Sam*_*Sam 5 encryption ruby-on-rails ruby-on-rails-3
我正在使用ruby on rails创建一个基本的注册表单(我对rails来说比较新),而我想知道的是如何加密新用户的密码(出于明显的安全原因)?
这是我的注册页面:
<script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
<script type="text/javascript">
$.noConflict();
jQuery(document).ready(function($) {
$('a.close').click(function(){
$(this).parent().fadeOut();
});
});
</script>
<% if !flash.now[:notice].blank? %>
<div class="alert-message error">
<a class="close" href="#">×</a>
<p><strong><%= flash.now[:notice][0] %></strong></p>
</div>
<% end %>
<div class="alert-message info">
<p><strong>Join us. It's as simple as 1 2 3.</strong></p>
</div>
<% form_for :user do |f| %>
<p> Email: <br /> <%= f.text_field :email %></p>
<p> Name: <br /> <%= f.text_field :name %></p>
<p> Username:<br /><%= f.text_field :username %></p>
<p> Password: <br /> <%= f.password_field :password %></p>
<p> Blog <i>(optional)</i>: <br /> <%= f.text_field :blog %></p>
<p><%= submit_tag "Create User", :disable_with => "Please wait...", :class => "btn primary" %></p>
<% end %>
而用户控制器:
class UsersController < ApplicationController
def register
@user = User.new(params[:user])
if(request.post? and @user.save)
flash[:notice] = "Account Created Successfully"
redirect_to root_path
else
flash.now[:notice] = @user.errors.full_messages
end
end
def destroy
@user = User.find(params[:id])
@user.destroy
redirect_to root_path
end
end
任何帮助,将不胜感激.提前致谢.
Hou*_*uen 11
干得好:
self.salt = ActiveSupport::SecureRandom.base64(8)
self.hashed_password = Digest::SHA2.hexdigest(self.salt + submitted_password)
并且用于身份验证:
def password_correct?
user.hashed_password == Digest::SHA2.hexdigest(user.salt + password_to_confirm)
end
但是像allesklar所写,Rails 3.1将是一个不错的选择.观看有关该主题的Railscast.
| 归档时间: |
|
| 查看次数: |
12440 次 |
| 最近记录: |