I’m updating a database hashing algorithm.
My current system runs on md5 and I want to change it into BCrypt
+salt.
My problem is when an old user(users whos password hashed in md5) is
login with his old password I want to automatically change the password
to BCrypt+salt in database.
if // check if the password stored in bcrypt
salt = IDA::Config.get_configuration('salt')
hash_password = BCrypt::Password.new(hash)
return
(BCrypt::Password.create(salt[‘salt_value’]+password) ==
(salt[‘salt_value’]+password)) ? true : false
else // for users who's password encrypted in md5
salt = IDA::Config.get_configuration('salt') // i"m getting
a salt here
BCrypt::Password.create(salt[‘salt_value’]+password) // Im
getting a salted bcryptted password and I tried to put this into db
manually and try to login it works perfectly
// I want to write this new salted password into db once
the user is authenticated with his old password
return (Digest::MD5.hexdigest(password) == hash) ? true :
false
I want to write this in model.Any help will be greatly appreciated.
Thanks