RobertDober
commented
1 year ago oops wrong branch
Closed RobertDober closed 1 year ago
RobertDober
commented
1 year ago oops wrong branch
RobertDober
commented
1 year ago that is what I wanted
https://github.com/heartcombo/devise/compare/v4.8.1...RobertDober:devise:argon2-4.8.1
RobertDober
commented
1 year ago https://github.com/heartcombo/devise/compare/v4.8.1...RobertDober:argon2-4.8.1-draft?expand=1
Sorry just cannot make a new PR with this now, probably because of using a tag as base. I'll try to make the same suggestions relative to the base branch.
Sorry for the mess, rebasing is coming up!!
Hello there
this is (yet) more a question then an implementation. AAMOF my organization is pushed by one of our clients to not use bcrypt but argon2 for password hashing. Although we are perfectly happy with bcrypt we have a fork running with Argon2 replacing Bcrypt.
But we have no intention to maintain a fork of devise, so we thought, that maybe you would be interested in integrating argon2 and I have made a rough (untested) sketch of what I had in mind.
Of course the argon2 dependency could be removed from the PR by making the encryptor API public which is just the two module methods
digestandcompare. OTOH I wanted to share the Argon code too if you were interested.I would appreciate any feedback in oreder to avoid any unnecessary waste of time, if however you are interested our organization would be most happy to give back to devise which is my second preferred José Valim project, (sorry Ruby) you can guess which one is the first ;).
Thank you in advance Robert