From 97431324dba9bfdb41a6d982435f753fcb9d8465 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20St=C4=99pie=C5=84?= <jstepien@users.sourceforge.net>
Date: Mon, 5 Sep 2011 23:13:34 +0200
Subject: [PATCH] Password-rehashing "down" for migration 20110727073510

Reinier Balt wrote:
> One problem I see is when people want to downgrade. You chop the
> password field back to 40 chars, but it will cause all users incapable
> of logging in. Perhaps we can put a default password in the password on
> migration.down? like sha1('secret123') so we leave Tracks operable on
> downgrade?

https://github.com/bsag/tracks-old/pull/26#issuecomment-2001500
---
 .../20110727073510_change_crypted_password_length.rb  | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/db/migrate/20110727073510_change_crypted_password_length.rb b/db/migrate/20110727073510_change_crypted_password_length.rb
index cdc1649c..9bd2c639 100644
--- a/db/migrate/20110727073510_change_crypted_password_length.rb
+++ b/db/migrate/20110727073510_change_crypted_password_length.rb
@@ -4,6 +4,17 @@ class ChangeCryptedPasswordLength < ActiveRecord::Migration
   end
 
   def self.down
+    # Begin with setting all passwords hashed with BCrypt to SHA-1 ones as
+    # BCrypt's format won't fit into a narrower column.
+    User.transaction do
+      User.all.each do |user|
+        if user.auth_type == 'database' and not user.uses_deprecated_password?
+          user.password = user.password_confirmation = nil
+          user.crypted_password = User.sha1 'change_me'
+          user.save!
+        end
+      end
+    end
     change_column 'users', 'crypted_password', :string, :limit => 40
   end
 end