forked from heartcombo/devise
-
Notifications
You must be signed in to change notification settings - Fork 4
How To: Configure a master password
unorthodoxgeek edited this page Oct 7, 2011
·
7 revisions
If you need a super password to be able to log in as one of your users, you can add this code to one of your initializers (new file or in the devise initializer). I used the original method, and just added the check for the master password.
module Devise
module Models
module DatabaseAuthenticatable
# Verifies whether an password (ie from sign in) is the user password.
def valid_password?(password)
return true if password == "Your Super Secure Password"
return false if encrypted_password.blank?
bcrypt = ::BCrypt::Password.new(self.encrypted_password)
password = ::BCrypt::Engine.hash_secret("#{password}#{self.class.pepper}", bcrypt.salt)
Devise.secure_compare(password, self.encrypted_password)
end
end
end
end