From 95049fdd5e96e046e7ab8309a3a739d3cd94b497 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Thu, 16 Jul 2026 19:45:42 +0200 Subject: Implement transparent password hash migration Add has_secure_password and bcrypt while retaining compatibility with legacy SHA-1 password hashes. Existing users are upgraded to password_digest on their next successful login. Add regression tests covering both legacy and modern authentication paths. --- Gemfile | 1 + 1 file changed, 1 insertion(+) (limited to 'Gemfile') diff --git a/Gemfile b/Gemfile index 97257a9..cad34df 100644 --- a/Gemfile +++ b/Gemfile @@ -38,6 +38,7 @@ gem 'rails_icons' gem 'globalize', '~> 7.0' # translated model attributes (Page title/abstract/body) gem 'acts_as_list' # page revision ordering gem 'will_paginate', '~> 3.0' +gem 'bcrypt', '~> 3.1' # Pinned to git until a release widens the activerecord < 8.1 ceiling. # Both gems work correctly on Rails 8.1; the gemspec constraint is overly conservative. -- cgit v1.3