David Kimura
PRO
said almost 5 years ago
on
Authentication from Scratch
:
So, it basically just calls BCrypt to check with the method is_password? if they are a match.
The authenticate method is an alias for some meta programming that's going on in the module that is included by has_secure_password.
https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/InstanceMethodsOnActivation.html
https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/InstanceMethodsOnActivation.html
define_method("authenticate_#{attribute}") do |unencrypted_password|
attribute_digest = public_send("#{attribute}_digest")
BCrypt::Password.new(attribute_digest).is_password?(unencrypted_password) && self
end
alias_method :authenticate, :authenticate_password if attribute == :passwordSo, it basically just calls BCrypt to check with the method is_password? if they are a match.