Skip to content
Browse files

Rescue BCrypt Invalid Hash only in migration strategy

  • Loading branch information...
1 parent 64ec95b commit c1a654173c9445fc608afe29cacb88f45643891b @kdaigle kdaigle committed with mike-burns Aug 15, 2012
View
6 lib/clearance/password_strategies/bcrypt_migration_from_sha1.rb
@@ -32,7 +32,11 @@ def password=(new_password)
private
def authenticated_with_bcrypt?(password)
- BCryptUser.new(self).authenticated? password
+ begin
+ BCryptUser.new(self).authenticated? password
+ rescue ::BCrypt::Errors::InvalidHash
+ false
+ end
end
def authenticated_with_sha1?(password)
View
6 spec/models/bcrypt_migration_from_sha1_spec.rb
@@ -49,6 +49,12 @@
subject.authenticated? password
subject.encrypted_password.should_not == sha1_hash
end
+
+ it 'does not raise a BCrypt error for invalid passwords' do
+ lambda {
+ subject.authenticated? 'bad' + password
+ }.should_not raise_error(BCrypt::Errors::InvalidHash)
+ end
end
context 'with a BCrypt-encrypted password' do

0 comments on commit c1a6541

Please sign in to comment.
Something went wrong with that request. Please try again.