Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add back CHANGELOG entry for
authenticate_by
- Loading branch information
1 parent
eb80dd3
commit 139183c
Showing
1 changed file
with
27 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,28 @@ | ||
* Add `authenticate_by` when using `has_secure_password`. | ||
|
||
`authenticate_by` is intended to replace code like the following, which | ||
returns early when a user with a matching email is not found: | ||
|
||
```ruby | ||
User.find_by(email: "...")&.authenticate("...") | ||
``` | ||
|
||
Such code is vulnerable to timing-based enumeration attacks, wherein an | ||
attacker can determine if a user account with a given email exists. After | ||
confirming that an account exists, the attacker can try passwords associated | ||
with that email address from other leaked databases, in case the user | ||
re-used a password across multiple sites (a common practice). Additionally, | ||
knowing an account email address allows the attacker to attempt a targeted | ||
phishing ("spear phishing") attack. | ||
|
||
`authenticate_by` addresses the vulnerability by taking the same amount of | ||
time regardless of whether a user with a matching email is found: | ||
|
||
```ruby | ||
User.authenticate_by(email: "...", password: "...") | ||
``` | ||
|
||
*Jonathan Hefner* | ||
|
||
|
||
Please check [7-0-stable](https://github.com/rails/rails/blob/7-0-stable/activerecord/CHANGELOG.md) for previous changes. |