If you are using bcrypt (at
least version 3.1.7), then you can easily add secure password functionality
to an
ActiveRecord
model. First, ensure that the table backing the model has a
password_digest column. Then add
has_secure_password
to your model.
class User < ActiveRecord::Base
has_secure_password
# other logic ...
endYou can now instantiate a User instance with any required fields as well
as password and password_confirmation. As long as password and
password_confirmation match then an encrypted password_digest will be
created and stored. You can later check a given password for the user using
the authenticate method.
user = User.find_by(email: user_params[:email])
if user.authenticate(user_params[:password])
puts 'That is the correct password!'
else
puts 'That password did not match!'
end