lib/devise/models/database_authenticatable.rb in devise-3.2.0 vs lib/devise/models/database_authenticatable.rb in devise-3.2.1

@@ -37,11 +37,11 @@
       end
 
       # Generates password encryption based on the given value.
       def password=(new_password)
         @password = new_password
-        self.encrypted_password = Devise.bcrypt(self.class, @password) if @password.present?
+        self.encrypted_password = password_digest(@password) if @password.present?
       end
 
       # Verifies whether an password (ie from sign in) is the user password.
       def valid_password?(password)
         return false if encrypted_password.blank?
@@ -132,9 +132,18 @@
       def authenticatable_salt
         encrypted_password[0,29] if encrypted_password
       end
 
     protected
+
+      # Digests the password using bcrypt. Custom encryption should override
+      # this method to apply their own algorithm.
+      #
+      # See https://github.com/plataformatec/devise-encryptable for examples
+      # of other encryption engines.
+      def password_digest(password)
+        Devise.bcrypt(self.class, password)
+      end
 
       module ClassMethods
         Devise::Models.config(self, :pepper, :stretches)
 
         # We assume this method already gets the sanitized values from the