jarednorman
commented
2 years ago I encountered this recently. We should probably maintain that setting for old apps, but use bcrypt for new installations. I dug into it and the decision to use authlogic_sha512 goes back really far and I couldn't find any explanation in the git history/project for it.
I was surprised to see the default encryptor for Devise was overwritten in this gem. Is there a good reason for this?
When I attempted to export my solidus user database to another platform, Firebase Auth, I couldn't find a solution for importing the passwords using the SHA512 examples found in their docs: https://firebase.google.com/docs/auth/admin/import-users
Perhaps someone here might have a clue how to get passwords over to Firebase Auth.
Here's where the encryptor is being set in this repo. https://github.com/solidusio/solidus_auth_devise/blob/ed42532d91c6c59e74b8f28796af4cc3c5971a34/config/initializers/devise.rb#L43