📝 Source code
# File activemodel/lib/active_model/secure_password.rb, line 149
def initialize(attribute)
attr_reader attribute
define_method("#{attribute}=") do |unencrypted_password|
if unencrypted_password.nil?
instance_variable_set("@#{attribute}", nil)
self.public_send("#{attribute}_digest=", nil)
elsif !unencrypted_password.empty?
instance_variable_set("@#{attribute}", unencrypted_password)
cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
self.public_send("#{attribute}_digest=", BCrypt::Password.create(unencrypted_password, cost: cost))
end
end
attr_accessor :"#{attribute}_confirmation", :"#{attribute}_challenge"
# Returns +self+ if the password is correct, otherwise +false+.
#
# class User < ActiveRecord::Base
# has_secure_password validations: false
# end
#
# user = User.new(name: 'david', password: 'mUc3m00RsqyRe')
# user.save
# user.authenticate_password('notright') # => false
# user.authenticate_password('mUc3m00RsqyRe') # => user
define_method("authenticate_#{attribute}") do |unencrypted_password|
attribute_digest = public_send("#{attribute}_digest")
attribute_digest.present? && BCrypt::Password.new(attribute_digest).is_password?(unencrypted_password) && self
end
# Returns the salt, a small chunk of random data added to the password before it's hashed.
define_method("#{attribute}_salt") do
attribute_digest = public_send("#{attribute}_digest")
attribute_digest.present? ? BCrypt::Password.new(attribute_digest).salt : nil
end
alias_method :authenticate, :authenticate_password if attribute == :password
end
🔎 See on GitHub