Encrypting data before saving


#1

Hi,

In the pragmatic rails book, a password is hashed and saved using the
callback before_create. To do this it sets up an accessor called
‘password’ and saves the SHA1 output in the backend as
‘hashed_password’.

I’ve done a similar thing, but instead of using an accessor I simply use
‘password’ for both and assign using:

def before_save
self.password = my_encrypt_function(self.password)
end

def after_save
self.password = ‘’
end

(I clear it as the actual hash is never needed by my app and I don’t
want it in the session)

Is it “wrong” to use only the one property of the model like this,
without using an intermediary accessor? It seems to work for me, so I’m
assuming that it’s OK. If anybody can tell me otherwise, I’d appreciate
it.

Thanks!