sinatra - Why is BCrypt failing to authenticate in this context? -

-

when create users (in sinatra), this

require 'bcrypt'  post '/users'     @user = user.new(params[:user])     @user.password_hash = bcrypt::password.create(params[:password])     p @user.password_hash == params[:password]              # prints true!     @user.save!     session[:user_id] = @user.id     redirect '/' end

then when try verify same user this

post '/sessions'   @user = user.find_by_email(params[:email])   p @user.id                                                # prints 14   p @user.password_hash                                     # prints correct hash   p @user.password_hash.class                               # prints string   p bcrypt::password.new(@user.password_hash).class         # prints bcrypt::password    p params[:password]                                       # prints "clown123"   p bcrypt::password.new(@user.password_hash) == params[:password] # prints false!      # redirect '/' end

what broke? example given in bcrypt docs (which doesn't use database) works every time. in db (postgres) altering password_hash?

using latest version of bcrypt, , ruby 1.9.3 (i've tried ruby 2.0 , same results)

what db column type using? try without db , use sessions instead. following worked correctly me,

# app.rb  require 'sinatra' require 'bcrypt'  enable :sessions  '/user'   session[:password_hash] = bcrypt::password.create(params[:password])   return 'success' end  '/session'   result = bcrypt::password.new(session[:password_hash]) == params[:password]   return "result: #{result}" end

then in browser,

http://localhost:4567/user?password=secret  # => success  http://localhost:4567/session?password=secret  # => result: true  http://localhost:4567/session?password=invalid  # => result: false

if works, try introducing db again,

require 'sinatra' require 'bcrypt'  # postgres config here...  '/pg-user'   user = user.new(password_hash: bcrypt::password.create(params[:password]))   user.save!   return 'success' end  '/pg-session'   user = user.last   result = bcrypt::password.new(user.password_hash) == params[:password]   return "result: #{result}" end

Comments

Post a Comment

Popular posts from this blog

c# - Unity IoC Lifetime per HttpRequest for UserStore -

-
i'm trying clean default implementation of accountcontroller.cs comes out of box in new mvc5/owin security implementation. have modified constructor this: private usermanager<applicationuser> usermanager; public accountcontroller(usermanager<applicationuser> usermanager) { this.usermanager = usermanager; } also, have created lifetime manager unity looks this: public class httpcontextlifetimemanager<t> : lifetimemanager, idisposable { private httpcontextbase _context = null; public httpcontextlifetimemanager() { _context = new httpcontextwrapper(httpcontext.current); } public httpcontextlifetimemanager(httpcontextbase context) { if (context == null) throw new argumentnullexception("context"); _context = context; } public void dispose() { this.removevalue(); } public override object get...
Read more

Change the color of an oval at click in Java AWT -

-
i have draw ovals in java, , @ click change color. beginning tried change color after 20 ms, doesn't work. my code is: public class mycomponentnew extends frame { public graphics2d g2d; public mycomponentnew(string title) { super(title); setsize(400, 550); } @override public void paint(graphics g) { this.g2d = (graphics2d) g; this.g2d.setcolor(color.red); this.g2d.filloval(10, 55, 50, 100); } public void changecolor () { this.g2d.setcolor(color.blue); this.g2d.filloval(10, 55, 50, 100); } } and in class main method have: mycomponentnew m; m = new mycomponentnew("fereastra cu baloane"); m.setvisible(true); m.addwindowlistener(new windowadapter() { @override public void windowclosing(windowevent we) { system.exit(0); } }); try { thread.sleep(20); } catch(interruptedexception e) {} m.changecolor(); the color of oval remains red. ...
Read more

I am trying to solve the error message 'incompatible ranks 0 and 1 in assignment' in a fortran 95 program. -

-
i writing program in fortran find velocity of parachuting person in relation time. keep getting error can't fix. new programming , appreciated. the error is v(i+1)=v(i)+[32-((c*v(i)*v(i))/m)]*(h) 1 error: incompatible ranks 0 , 1 in assignment @ (1) and program is program para integer :: real :: v(11) !velocity real :: q !initial velocity real :: h !time step real :: c !drag coefficient real :: m !mass ! gravity equal 32 ft/s^2 write (*,*)'enter time step' read(*,*)h write(*,*)'enter initial velocity' read(*,*)q write(*,*)'enter drag coefficient' read(*,*)c write(*,*)'enter mass' read(*,*)m i=1,10 ! 1 10, 1 being interval. end v(i+1)=v(i)+[32-((c*v(i)*v(i))/m)]*(h) q=v(1) end program you cannot use [] normal parenthesis in expressions. array constructor, [ items ] means array items elements. end do should after line.
Read more