phinjensen
commented
6 years ago original author: Jon Jensen
date: 2016-04-04T13:04:17-04:00Nice approach to handling legacy and new password hashing methods at the same time.
When I read this: "Once this has been running in production for a while and all the users have signed in and auto-migrated their passwords, clean-up will be easy" ... I thought back to everywhere I've seen old + new hashing coexisting, and I don't think I've ever seen a public-facing application ever have all its old users log in and get converted to the new.
With that in mind, how will you ever be able to delete the old code? Maybe eventually expire the old password hashes and require those users to reset their password if they ever come back?
Comments for https://www.endpointdev.com/blog/2016/02/devise-migration-legacy-rails-app/ By Brian Gadoury
To enter a comment: