Binary Logic » transition http://www.binarylogic.com Ben Johnson's thoughts and programming techniques Sat, 23 Jan 2010 21:19:58 +0000 http://wordpress.org/?v=2.8 en hourly 1 Tutorial: Easily migrate from restful_authentication to Authlogic http://www.binarylogic.com/2008/11/23/tutorial-easily-migrate-from-restful_authentication-to-authlogic/ http://www.binarylogic.com/2008/11/23/tutorial-easily-migrate-from-restful_authentication-to-authlogic/#comments Sun, 23 Nov 2008 22:46:00 +0000 benjohnson 0/2009/03/23/tutorial-easily-migrate-from-restful_authentication-to-authlogic I’ve been getting a lot of emails asking the best way to migrate from restful_authentication. Where it gets complicated is in the password encryption methods. Authlogic and restful_authentication use different methods. You don’t want to change this method because it will break backwards compatibility with your current passwords, meaning no one will be able to log into their account. Fear not, because I did all of the hard work for you…

Use the same password algorithm as restful_authentication

# app/models/user.rb
class User < ActiveRecord::Base
  acts_as_authentic do |c|
    c.act_like_restful_authentication = true
  end
end

Transition to one of Authlogic password algorithms

The first thing you need to do is make sure your database field “crypted_password” and “salt” allow for the storage of at least 128 characters (assuming you are migrating to Sha512). restful_authentication uses Sha1 which is 40 characters. If you are limiting the size, you need to create a migration that looks similar to.

change_column :users, :crypted_password, :string, :limit => 128,
  :null => false, :default => ""

change_column :users, :salt, :string, :limit => 128,
  :null => false, :default => ""

Now just tell acts_as_authentic what you are doing:

# app/models/user.rb
class User
  acts_as_authentic do |c|
    c.transition_from_restful_authentication = true
  end
end

You could pass an optional argument to transition to any password algorithm you want. By default Authlogic uses the Sha512 algorithm, but let’s say you wanted to transition to the BCrypt algorithm. No problem

# app/models/user.rb
class User < ActiveRecord::Base
  acts_as_authentic :transition_from_restful_authentication => true,
    :crypto_provider => Authlogic::CryptoProviders::BCrypt
end

For more information on BCrypt checkout my blog post about it.

What’s the difference?

act_like_restful_authentication will not change a thing, your users passwords will remain in the same format. From your database’s perspective, it will be as if you are using restful_authentication.

transition_from_restful_authentication starts changing your users passwords using the Authlogic passwords system that you specify with the :crypto_provider option. How does it do this? It’s simple, every time a user successfully logs in and their password is encrypted with the restful_authentication algorithm it will update their password with the Authlogic algorithm. When a new account is created it will use the Authlogic algorithm. This allows your user base to slowly transition and allowing them to still be able to log in.

That’s it. I’m not going to go into the Authlogic set up because I already have a tutorial on this.

Let me know what you think or if you have any questions.

]]> http://www.binarylogic.com/2008/11/23/tutorial-easily-migrate-from-restful_authentication-to-authlogic/feed/ 9