Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def self.authenticate(email, password)
- user = find_by_email(email)
- if user
- if user.encrypted_password == Digest::SHA1.hexdigest(password) # This is for backwards-compatibility because I changed the encryption method.
- user.encrypt_password # It can be removed once all user records have encrypted_password = NULL
- user.update_attribute('encrypted_password', nil)
- user
- elsif user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
- user
- end
- else
- nil
- end
- end
Add Comment
Please, Sign In to add comment