Encryptable Module adds support to several encryptors.
Encryptable adds the following options to devise_for:
* +pepper+: a random string used to provide a more secure hash. * +encryptor+: the encryptor going to be used. By default is nil.
User.find(1).valid_password?('password123') # returns true/false
# File lib/devise/models/encryptable.rb, line 33 def authenticatable_salt self.password_salt end
Generates password salt.
# File lib/devise/models/encryptable.rb, line 28 def password=(new_password) self.password_salt = self.class.password_salt if new_password.present? super end
Verifies whether an incoming_password (ie from sign in) is the user password.
# File lib/devise/models/encryptable.rb, line 38 def valid_password?(incoming_password) Devise.secure_compare(password_digest(incoming_password), self.encrypted_password) end
Digests the password using the configured encryptor.
# File lib/devise/models/encryptable.rb, line 45 def password_digest(password) if self.password_salt.present? self.class.encryptor_class.digest(password, self.class.stretches, self.password_salt, self.class.pepper) end end