Replace BCrypt::Engine with BCrypt::Password

lib/generators/nifty/authentication/templates/fixtures.yml

@@ -8,7 +8,6 @@ foo:
   password_salt: n6z_wtpWoIsHgQb5IcFd
 <%- else -%>
   password_hash: 3488f5f7efecab14b91eb96169e5e1ee518a569f
-  password_salt: bef65e058905c379436d80d1a32e7374b139e7b0
 <%- end -%>
 
 bar:
@@ -20,5 +19,4 @@ bar:
   password_salt: UiAh9ejabnKRxqsiK0xO
 <%- else -%>
   password_hash: 3488f5f7efecab14b91eb96169e5e1ee518a569f
-  password_salt: bef65e058905c379436d80d1a32e7374b139e7b0
 <%- end -%>

lib/generators/nifty/authentication/templates/migration.rb

@@ -9,7 +9,6 @@ def self.up
     <%- else -%>
       t.string :password_hash
     <%- end -%>
-      t.string :password_salt
       t.timestamps
     end
   end

lib/generators/nifty/authentication/templates/tests/rspec/user.rb

@@ -52,11 +52,10 @@ def new_<%= user_singular_name %>(attributes = {})
     new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').should have(1).error_on(:password)
   end
 
-  it "should generate password hash and salt on create" do
+  it "should generate password hash on create" do
     <%= user_singular_name %> = new_<%= user_singular_name %>
     <%= user_singular_name %>.save!
     <%= user_singular_name %>.password_hash.should_not be_nil
-    <%= user_singular_name %>.password_salt.should_not be_nil
   end
 
   it "should authenticate by username" do

lib/generators/nifty/authentication/templates/tests/shoulda/user.rb

@@ -54,11 +54,10 @@ def setup
     assert_equal ["doesn't match confirmation"], new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').errors[:password]
   end
 
-  should "generate password hash and salt on create" do
+  should "generate password hash on create" do
     <%= user_singular_name %> = new_<%= user_singular_name %>
     <%= user_singular_name %>.save!
     assert <%= user_singular_name %>.password_hash
-    assert <%= user_singular_name %>.password_salt
   end
 
   should "authenticate by username" do

lib/generators/nifty/authentication/templates/tests/testunit/user.rb

@@ -54,11 +54,10 @@ def test_require_matching_password_confirmation
     assert_equal ["doesn't match confirmation"], new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').errors[:password]
   end
 
-  def test_generate_password_hash_and_salt_on_create
+  def test_generate_password_hash_on_create
     <%= user_singular_name %> = new_<%= user_singular_name %>
     <%= user_singular_name %>.save!
     assert <%= user_singular_name %>.password_hash
-    assert <%= user_singular_name %>.password_salt
   end
 
   def test_authenticate_by_username

lib/generators/nifty/authentication/templates/user.rb

@@ -19,18 +19,17 @@ class <%= user_class_name %> < ActiveRecord::Base
   # login can be either username or email address
   def self.authenticate(login, pass)
     <%= user_singular_name %> = find_by_username(login) || find_by_email(login)
-    return <%= user_singular_name %> if <%= user_singular_name %> && <%= user_singular_name %>.password_hash == <%= user_singular_name %>.encrypt_password(pass)
+    return <%= user_singular_name %> if <%= user_singular_name %> && BCrypt::Password.new(<%= user_singular_name %>.password_hash) == pass
   end
 
   def encrypt_password(pass)
-    BCrypt::Engine.hash_secret(pass, password_salt)
+    BCrypt::Password.create(pass)
   end
 
   private
 
   def prepare_password
     unless password.blank?
-      self.password_salt = BCrypt::Engine.generate_salt
       self.password_hash = encrypt_password(password)
     end
   end

nifty-generators.gemspec

@@ -14,7 +14,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'cucumber', '~> 0.9.2'
   s.add_development_dependency 'rails', '~> 3.0.0'
   s.add_development_dependency 'mocha', '~> 0.9.8'
-  s.add_development_dependency 'bcrypt-ruby', '~> 2.1.2'
+  s.add_development_dependency 'bcrypt-ruby', '~> 2.1.4'
   s.add_development_dependency 'sqlite3-ruby', '~> 1.3.1'
 
   s.rubyforge_project = s.name