我有一個帶有哈希密碼字段的滑軌模型(驚喜,驚喜),經過一些操作後,它的長度爲40個字符。我生成腳本/控制檯的用戶,並顯示如下:Rails在保存時截斷散列:
#<User id: 1, firstname: "true", lastname: "false", username: "chaines51", hashed_password: "2Gr0GWvPunB3x5jomRTSTZJRIelC2RW103d7f3db">
我然後運行user_instance.save,返回true,然後用戶看起來是這樣的:
#<User id: 1, firstname: "true", lastname: "false", username: "chaines51", hashed_password: "103d7f3db">
任何想法正在發生其他30多個字符?我從字符串文本遷移變化的領域,但它仍然被截斷
編輯:型號代碼:
require 'digest/sha1'
class User < ActiveRecord::Base
validates_presence_of :username, :password, :password_confirmation, :firstname, :lastname
validates_length_of :username, :within => 3..40
validates_length_of :password, :within => 5..40
validates_uniqueness_of :username
validates_confirmation_of :password
belongs_to :school
attr_protected :id, :salt
attr_accessor :password, :password_confirmation
def self.random_string(len)
#generate a random salt consisting of digits and letters.
chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
salt = ""
1.upto(len) { |i| salt << chars[rand(chars.size-1)] }
return salt
end
def password=(pass)
@password=pass
@salt = User.random_string(40-pass.length)
self.hashed_password = User.encrypt(@password, @salt)
end
def self.encrypt(pass, salt)
hash = Digest::SHA1.hexdigest(pass+salt)
hash.slice!(0..(40-pass.length-1))
hash = salt+hash;
end
def self.checkhash(pass, hash)
salt = hash.slice!(0..40-pass.length-1)
rehash = User.encrypt(pass, salt)
return rehash == (salt+hash)
end
def self.authenticate(login, pass)
u = User.find_by_username(login)
return nil if u.nil?
return u if User.checkhash(pass, u.hashed_password)
nil
end
end
和DB/schema.rb是:
ActiveRecord::Schema.define(:version => 20100127034504) do
create_table "categories", :force => true do |t|
t.string "title"
end
create_table "questions", :force => true do |t|
t.string "question"
t.string "a"
t.string "b"
t.string "c"
t.string "d"
t.string "e"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "questions_quizzes", :id => false, :force => true do |t|
t.integer "app_id"
t.integer "category_id"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "quizzes", :force => true do |t|
t.string "title"
t.integer "category_id"
end
create_table "schools", :force => true do |t|
t.string "name"
t.integer "coach_id"
end
create_table "users", :force => true do |t|
t.string "firstname", :null => false
t.string "lastname", :null => false
t.string "username", :null => false
t.boolean "needs_pass", :default => false
t.integer "school_id"
t.datetime "created_at"
t.datetime "updated_at"
t.boolean "confirmed", :default => false
t.text "hashed_password"
end
end
感謝您的帖子。數據庫看起來不是問題(雖然如果我處於偏執調試模式,我可能會嘗試設置其他字段超過10個字符,看看它們是否被截斷! – 2010-01-27 04:31:47
你看過數據庫(使用psql, mysqladmin,或者&c。)看看存儲了什麼? – 2010-01-27 04:58:57