0

I have a User Model with encryption using brcypt gem.

However, when I am using the following code it is returning false as result.

User.find(117).try(:authenticate ,User.find(117).password_digest)

But below mentioned command works fine: 

User.find(117).try(:authenticate ,"password")

It returns true.

So how can I achieve the first conditions when I need to validate the password already stored in the database.

Any help would be appreciated!!

Rohan
  • 2,681
  • 1
  • 12
  • 18

2 Answers2

1

Try the below instead:

User.find(117).try(:authenticate ,User.find(117).password)

You never directly call password_digest on user.

password_digest is only used when setting the field in the database and the type on the form in the view.

For all other purposes call the ".password" attribute on the user.

Chris C
  • 1,662
  • 1
  • 15
  • 17
arnold bwaila
  • 71
  • 2
0

In you first line you pass the digested password, that (depending on your implementation or gem you are using) should be an one-way encrypted string from the original password. You have no way to verify this digest without the original password.

While try is a great thing, it hides away all useful errors you could get. Your code would be better if you split up finding the user and authenticating the password.

Thomas R. Koll
  • 3,131
  • 1
  • 19
  • 26
  • Suppose I want to write a rspec test, where I validate the the current password and then update the current password with new password. In this case how will I achieve this? – Rohan May 28 '18 at 11:05