| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 46 hours | Implement transparent password hash migration | erdgeist | |
| Add has_secure_password and bcrypt while retaining compatibility with legacy SHA-1 password hashes. Existing users are upgraded to password_digest on their next successful login. Add regression tests covering both legacy and modern authentication paths. | |||
| 48 hours | Use SecureRandom instead of the hand rolled implementation | erdgeist | |
| 2009-02-15 | * initial commit of the stripped restful-authentication | simon | |
| * http basic auth and login from cookie have been removed * no it does not work yet, it's so f*cking secure, it won't even let legitimate users login | |||
