From ce84bb1a0194d98b4db99e258cc0ada6b98e19b8 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Wed, 23 Feb 2011 17:27:31 +0000 Subject: Adds random salt to user passwords (#7410). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4936 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- db/migrate/20110223180944_add_users_salt.rb | 9 +++++++++ db/migrate/20110223180953_salt_user_passwords.rb | 13 +++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 db/migrate/20110223180944_add_users_salt.rb create mode 100644 db/migrate/20110223180953_salt_user_passwords.rb (limited to 'db/migrate') diff --git a/db/migrate/20110223180944_add_users_salt.rb b/db/migrate/20110223180944_add_users_salt.rb new file mode 100644 index 000000000..f1cf6483f --- /dev/null +++ b/db/migrate/20110223180944_add_users_salt.rb @@ -0,0 +1,9 @@ +class AddUsersSalt < ActiveRecord::Migration + def self.up + add_column :users, :salt, :string, :limit => 64 + end + + def self.down + remove_column :users, :salt + end +end diff --git a/db/migrate/20110223180953_salt_user_passwords.rb b/db/migrate/20110223180953_salt_user_passwords.rb new file mode 100644 index 000000000..9f017db9c --- /dev/null +++ b/db/migrate/20110223180953_salt_user_passwords.rb @@ -0,0 +1,13 @@ +class SaltUserPasswords < ActiveRecord::Migration + + def self.up + say_with_time "Salting user passwords, this may take some time..." do + User.salt_unsalted_passwords! + end + end + + def self.down + # Unsalted passwords can not be restored + raise ActiveRecord::IrreversibleMigration, "Can't decypher salted passwords. This migration can not be rollback'ed." + end +end -- cgit v1.2.3