verify_password in 1.7.0 was no longer behaving like in 1.6.9 #223

Merged
merged 1 commit into from Feb 20, 2014

3 participants

@ahtik

Maybe related to #210

Simple experimental code with bcrypt no longer returned true:
verify_password('psw', encrypt_password('psw'))

Not sure if my fix is correct but at least the created tests started to pass and it's similar to how the latest verify_and_update_password works.

This pull request is against "develop", let me know if this is wrong and should be against some other branch.

@coveralls

Coverage Status

Coverage increased (+0.14%) when pulling ec5777b on ahtik:issue-verify_password into 0268a2d on mattupstate:develop.

@ahtik ahtik Changing verify_password so it works like verify_and_update_password.…
… Currently verify_password was not only creating a hmac hash but also encrypting (encrypt_password is first hmac-signing and then encrypting).

Removed unneccessary and wrong tests.
1395df3
@coveralls

Coverage Status

Coverage increased (+0.14%) when pulling ecf70d3 on ahtik:issue-verify_password into 0268a2d on mattupstate:develop.

@mattupstate
Owner

@ahtik I feel so stupid now. I made a mistake when testing against bcrypt. I see the bug now. Thanks so much for pointing this out.

@coveralls

Coverage Status

Coverage increased (+0.14%) when pulling 1395df3 on ahtik:issue-verify_password into 0268a2d on mattupstate:develop.

@coveralls

Coverage Status

Coverage increased (+0.14%) when pulling 1395df3 on ahtik:issue-verify_password into 0268a2d on mattupstate:develop.

@ahtik

@mattupstate No trouble at all! Glad to see my first github pull request ever to be for an actual bug.

@mattupstate mattupstate merged commit 1d3a75d into mattupstate:develop Feb 20, 2014

1 check passed

Details default The Travis CI build passed
@ahtik ahtik deleted the ahtik:issue-verify_password branch Feb 20, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment