module Authlogic::ActsAsAuthentic::Password::Config

All configuration for the password aspect of acts_as_authentic.

Public Instance Methods

check_passwords_against_database(value = nil) click to toggle source

When calling valid_password?(“some pass”) do you want to check that password against what's in that object or whats in the database. Take this example:

u = User.first
u.password = "new pass"
u.valid_password?("old pass")

Should the last line above return true or false? The record hasn't been saved yet, so most would assume true. Other would assume false. So I let you decide by giving you this option.

  • Default: true

  • Accepts: Boolean

# File lib/authlogic/acts_as_authentic/password.rb, line 72
def check_passwords_against_database(value = nil)
  rw_config(:check_passwords_against_database, value, true)
end
check_passwords_against_database=(value = nil)
crypted_password_field(value = nil) click to toggle source

The name of the crypted_password field in the database.

  • Default: :crypted_password, :encrypted_password, :password_hash, or :pw_hash

  • Accepts: Symbol

# File lib/authlogic/acts_as_authentic/password.rb, line 20
def crypted_password_field(value = nil)
  rw_config(:crypted_password_field, value, first_column_to_exist(nil, :crypted_password, :encrypted_password, :password_hash, :pw_hash))
end
Also aliased as: crypted_password_field=
crypted_password_field=(value = nil)
crypto_provider(value = nil) click to toggle source

The class you want to use to encrypt and verify your encrypted passwords. See the Authlogic::CryptoProviders module for more info on the available methods and how to create your own.

# File lib/authlogic/acts_as_authentic/password.rb, line 151
def crypto_provider(value = nil)
  if value.nil? and !acts_as_authentic_config.include?(:crypto_provider)
    rw_config(:crypto_provider, CryptoProviders::SCrypt)
  else
    rw_config(:crypto_provider, value)
  end
end
Also aliased as: crypto_provider=
crypto_provider=(value = nil)
Alias for: crypto_provider
ignore_blank_passwords(value = nil) click to toggle source

By default passwords are required when a record is new or the crypted_password is blank, but if both of these things are met a password is not required. In this case, blank passwords are ignored.

Think about a profile page, where the user can edit all of their information, including changing their password. If they do not want to change their password they just leave the fields blank. This will try to set the password to a blank value, in which case is incorrect behavior. As such, Authlogic ignores this. But let's say you have a completely separate page for resetting passwords, you might not want to ignore blank passwords. If this is the case for you, then just set this value to false.

  • Default: true

  • Accepts: Boolean

# File lib/authlogic/acts_as_authentic/password.rb, line 55
def ignore_blank_passwords(value = nil)
  rw_config(:ignore_blank_passwords, value, true)
end
Also aliased as: ignore_blank_passwords=
ignore_blank_passwords=(value = nil)
merge_validates_confirmation_of_password_field_options(options = {}) click to toggle source

See merge_validates_length_of_password_field_options. The same thing, except for #validates_confirmation_of_password_field_options

# File lib/authlogic/acts_as_authentic/password.rb, line 124
def merge_validates_confirmation_of_password_field_options(options = {})
  self.validates_confirmation_of_password_field_options = validates_confirmation_of_password_field_options.merge(options)
end
merge_validates_length_of_password_confirmation_field_options(options = {}) click to toggle source

See merge_validates_length_of_password_field_options. The same thing, except for #validates_length_of_password_confirmation_field_options

# File lib/authlogic/acts_as_authentic/password.rb, line 142
def merge_validates_length_of_password_confirmation_field_options(options = {})
  self.validates_length_of_password_confirmation_field_options = validates_length_of_password_confirmation_field_options.merge(options)
end
merge_validates_length_of_password_field_options(options = {}) click to toggle source

A convenience function to merge options into the validates_length_of_login_field_options. So intead of:

self.validates_length_of_password_field_options = validates_length_of_password_field_options.merge(:my_option => my_value)

You can do this:

merge_validates_length_of_password_field_options :my_option => my_value
# File lib/authlogic/acts_as_authentic/password.rb, line 106
def merge_validates_length_of_password_field_options(options = {})
  self.validates_length_of_password_field_options = validates_length_of_password_field_options.merge(options)
end
password_salt_field(value = nil) click to toggle source

The name of the password_salt field in the database.

  • Default: :password_salt, :pw_salt, :salt, nil if none exist

  • Accepts: Symbol

# File lib/authlogic/acts_as_authentic/password.rb, line 29
def password_salt_field(value = nil)
  rw_config(:password_salt_field, value, first_column_to_exist(nil, :password_salt, :pw_salt, :salt))
end
Also aliased as: password_salt_field=
password_salt_field=(value = nil)
Alias for: password_salt_field
require_password_confirmation(value = nil) click to toggle source

Whether or not to require a password confirmation. If you don't want your users to confirm their password just set this to false.

  • Default: true

  • Accepts: Boolean

# File lib/authlogic/acts_as_authentic/password.rb, line 39
def require_password_confirmation(value = nil)
  rw_config(:require_password_confirmation, value, true)
end
require_password_confirmation=(value = nil)
transition_from_crypto_providers(value = nil) click to toggle source

Let's say you originally encrypted your passwords with Sha1. Sha1 is starting to join the party with MD5 and you want to switch to something stronger. No problem, just specify your new and improved algorithm with the crypt_provider option and then let Authlogic know you are transitioning from Sha1 using this option. Authlogic will take care of everything, including transitioning your users to the new algorithm. The next time a user logs in, they will be granted access using the old algorithm and their password will be resaved with the new algorithm. All new users will obviously use the new algorithm as well.

Lastly, if you want to transition again, you can pass an array of crypto providers. So you can transition from as many algorithms as you want.

  • Default: nil

  • Accepts: Class or Array

# File lib/authlogic/acts_as_authentic/password.rb, line 171
def transition_from_crypto_providers(value = nil)
  rw_config(:transition_from_crypto_providers, (!value.nil? && [value].flatten.compact) || value, [])
end
transition_from_crypto_providers=(value = nil)
validate_password_field(value = nil) click to toggle source

Whether or not to validate the password field.

  • Default: true

  • Accepts: Boolean

# File lib/authlogic/acts_as_authentic/password.rb, line 81
def validate_password_field(value = nil)
  rw_config(:validate_password_field, value, true)
end
Also aliased as: validate_password_field=
validate_password_field=(value = nil)
validates_confirmation_of_password_field_options(value = nil) click to toggle source

A hash of options for the validates_confirmation_of call for the password field. Allows you to change this however you want.

Keep in mind this is ruby. I wanted to keep this as flexible as possible, so you can completely replace the hash or merge options into it. Checkout the convenience function #merge_validates_length_of_password_field_options to merge options.

  • Default: {:if => :require_password?}

  • Accepts: Hash of options accepted by validates_confirmation_of

# File lib/authlogic/acts_as_authentic/password.rb, line 118
def validates_confirmation_of_password_field_options(value = nil)
  rw_config(:validates_confirmation_of_password_field_options, value, {:if => :require_password?})
end
validates_confirmation_of_password_field_options=(value = nil)
validates_length_of_password_confirmation_field_options(value = nil) click to toggle source

A hash of options for the validates_length_of call for the password_confirmation field. Allows you to change this however you want.

Keep in mind this is ruby. I wanted to keep this as flexible as possible, so you can completely replace the hash or merge options into it. Checkout the convenience function #merge_validates_length_of_password_field_options to merge options.

# File lib/authlogic/acts_as_authentic/password.rb, line 136
def validates_length_of_password_confirmation_field_options(value = nil)
  rw_config(:validates_length_of_password_confirmation_field_options, value, validates_length_of_password_field_options)
end
validates_length_of_password_confirmation_field_options=(value = nil)
validates_length_of_password_field_options(value = nil) click to toggle source

A hash of options for the validates_length_of call for the password field. Allows you to change this however you want.

Keep in mind this is ruby. I wanted to keep this as flexible as possible, so you can completely replace the hash or merge options into it. Checkout the convenience function #merge_validates_length_of_password_field_options to merge options.

  • Default: {:minimum => 4, :if => :require_password?}

  • Accepts: Hash of options accepted by validates_length_of

# File lib/authlogic/acts_as_authentic/password.rb, line 94
def validates_length_of_password_field_options(value = nil)
  rw_config(:validates_length_of_password_field_options, value, {:minimum => 4, :if => :require_password?})
end
validates_length_of_password_field_options=(value = nil)