Forum: Ruby on Rails Encrypting data before saving

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
David (Guest)
on 2006-03-14 01:27
Hi,

In the pragmatic rails book, a password is hashed and saved using the
callback before_create.  To do this it sets up an accessor called
'password' and saves the SHA1 output in the backend as
'hashed_password'.

I've done a similar thing, but instead of using an accessor I simply use
'password' for both and assign using:

def before_save
  self.password = my_encrypt_function(self.password)
end

def after_save
  self.password = ''
end

(I clear it as the actual hash is never needed by my app and I don't
want it in the session)

Is it "wrong" to use only the one property of the model like this,
without using an intermediary accessor?  It seems to work for me, so I'm
assuming that it's OK.  If anybody can tell me otherwise, I'd appreciate
it.

Thanks!
This topic is locked and can not be replied to.