dkubb changed the topic of #datamapper to: Datamapper v1.2.0 | Mailing List: http://is.gd/aa9D | Logs: http://is.gd/qWAL7V | DataMapper 2 Renamed to ROM, see #rom-rb for development
Sylvain2 has quit [Quit: Leaving.]
Sylvain1 has joined #datamapper
Sylvain1 has quit [Ping timeout: 245 seconds]
rsim has joined #datamapper
ckrailo has quit [Quit: Computer has gone to sleep.]
rsim has quit [Ping timeout: 240 seconds]
bobocopy has joined #datamapper
v0n has joined #datamapper
knowtheory has quit [Quit: Computer has gone to sleep]
jeremyevans has quit [Quit: leaving]
knowtheory has joined #datamapper
tillsc_ has joined #datamapper
tillsc has quit [Ping timeout: 256 seconds]
knowtheory has quit [Quit: Computer has gone to sleep]
zombor has quit [Remote host closed the connection]
jeremyevans has joined #datamapper
dkubb has quit [Ping timeout: 264 seconds]
zombor has joined #datamapper
gix- has quit [Quit: Client exiting]
knowtheory has joined #datamapper
gix has joined #datamapper
zombor has quit [Ping timeout: 264 seconds]
bobocopy has quit [Quit: Leaving.]
dkubb has joined #datamapper
kurko__ has quit [Quit: Computer has gone to sleep.]
snusnu has quit [Quit: Leaving.]
Sylvain1 has joined #datamapper
rsim has joined #datamapper
v0n has quit [Ping timeout: 264 seconds]
rsim has quit [Ping timeout: 240 seconds]
Sylvain1 has quit [Remote host closed the connection]
<mralk3>
i have a bit of code that is checking to see if a user name exists in my database. has_key? is showing as deprecated, what would be an alternative to that to check if a user name exists in my database?
<onewheelskyward>
if user = Users.first(username: supplied_username) ?
<mralk3>
alrighty, i was using some old code someone posted. trying to validate a user against a bcrypt encrypted password
snusnu has quit [Ping timeout: 256 seconds]
snusnu has joined #datamapper
<mralk3>
hm well i suppose i should have saved the password hash too :X
<mralk3>
err salt
<namelessjon>
mralk3: BCrypt embeds the salt in the string you save to the db
<mralk3>
or maybe drop line 7 and compare @user.password to password_hash
v0n has quit [Ping timeout: 264 seconds]
<onewheelskyward>
You don't want to generate a new salt, that will always yield a different result. You want to use the salt generated when the user was created.
<onewheelskyward>
You need to bcrypt the supplied password with the original salt and compare the values with what's in the database.
<namelessjon>
There's a really easy way to do it actually
<mralk3>
yeah i have a different page in sinatra generating the salt
<namelessjon>
mralk3: Don't generate salts yourself, either
<mralk3>
so i suppose i need to make a method that will do the salt
<mralk3>
sorry guys im new to ruby so im kinda dragging my feet a bit
<mralk3>
i was going to use the sinatra-authentication gem, but i figure its better to learn to make your own auth system and do your own security testing
<mralk3>
seeing as that gem is so out of date
<onewheelskyward>
Actually, I'd say it's better not to do your own security testing.
<onewheelskyward>
If you're building a well-exposed system.
<onewheelskyward>
Learn from the others that have been there before.
<mralk3>
i wont be the only person testing it
<namelessjon>
Very much so. It's easy mess up.
<onewheelskyward>
I'm not saying don't do your own security testing, just that you can build on top of something that's been tested.
<mralk3>
what are my options for sinatra auth systems? sinatra-athentication, warden, and i didnt see anyting else
v0n has quit [Read error: Operation timed out]
<mralk3>
the rack auth is just basic http authentication
<namelessjon>
omniauth, too.
<onewheelskyward>
those are the ones I've found so far. Have yet to impl any of them.
rsim has quit [Quit: Leaving.]
<mralk3>
i wonder if i could use some sort of authentication against my google apps domain
<mralk3>
to log into my site
<namelessjon>
I'd be surprised if there wasn't an omniauth strategy for that