Sha256: a60816b9f88be208470bd87d0e6f010759d0cc11bc352a7ee01b24b94752b1ee

Contents?: true

Size: 815 Bytes

Versions: 35

Compression:

Stored size: 815 Bytes

Contents

= Store password hash in accounts table

By default, Rodauth stores the password hash in a separate
+account_password_hashes+ table.  This makes it a lot less likely that the
password hashes will be leaked, especially if you use Rodauth's default
approach of using database functions for checking the hashes.

However, if you have reasons for storing the password hashes in +accounts+
table that outweigh the security benefits of Rodauth's default approach,
Rodauth supports that.

To do this, add the password hash column to the +accounts+ table:

  alter_table :accounts do
    add_column :password_hash, String
  end

And then tell Rodauth to use it:

  plugin :rodauth do
    enable :login, :logout

    # Use the password_hash column in the accounts table
    account_password_hash_column :password_hash
  end

Version data entries

35 entries across 35 versions & 1 rubygems

Version Path
rodauth-2.16.0 doc/guides/password_column.rdoc
rodauth-2.15.0 doc/guides/password_column.rdoc
rodauth-2.14.0 doc/guides/password_column.rdoc
rodauth-2.13.0 doc/guides/password_column.rdoc
rodauth-2.12.0 doc/guides/password_column.rdoc
rodauth-2.11.0 doc/guides/password_column.rdoc
rodauth-2.10.0 doc/guides/password_column.rdoc
rodauth-2.9.0 doc/guides/password_column.rdoc
rodauth-2.8.0 doc/guides/password_column.rdoc
rodauth-2.7.0 doc/guides/password_column.rdoc
rodauth-2.6.0 doc/guides/password_column.rdoc
rodauth-2.5.0 doc/guides/password_column.rdoc
rodauth-2.4.0 doc/guides/password_column.rdoc
rodauth-2.3.0 doc/guides/password_column.rdoc
rodauth-2.2.0 doc/guides/password_column.rdoc