Binarylogic Authlogic

Comments and changes to this ticket

• 

  Ben Johnson May 28th, 2009 @ 03:49 AM

  • State changed from “new” to “open”

  Hi Lawrence, how would you store the perishable token in the cookie? Encrypted I suppose. So what are you trying to accomplish? Because now we are just passing encrypted strings back and forth. I guess you could give them the plain token for their cookie, but how do I get that? I would need to use a reversible encrypting algorithm which I'd like to avoid.

  Also, the perishable tokens are a result of passing random tokens to the Sha512 hashing algorithm.

• You flagged this item as spam.
  

  Lawrence Pit May 28th, 2009 @ 04:42 AM

  When a user requests a new password an email is send with a link containing the perishable token. This token is like sending a plain-text password.

  Therefor it MUST be hashed in the database.

  I.e.: send the plain-text perishable token in the email, hash the token, save the hash in the database and throw away the original from memory.

  The same is true for the persistence token btw. As it's send around via a cookie it too should be hashed in the database.

• 

  Ben Johnson June 3rd, 2009 @ 03:49 AM

  Well the perishable token is perishable, it defaults to 10 minutes. So if someone did get the token they would have 10 minutes to use it. Also, It is also constantly being changed. In fact, it is being changed in a before_save hook.

  The only thing I can think to do is provide an alternate method that generates a new friendly token, encrypts it, and then saves it to the db. This will break backwards compatibility though. I need to give this some thought and make sure I do this properly.

• 

  Ben Johnson June 20th, 2009 @ 04:42 AM

  • State changed from “open” to “hold”

• You flagged this item as spam.
  

  AMSA2018 September 26th, 2018 @ 04:31 AM

  greffe cheveux tunisie prix

• You flagged this item as spam.
  

  Julie464 January 26th, 2019 @ 05:10 AM

  krogerfeedback

• You flagged this item as spam.
  

  rosstaylor505 January 13th, 2020 @ 05:20 AM

  De belangrijkste tips om te voorkomen dat je last krijgt van ongedierte in huis zijn: goed onderhoudOngediertebestrijding

• You flagged this item as spam.
  

  rosstaylor505 January 21st, 2020 @ 01:36 AM

  I definitely enjoying every little bit of it. It is a great website and nice share. I want to thank you. Good job! You guys do a great blog, and have some great contents. Keep up the good work.
  http://casathome.ihep.ac.cn/team_display.php?teamid=357715

• You flagged this item as spam.
  

  Lucas17 March 9th, 2020 @ 06:07 AM

  Pretty good post. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. Any way I'll be subscribing to your feed and I hope you post again soon. Big thanks for the useful info. bitmain s19

• You flagged this item as spam.
  

  uzair awan May 12th, 2020 @ 05:16 AM

  Wow! Such an amazing and helpful post this is. I really really love it. It's so good and so awesome. I am just amazed. I hope that you continue to do your work like this in the future also employment lawyer sacramento

• You flagged this item as spam.
  

  jeni September 30th, 2020 @ 05:51 AM

  Your post is too amazing. I have found with ease what I was looking for. Moreover, the content quality is awesome. Thanks for the nudge!
  https://www.guest-articles.com/education/brilliant-c1000-066-exam-questions-with-pdf-dumps-30-09-2020
  

• You flagged this item as spam.
  

  NoeliaMonahan October 17th, 2020 @ 04:07 PM

  I did my master's in English literature and can teach you English. I am interested in learning Arabic and Persian. This can be a good mutual agreement between two os us if we sort out and teach each other the language that we know and share our views on that language. As per https://allessayvikings.com/essayhave-com-review/ blog suggestions this will help both of us to learn from each other.