Support Different Column Names in has_secure_password

[to...@t0dd.io]

I'd like to gauge interest in adding support for different column names for ActiveModel::SecurePassword. Currently, has_secure_password assumes that the column name for the attribute you want to encrypt is simply "password." Obviously, this may not always be the column name of the data you're trying to encrypt and it would be nice to be able to optionally specify the appropriate column name. I'm willing to investigate this if there's interest from the Core team.

Thanks,

Todd

[Godfrey Chan]

On Thursday, Feb 5, 2015 at 3:40 PM, to...@t0dd.io <to...@t0dd.io>, wrote:

I'd like to gauge interest in adding support for different column names for ActiveModel::SecurePassword. Currently, has_secure_password assumes that the column name for the attribute you want to encrypt is simply "password." Obviously, this may not always be the column name of the data you're trying to encrypt and it would be nice to be able to optionally specify the appropriate column name.

​

​I am curious, what is your use case? What is that data and what is the column name?

I'm willing to investigate this if there's interest from the Core team.

Thanks,

Todd

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-co...@googlegroups.com.
To post to this group, send email to rubyonra...@googlegroups.com.
Visit this group at http://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.

[to...@t0dd.io]

Thanks for your response, Godfrey.

My use case is hashing a token we need to store encrypted in our database. However, as I started to ponder the possible implementation some more, I came to the conclusion that a more generic `has_secure_attribute` method might be a better solution. Unless the committers want to maintain a new API method, it probably makes sense for me to just throw that into a gem of my own making. Feedback is welcome, though.

[Mohamed Wael Khobalatte]

There is a `has_secure_token` that got merged to master last month: https://github.com/rails/rails/pull/18217

--

Mohamed Wael Khobalatte

[to...@t0dd.io]

Ah, thanks Mohamed, that's a great option that I wasn't aware of. I don't suppose it's been backported or extracted to a gem for backporting?

Todd

[to...@t0dd.io]

Actually, that implementation is slightly different than what I had in mind - in my use case, we already have a token generated, but we need to encrypt it. The implementation I have in mind would essentially reuse the BCrypt encryption stuff in `has_secure_password`.