#127 ✓resolved
Michael Rykov

Cannot log in with acts_like_restful_authentication - it incorrectly stores passwords

Reported by Michael Rykov | June 18th, 2009 @ 08:56 PM

Looks like an argument is missing for one of the encrypt_arguments calls in authlogic/acts_as_authentic/password.rb

This is the signature:

 def encrypt_arguments(raw_password, check_against_database, arguments_type = nil)

This is the call that's missing the check_against_database argument around line 229:

 send("#{crypted_password_field}=", crypto_provider.encrypt(*encrypt_arguments(@password, act_like_restful_authentication? ? :restful_authentication : nil)))

I fixed it locally with:

 send("#{crypted_password_field}=", crypto_provider.encrypt(*encrypt_arguments(@password, false, act_like_restful_authentication? ? :restful_authentication : nil)))

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.

People watching this ticket