Forum: Ruby on Rails Reset password facility

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Shockmeister (Guest)
on 2009-02-11 23:36
(Received via mailing list)
I have used a sha256 hashing algorithm in order to provide some
security to my login facility. I now want to create a facility
whereby, if the user forgets their password, they are emailed a
temporary password so that they can login. Has anyone had any
experience implementing this?
Andrew T. (Guest)
on 2009-02-12 05:48
(Received via mailing list)
On Wed, Feb 11, 2009 at 11:35 PM, Shockmeister
<removed_email_address@domain.invalid>wrote:

>
> I have used a sha256 hashing algorithm in order to provide some
> security to my login facility. I now want to create a facility
> whereby, if the user forgets their password, they are emailed a
> temporary password so that they can login. Has anyone had any
> experience implementing this?
> >
>
Generally if you're using a hash to store the password, then you will
need
to send users to a page where they can enter a new password.
You can do this by generating a temporary token (random value) that you
include in a url you mail to the user and set it to expire within a few
minutes of being generated. Make sure it's enough time for the password
to
be reset.

Andrew T.
http://ramblingsonrails.com
http://www.linkedin.com/in/andrewtimberlake

"I have never let my schooling interfere with my education" - Mark Twain
Sazima (Guest)
on 2009-02-12 21:25
(Received via mailing list)
Lovd does just that, take a look at:

lovdbyless.com

http://github.com/stevenbristol/lovd-by-less/tree/master

Cheers, Sazima
Shockmeister (Guest)
on 2009-02-15 15:47
(Received via mailing list)
Cheers Sazima thats a great help!
This topic is locked and can not be replied to.