Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Randomly generated password Rails 3.1

Tags:

random

passwords

ruby-on-rails

For the purpose of a new web app, I would need on my sign up page (which is administrator only) just only one email field.

The thing is that I'm totally new at rails and so even basics things like that are for me really difficult...

I created my authentification using Railscast #270 which uses has_secure_password method. For now, everything works great except that I dont need all this bullcrap... I also want to use Action Mailer to send the generated password to his email adress. A hex(8) password would be perfect (I have seen SecureRandom but it seems to be depreciated)

Users_Controller:

class UsersController < ApplicationController
  skip_before_filter :is_connected?, :only => [:new, :create]

  def new
    @user = User.new
  end

  def create
    @user = User.new(params[:user])
    if @user.save
      # Tell the Mailer to send a welcome Email after save
      Mailer.confirm_email(@user).deliver

      redirect_to root_url, :notice => "Signed up!"
    else
      render "new"
    end
  end
end

User_model:

class User < ActiveRecord::Base
  attr_accessible :email
  has_secure_password
  validates_presence_of :password, :email, :on => :create
end

For now, in my view, I have 2 fields. But as I said earlier, I only want one. I would like to keep using has_secure_password which seems to offer a pretty good security regarding hash/salt.

like image 689
boby lapointe Avatar asked Jan 30 '12 15:01

boby lapointe

3 Answers

Rails provides ActiveSupport::SecureRandom which either (depending on the Ruby version) is just a bridge to Ruby's SecureRandom or reimplemented it on older versions of Ruby (if my memory is correct SecureRandom was added in 1.8.7)

Now that all of the versions of Ruby that Rails supports have SecureRandom built-in ActiveSupport::SecureRandom is no longer needed and has been deprecated. SecureRandom itself is going nowhere - 

require 'securerandom'
SecureRandom.hex(8)

should do fine (you might want to consider SecureRandom.urlsafe_base64 for a more compact representation of the same amount of actual randomness)

like image 117
Frederick Cheung Avatar answered Nov 15 '22 15:11

Frederick Cheung

Here is one simple code for random password with lenth 8

rand_password=('0'..'z').to_a.shuffle.first(8).join

Hope it will help.

like image 35
Thaha kp Avatar answered Nov 15 '22 15:11

Thaha kp

Sometimes things from Rails are deprecated because they duplicate functionality that has been added to Ruby core, and SecureRandom seems to be one of those things.

You can use any of those random generator methods to produce a one-time-use password.

like image 1
tadman Avatar answered Nov 15 '22 14:11

tadman
Sign in to Comment

Related questions

In lambda functions syntax, what purpose does a 'capture list' serve?
Nested Cursors in Mysql
Default timeout for HttpComponent Client
Java Generics, is <C> equal to <T>?
Loading multiple properties files
How to initialize an empty mutable array in Objective C
How do I clear selection of a gridview row?
Mongoid not in query
Why use `return x == 5 ? true : false;`? [closed]
Golang: http server leaving open goroutines
Call a child class method from a parent class object
Yii $form->textfield, how to set a default value?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!