Clever Geek Handbook

Invalid salt (BCrypt :: Errors :: InvalidSalt)

Since upgrading to Ruby 2.2.0, the following message appears in my tests:

invalid salt (BCrypt::Errors::InvalidSalt)

I have not found an update notification to help me understand the problem. I am using Rails 4.1.8 and Sorcerery 0.8.6.

Does anyone else have this problem?

ADDITIONAL INFORMATION:

I am using Sorcery, not Devise. The encrypted data is the password. It all started in cucumber tests, on 2 occasions: When I sent @user to the mailer to prepare data for emails. Here is the code:

UserMailer.passphrase_reset_notification (@user) Provide

Thrown an exception with the post I wrote in the original post. As a workaround, instead of sending @user, I sent the fields I needed and it worked. Here's the new code:

UserMailer.passphrase_reset_notification (@ user.name, @ user.email) .deliver

But the second case is registration. This failed in dev and I had to add: salt to user_params to fix it. But that doesn't fix the thing in the test env.

No stack trace, just one liner message with the lines of my script leading to the error.

And I click Register Invalid Salt (BCrypt :: Errors :: InvalidSalt). / app / controllers / users _controller.rb: 66: in block in create' ./app/controllers/users_controller.rb:64:in

create '. / app / controllers / application _controller.rb: 120: in scope_current_tenant' ./features/step_definitions/web_steps.rb:53:in

/ ^ (?: | I) click "([^"] *) "$ / 'features / users / sign_up.feature: 149: in` And I click " Register "

I removed the "null: false" for the "salt" field in the user table as suggested by a community member in a post on a more or less similar issue, it didn't help either.

My main question is still the same: What is the new Ruby version (2.2.0) doing? And what other surprises could there be if I update the product?

+3


source to share


3 answers


** FIXED ** The problem, mine at least, is fixed. I just updated the bcrypt gem from 3.1. 9 to 3.1.10 and that's it! Thanks for Oleg creating a problem with the bcrypt account.



+1


source


I just fixed this. It turned out to have something to do with serializing the object with has_secure_password

(which is using bcrypt-ruby

)

More specifically, something like the following was causing the issue with Sidekiq as it was trying to serialize the arguments to objects for the Redis queue.



@user = User.new(
  :firstname => 'Scott',
  :lastname => 'Klein',
  :password => 'mypass',
  :password_confirmation => 'mypass'   
)
@user.save!

# broken
# note that @user.password can still be called here
# and sidekiq will attempt to serialize this whole object using YAML
# and this is the serialization issue that barfs (in the depths of YAML)
UserMailer.delay.new_user_signup(@user)

# fixed
# i just passed the id and then recalled the user record in the mailer class
UserMailer.delay.new_user_signup(@user.id)
+3


source


I had a similar problem. Research led me to conclude that bcrypt does not play well with Psych (this Ruby library for generating and parsing YAML).

An open bcrypt issue will now open . Waiting for the author of the gem to correct it.

+2


source






More articles:


All Articles