Are you using authlogic for authentication purpose in your rails application and now want to switch to Devise?
Overview of Authlogic:
user = User.find_by_email('test2@endpoint.com') actual_password = "password" digest = "#{actual_password}#{user.salt}" 20.times { digest = Digest::SHA512.hexdigest(digest) } # compare digest and user.crypted_password here to verify password
Note that the stretches value for Authlogic defaults to 20, but it can be adjusted. Also note that Authlogic uses the SHA-512 hash function by default.
For password, it adds ‘password_hash’ and ‘password_salt’ columns, to store those encrypted values.
Devise: Devise uses ‘bcrypt’ algorithm and has ‘encrypted_password’ column.
Now the challenge was to migrate old users with their passwords, so that they can login with their existing email and password.
So its pretty much easy with following steps:
1. Have a look at devise documentation. Devise has provided a nice detailed documentation with proper steps and examples.
Devise Doc
2. In your gemfile
gem 'devise', '~> 3.2.4' gem 'devise-encryptable', '~> 0.2.0' # Require the `devise-encryptable` gem when using anything other than bcrypt
3. From command-line
rails generate devise:install
The generator will install an initializer which describes ALL Devise’s configuration options
4. For devise views:
rails generate devise:views
5. In your config/initializers/devise.rb
To retain the old users with their login credentials (email and passwords) we will use the encryption algorithm ‘authlogic_sha512’
config.stretches = 20 config.encryptor = :authlogic_sha512
6. Migration for users to have devise authentication with ‘authlogic_sha512’ algorithm.
Here we will rename password_hash -> encrypted_password and few other columns
class AuthlogicToDevise < ActiveRecord::Migration def self.up add_column :users, :reset_password_token, :string add_column :users, :reset_password_sent_at, :datetime add_column :users, :remember_token, :string add_column :users, :remember_created_at, :datetime add_column :users, :authentication_token, :string add_column :users, :confirmation_token, :string, limit: 255 add_column :users, :confirmed_at, :timestamp add_column :users, :confirmation_sent_at, :timestamp execute "UPDATE users SET confirmed_at = created_at, confirmation_sent_at = created_at" rename_column :users, :password_hash, :encrypted_password rename_column :users, :current_login_at, :current_sign_in_at rename_column :users, :last_login_at, :last_sign_in_at rename_column :users, :current_login_ip, :current_sign_in_ip rename_column :users, :last_login_ip, :last_sign_in_ip rename_column :users, :login_count, :sign_in_count remove_column :users, :persistence_token remove_column :users, :single_access_token remove_column :users, :perishable_token remove_column :users, :last_request_at end def self.down add_column :users, :perishable_token, :string add_column :users, :single_access_token, :string add_column :users, :persistence_token, :string add_column :users, :last_request_at, :AuthlogicToDevisemestamp rename_column :users, :encrypted_password, :password_hash rename_column :users, :current_sign_in_at, :current_login_at rename_column :users, :last_sign_in_at, :last_login_at rename_column :users, :current_sign_in_ip, :current_login_ip rename_column :users, :last_sign_in_ip, :last_login_ip rename_column :users, :sign_in_count, :login_count remove_column :users, :confirmation_token remove_column :users, :confirmed_at remove_column :users, :confirmation_sent_at remove_column :users, :authentication_token remove_column :users, :remember_created_at remove_column :users, :remember_token remove_column :users, :reset_password_sent_at remove_column :users, :reset_password_token end end
7. Configure your user model with including the modules you want to have like Database Authenticatable, Confirmable, Rememberable etc. and add validations if required.
Thats it 🙂
Feel free to comment with your doubts or any suggestions.. Thanks.. 🙂