我正在尝试以此用户身份登录我的网络应用
mysql> SELECT*FROM users
-> ;
+----+----------+-----------------+----------+
| id | username | password_digest | initials |
+----+----------+-----------------+----------+
| 1 | Brett | brett | BK |
+----+----------+-----------------+----------+
1 row in set (0.00 sec)
但是一旦我这样做就会抛出这个错误:
BCrypt::Errors::InvalidHash (invalid hash):
显然我有一个用户名和密码,所以我不确定为什么我无法登录。我怀疑它与BCrypt gem有关,以及它如何接受密码但是我没有线索。有什么想法吗?
更新:我在服务器上找到了一个不同的数据库,我的凭据看起来像这样
mysql> SELECT*FROM users;
+----+----------+--------------------------------------------------------------+----------+
| id | username | password_digest | initials |
+----+----------+--------------------------------------------------------------+----------+
| 19 | Brett | $2a$10$isws6DQxsJHzxCOI11miDesJPCNcQN2vfSzmsVpivBx020UshmqHG | BK |
+----+----------+--------------------------------------------------------------+----------+
如何将密码设置为brett并使用数字和字母的这种疯狂组合出现在数据库中?我希望只使用命令行界面。
这是我的用户类:
class User < ApplicationRecord
attr_protected :id
has_secure_password
has_many :chats, dependent: :destroy
has_many :cnotes
has_one :permission, dependent: :destroy
validates :password, confirmation: true
validates :username, uniqueness: true
def to_param username end
def check_permission(permission)
self.permission[permission]
end
end
答案 0 :(得分:0)
使用<!DOCTYPE html>
<html>
<head>
<style>
/* Set the size of the div element that contains the map */
#map {
height: 400px; /* The height is 400 pixels */
width: 100%; /* The width is the width of the web page */
}
</style>
</head>
<body>
<h3>My Google Maps Demo</h3>
<!--The div element for the map -->
<div id="map"></div>
<script>
// Initialize and add the map
function initMap() {
// The location of Uluru
var uluru = {lat: -25.344, lng: 131.036};
// The map, centered at Uluru
var map = new google.maps.Map(
document.getElementById('map'), {zoom: 4, center: uluru});
// The marker, positioned at Uluru
var image = 'https://developers.google.com/maps/documentation/javascript/examples/full/images/beachflag.png';
var marker = new google.maps.Marker({position: uluru, map: map,icon: image});
}
</script>
<!--Load the API from the specified URL
* The async attribute allows the browser to render the page while the API loads
* The key parameter will contain your own API key (which is not needed for this tutorial)
* The callback parameter executes the initMap() function
-->
<script async defer
src="https://maps.googleapis.com/maps/api/js?callback=initMap">
</script>
</body>
</html>将对密码启用BCrypt加密。换句话说,密码不会以明文形式存储在您的数据库中;相反,它们将被加密,存储为has_secure_password,看起来像“疯狂的数字和字母组合”。这是一个 好 的东西!如果您的数据库遭到入侵,则第三方无法访问密码。
您可以在此处找到关于password_digest的文档:api.rubyonrails.org
要将密码设置为has_secure_password,您可以执行以下操作:
brett在注册期间的控制器中,这将类似于
user = User.find_by(username: 'Brett')
user.password = 'brett'
user.password_confirmation: 'brett'
user.save
然后,在登录时,您将使用def create
user = User.new user_params
if user.save
#do some stuff, redirect to a page for example redirect_to user
else
render "new"
end
end
private
def user_params
params.require(:user).permit(:username, :password, :password_confirmation)
end
方法验证用户输入的密码是否与数据库中存储的密码相匹配。