Reputation: 4354
Migrate django users to rails
I currently have a system with django which I need to migrate to rails. I am using Devise for authorization in rails. The old django system has it's own set of users which I need to migrate to rails. The thing that I am concerned with, is the password of the users. It is encrypted using sha1 algorithm. So, how I can modify devise such that it is compatible with the old user's password as well.
Upvotes: 1
Views: 511
Answers (2)
Reputation: 3062
I have the following method in my user model:
def valid_password?(pwd)
begin
super(pwd)
rescue
my_pwds = self.encrypted_password.split '$'
Digest::SHA1.hexdigest( my_pwds[1] + pwd ) == my_pwds[2] rescue false
end
end
This extends the default_password? method that is used by Devise to see if a user has submitted the correct password. First the user is being checked using the normal devise logics, and if that doesn't work the Django sha1 logic is run. This way devise passwords are supported too, so you won't get compatibility issues in the future.
Upvotes: 1
Reputation: 1933
Each user gets its own random salt, that way if the table with passwords get leaked, rainbow tables wont help to get the actual passwords.
Checkout django/contrib/auth.models.py, check_password(raw_password, enc_password) is what you need to implement in your Rails auth system:
def get_hexdigest(algorithm, salt, raw_password):
"""
Returns a string of the hexdigest of the given plaintext password and salt
using the given algorithm ('md5', 'sha1' or 'crypt').
"""
raw_password, salt = smart_str(raw_password), smart_str(salt)
if algorithm == 'crypt':
try:
import crypt
except ImportError:
raise ValueError('"crypt" password algorithm not supported in this environment')
return crypt.crypt(raw_password, salt)
if algorithm == 'md5':
return md5_constructor(salt + raw_password).hexdigest()
elif algorithm == 'sha1':
return sha_constructor(salt + raw_password).hexdigest()
raise ValueError("Got unknown password algorithm type in password.")
def check_password(raw_password, enc_password):
"""
Returns a boolean of whether the raw_password was correct. Handles
encryption formats behind the scenes.
"""
algo, salt, hsh = enc_password.split('$')
return constant_time_compare(hsh, get_hexdigest(algo, salt, raw_password))
Upvotes: 2
Related Questions
- Migrating from django user model to a custom user model
- How to migrate a custom User model to Devise in Rails 5.2
- Migrate users from database to another on Django
- Migrate users from one Rails app to another, both using Devise, while maintaining passwords
- Step on how to add devise migration to existing User model in ruby on rails?
- Migrate users from Joomla to Ruby On Rails + Devise and keep passwords
- To Rails from Django
- Migrate legacy database users to Devise
- Is there a way to migrate devise users from one application to another (still using devise?)
- Migrating existing user model to Devise