rename_column :users, :last_login_at, :last_sign_in_at
rename_column :users, :current_login_ip, :current_sign_in_ip
rename_column :users, :last_login_ip, :last_sign_in_ip
rename_column :users, :failed_login_count, :failed_attempts
add_column :users, :unlock_token, :string, :limit => 255
add_column :users, :locked_at, :timestamp
remove_column :users, :persistence_token
remove_column :users, :perishable_token
remove_column :users, :single_access_token
add_index :users, :email, :unique => true
add_index :users, :confirmation_token, :unique => true
add_index :users, :reset_password_token, :unique => true
add_index :users, :unlock_token, :unique => true
..它对MySQL很有用。
答案 2 :(得分:6)
如果您在用户登录时遇到“无效哈希”错误,请在用户模型中添加:encryptable。 我已经从authlogic迁移到了devise。我的数据库是MySQL。
答案 3 :(得分:5)
如果您遇到加密错误,请尝试在devise.rb
config:
config.stretches = 20
config.encryptor = :authlogic_sha512