Compute a pbkdf2 hash of a string, and/or check a password against a pbkdf2 hashed string.
This was originally built to import password hashes from django application to rails/devise application
In your Gemfile :
gem pbkdf2_password_hasher, git: 'aherve/pbkdf2-password-hasher'
or install it with:
gem install pbkdf2_password_hasher
- Hash a password with salt:
salt = 'NaCl' # random salt key pass = 's3cr3t' # your password it = 1000 # number of iterations hash = Pbkdf2PasswordHasher.hash_password(pass,salt,it) #=> "pbkdf2_sha256$1000$NaCl$uDAu+fkRHoZk03PKp0bzrXDWc4j4mhkzGBm7ljbvp58="
- Check password validity against string
# hashed string from django app hsh ='pbkdf2_sha256$12000$PEnXGf9dviXF$2soDhu1WB8NSbFDm0w6NEe6OvslVXtiyf4VMiiy9rH0=' # with right password: Pbkdf2PasswordHasher.check_password('bite',hsh) #=> true #with wrong password: Pbkdf2PasswordHasher.check_password('bitten',hsh) #=> false