{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Root(大扎) 的问题《Rails Devise Legacy Users from CakePHP》','https://www.manongdao.com/q-858053.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I recently got Devise working. New users sign in, sign up, logout etc etc just fine. Old users however have an issue. I have gotten it to a point where I get a 401 unauthorized, which seems to me that the hash is just incorrectly being created when signing in and of course not matching correctly.
My user model:
class User < ActiveRecord::Base
require "digest/sha1"
# Include default devise modules. Others available are:
# :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :encryptable, :encryptor => :old_cakephp_auth
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me
has_many :events
end
Cakephp uses sha1, but I don't know the specifics of how it does things. This obviously doesn't work, which is why I am here:
require "digest/sha1"
module Devise
module Encryptors
class OldCakephpAuth < Base
def self.digest(password, stretches, salt, pepper)
Digest::SHA1.hexdigest("#{salt}#{password}")
end
end
end
end
I got that from the how to add a custom encryptor example. They had this:
Digest::SHA1.hexdigest("--#{salt}--#{password}--")
That didn't work either. Anyone have any ideas?
I saw a variation of this on the create your own custom encryptor wiki. I don't know how I didn't see it before. Perhaps someone updated it recently.
Place the following in your user model. It should overwrite valid password from devise:
You need to make sure to fill in the password salt you used in cake into all legacy user's rows. You also need to change password to encrypted password according to devise's instructions.
I feel like I may need to add a way encrypt from user model as well for new users. Or perhaps the custom encryptor I created handles that aspect.