Be Cryptic

What is BCrypt?

BCrypt is a password hashing gem that allows you to secure a user’s password. First, BCrypt needs to be added to the Gemfile, then run “bundle install” in the console. When establishing the database table, the password attribute should be password_digest. In addition, add has_secure_password to the User class. password_digest and has_secure_password work together with BCrypt to establish secure hashed passwords.

Ok, but what exactly is has_secure_password?

The best way to learn about anything is to go to the docs. Here is the link. Basically, it that adds methods to secure the password against a BCrypt password. It requires password_digest to be added as an attribute. It also allows you to use password_confirmation where a user types in their password twice to confirm it.

Does it authenticate?

has_secure_password has a helper method for authenticating: #authenticate. Here I am calling the instance method #authenticate on the #user. I am authenticating using the user’s password. If it can’t authenticate (user isn’t who they say they are), then an error displays and the user is rendered to the login page.

It’s not quite magic, but it’s pretty close. Click here to read more about bcrypt, has_secure_password, authenticating, and more.