Error with BCrypt on login

[Tao-Galasse]

Hi!

I just started a fresh Rails 6.1.3 app with Ruby 2.7.2.

I installed Trestle & Trestle Auth, and everything was fine until I tried to login and got this error :

BCrypt::Errors::InvalidHash in Trestle::Auth::SessionsController#create

Indeed, in my console, when I try to authenticate my admin, I got the same issue :

admin.authenticate('password')
=> BCrypt::Errors::InvalidHash: invalid hash

I'm running on the last released versions of Trestle & Trestle Auth, and also tried to use the Trestle Auth version from the master branch, but I'm always getting this error.

I tried to download the code of TrestleAdmin from master branch and looked directly at the authenticate method (Trestle::Auth::ModelMethods::ClassMethods#authenticate), and it seems like the password variable is indeed a string and not a BCrypt hash.

Any idea about what could cause this @spohlenz ? 🙏

[Tao-Galasse]

Silly me 🤦 Seems like I created my Administrator record with a password_digest instead of password, so it obviously broke everything.

Sorry for the unnecessary issue. Have a nice day 😄

[synth]

I hit this as well. password_digest is created by the generator. Is password_digest used by devise and perhaps its there as a default for that?

UPDATE: My issue is that I'm installing Trestle into an engine so the models are namespaced. This doesn't play well with the generator and it crashed. I then customized the config and then re-ran the generator. But this caused the model class to not have the appropriate includes. IE, make sure your model has:

module BlorghEngine
  class Administrator < ApplicationRecord
    has_secure_password # also add this
    include Trestle::Auth::ModelMethods
    include Trestle::Auth::ModelMethods::Rememberable
  end
end