Hey Again, So I'm still working through AWDwR and I've just completed the authentication section for users. I understand the idea behind salts and general authentication. The part I feel I'm missing is when the first salt is created and stored to the db. (I can post the code but I assume anyone whos read the book knows what I'm referring to)
In the users_controller I see the new user model being created, passed the parameters from the form and then saved. But non of the parameters are the salt. Nor did this function call the salt creation method in the user model. So I just don't get when the salt is actually generated to be saved to the database. Then to my understanding when the user logs in. The salt is pulled from the db concatenated onto the plain text password submitted by the form, SHA1 digested and compared to the hashed_password field in the db. Which makes sense. Thanks, -bp --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk@googlegroups.com To unsubscribe from this group, send email to rubyonrails-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
