Rails 迷你测试 BCrypt::Errors::InvalidHash:

Rails minitest BCrypt::Errors::InvalidHash:

我一直在关注 Hartl 的 Rails 教程,并且正在对我的登录实施迷你测试。目前,一切正常,用户可以成功登录。

但是当我 运行 对我的登录集成进行测试时,我在尝试消化令牌时不断收到此错误....

BCrypt::Errors::InvalidHash: invalid hash
  app/controllers/sessions_controller.rb:13:in `create'
  test/integration/users_login_test.rb:21:in `block in <class:UsersLoginTest>'
  app/controllers/sessions_controller.rb:13:in `create'
  test/integration/users_login_test.rb:21:in `block in <class:UsersLoginTest>'

谁能帮我理解这个错误,以及我该如何解决它。

型号

class User < ActiveRecord::Base
  belongs_to :district
  belongs_to :school

  ###Why doesn't this work?------
  def User.digest(token)
    Digest::SHA1.hexdigest(token.to_s)
  end

end

赛程 (users.yml)

tom:
  district_id: 1
  school_id: 6
  firstName: Tommy
  lastName: Pickles
  username: pickleman
  email: pickleman@gmail.com

  ###Error on this line------
  password_digest: <%= User.digest('password') %>

积分(user_login_test.rb)

require 'test_helper'

class UsersLoginTest < ActionDispatch::IntegrationTest

  def setup
    @user = users(:tom)
  end

  test "login with valid information" do
    get login_path

    ###Error on Sign Up Here------
    post sessions_path, session: { username: @user.username, password: 'password' }

    assert_redirected_to district_district_resources_path(@user.district)
    follow_redirect!
    assert_template 'sessions/new'
    assert_select "a[href=?]", login_path, count: 0
  end

end

控制器

class SessionsController < ApplicationController

  #create session for login
  def create
    user = User.find_by(username: params[:session][:username]) if defined? params[:session][:username]  
    district = user.district if user
    school = user.school if user

    if user && user.authenticate(params[:session][:password]) && district
        user_sign_in user
        redirect_to district_district_resources_path(district)
    else
        flash.now[:error] = 'Invalid username / password combination' # Not quite right!
        render 'new'
    end

end

BCrypt::Errors::InvalidHash 当存储在 password_digest 中的哈希不是有效的 BCrypt 哈希时引发。

简而言之,您不能只在其中转储任何 SHA1,您需要创建这样的哈希:

sha1_password = Digest::SHA1.hexdigest(token.to_s)
BCrypt::Password.create(sha1_password).to_s

有关此主题的详细说明,请参阅 this answer

如果您正尝试通过 fixtures 生成用于 minitest 测试的密码,那么我建议您看看这个:Functional testing with Rails and Devise. What to put in my fixtures?

找到解决方法。

创建了一个用户,密码为:password

然后我直接将生成的password_digest添加到users.yml中让minitest工作。

users.yml

tom:
  district_id: 1
  school_id: 6
  firstName: Tommy
  lastName: Pickles
  username: pickleman
  email: pickleman@gmail.com

  ###HERE----
  password_digest: a$g/A4D6KtaLtxvm2lZ8C.vuPvl8Zu2TrbnPYpM6r59Wu397hlY42GO