Authlogic keeps logging out with BCrypt.cost #73

shaicoleman opened this Issue Nov 23, 2009 · 1 comment

2 participants


There's a bug that causes AuthLogic to only maintain one session at a time. It is caused by BCrypt and the BCrypt.cost parameter. When one session starts, all the other sessions will be invalidated/logged out.

To reproduce, make the following changes in the AuthLogic Example, and register a new user after making those changes.

class User < ActiveRecord::Base
acts_as_authentic do |c|
c.crypto_provider = Authlogic::CryptoProviders::BCrypt

Authlogic::CryptoProviders::BCrypt.cost = 1

Removing the BCrypt.cost line seems to solve the issue.


@shaicoleman old ticket, but I'm thinking this could be bc Authlogic in the past wasn't aware of the bcrypt gem's min cost, which was fixed recently. Ok to close?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment