Password-rehashing "down" for migration 20110727073510

Reinier Balt wrote: > One problem I see is when people want to downgrade. You chop the > password field back to 40 chars, but it will cause all users incapable > of logging in. Perhaps we can put a default password in the password on > migration.down? like sha1('secret123') so we leave Tracks operable on > downgrade? https://github.com/bsag/tracks-old/pull/26#issuecomment-2001500
2025-12-16 23:30:12 +01:00 · 2011-09-05 23:13:34 +02:00 · 2011-09-05 23:13:34 +02:00 · 97431324db
commit 97431324db
parent db77225ff7
1 changed files with 11 additions and 0 deletions
--- a/db/migrate/20110727073510_change_crypted_password_length.rb
+++ b/db/migrate/20110727073510_change_crypted_password_length.rb
@ -4,6 +4,17 @@ class ChangeCryptedPasswordLength < ActiveRecord::Migration
  end

  def self.down
+    # Begin with setting all passwords hashed with BCrypt to SHA-1 ones as
+    # BCrypt's format won't fit into a narrower column.
+    User.transaction do
+      User.all.each do |user|
+        if user.auth_type == 'database' and not user.uses_deprecated_password?
+          user.password = user.password_confirmation = nil
+          user.crypted_password = User.sha1 'change_me'
+          user.save!
+        end
+      end
+    end
    change_column 'users', 'crypted_password', :string, :limit => 40
  end
 end