password_rehasher

Password Rehasher is a temporary gem to rehash the passwords in the RPM database to scrypt.

Usage

To rehash individual password on login (requires plaintext password)

if (PasswordRehasher.validate_and_rehash?(user, plaintext_password, crypted_password))
    # user is logged in and the password is rehashed (if necessary)
else
    # user is not logged in
end

user needs to be an object that responds to update_attribute and salt.

To rehash the pre-existing SHA1 hashes without the knowlege of plaintext password

if password_hash.length == 40             # All SHA1 hashes are 40, no other hashes are
  nested_hash = PasswordRehasher.nested_hash(sha1)
  # Write the nested hash to the DB.
end