peruse the following:
Mac version ruby-1.9.2-p180 :005 > @u=User.find(:first, :conditions=>["login = ?", "rgtest"]) => #<User id: 1068138631, login: "rgtest", crypted_password: "a13970eb729c1f0761242f1995a2d2f7b2e52e5a", salt: "122a37f8c048d7eacb8d62008790be7406c85cdc", email_address: "rgtest", created_at: "2011-07-12 12:03:20", updated_at: "2011-07-12 18:30:08", first_name: "rgtest", last_name: "rgtest">
Windows Version irb(main):001:0> @u=User.find(:first, :conditions=>["login = ?", "rgtest"]) => #<User id: 1068138631, login: "rgtest", crypted_password: "a13970eb729c1f0761242f1995a2d2f7b2e52e5\x00\x00", salt: "122a37f8c048d7eacb8d62008790be7406c85cd\x00\x00", email_address: "rgtest", created_at: "2011-07-12 12:03:20", updated_at: "2011-07-12 18:30:08", first_name: "rgtest", last_name: "rgtest"> irb(main):002:0>
Notice the differences between the crypted_password and salt strings returned, this is causing the authentication to fail. Has anyone else seen this or have any ideas how this may be happening?
Tom
Here is the environment and code: Info: Gemfile gem 'rails', '3.0.6' gem 'activerecord-sqlserver-adapter' ,'3.0.15 gem 'ruby-odbc' ,'0.99994' gem 'mongrel', '>=1.2.0.pre2' gem 'composite_primary_keys', '=3.1.0'
Local gems: bstract (1.0.0) actionmailer (3.0.6, 3.0.5) actionpack (3.0.6, 3.0.5) activemodel (3.0.9, 3.0.6, 3.0.5) activerecord (3.0.6, 3.0.5) activerecord-sqlserver-adapter (3.0.15, 3.0.14, 3.0.12, 3.0.10) activeresource (3.0.6, 3.0.5) activesupport (3.0.9, 3.0.6, 3.0.5) arel (2.0.10, 2.0.9) builder (2.1.2) bundler (1.0.10) composite_primary_keys (3.1.10, 3.1.0) daemons (1.0.10) erubis (2.6.6) gem_plugin (0.2.3) i18n (0.5.0) mail (2.2.19, 2.2.15) mime-types (1.16) mongrel (1.2.0.pre2) mysql2 (0.3.6, 0.3.0, 0.2.7, 0.2.6) polyglot (0.3.1) rack (1.2.3, 1.2.2) rack-mount (0.6.14, 0.6.13) rack-test (0.5.7) rails (3.0.6, 3.0.5) railties (3.0.6, 3.0.5) rake (0.9.2, 0.8.7) ruby-odbc (0.99994) sqlite3 (1.3.3) thor (0.14.6) treetop (1.4.9) tzinfo (0.3.29, 0.3.27, 0.3.26, 0.3.25)
Crypto parts of the user.rb model
def create_salt self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}-- #{login}--") end def encrypt_password create_salt self.crypted_password = encrypt(password) end # Encrypts the password with the user salt def encrypt(password) self.class.encrypt(password, salt) end # Encrypts some data with the salt. def self.encrypt(password, salt) Digest::SHA1.hexdigest("--#{salt}--#{password}--") end def self.authenticate(login, password) u=find(:first, :conditions=>["login = ?", login]) return u if u && u.authenticated?(password) nil end def authenticated?(password) crypted_password == encrypt(password) end def password_required? crypted_password.blank? || !password.blank? end