Skip to content

Commit

Permalink
Merge branch 'jmhooper-fix-authenticable-salt-method' into stages/rc-…
Browse files Browse the repository at this point in the history
…2018-06-22
  • Loading branch information
davemcorwin committed Jun 20, 2018
2 parents 722ed90 + cde0ce9 commit 6c802b5
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 0 deletions.
10 changes: 10 additions & 0 deletions app/models/concerns/user_access_key_overrides.rb
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,16 @@ def password=(new_password)
write_legacy_password_attributes(digest)
end

# This is a devise method, which we are overriding. This should not be removed
# as Devise depends on this for things like building the key to use when
# storing the user in the session.
def authenticatable_salt
return if encrypted_password_digest.blank?
Encryption::PasswordVerifier::PasswordDigest.parse_from_string(
encrypted_password_digest
).password_salt
end

private

def write_legacy_password_attributes(digest)
Expand Down
9 changes: 9 additions & 0 deletions spec/models/user_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -409,6 +409,15 @@
end
end

describe '#authenticatable_salt' do
it 'returns the password salt' do
user = create(:user)
salt = JSON.parse(user.encrypted_password_digest)['password_salt']

expect(user.authenticatable_salt).to eq(salt)
end
end

context 'when a password is updated' do
it 'writes encrypted_password_digest and the legacy password attributes' do
user = create(:user)
Expand Down

0 comments on commit 6c802b5

Please sign in to comment.