Add built-in Argon2 support for
has_secure_password.has_secure_passwordnow supports Argon2 as a built-in algorithm:class User < ActiveRecord::Base has_secure_password algorithm: :argon2 endTo use Argon2, add
gem "argon2", "~> 2.3"to your Gemfile.Argon2 has no password length limit, unlike BCrypt's 72-byte restriction.
Justin Bull, Guillermo Iguaran
Add ActiveModel::SecurePassword.register_algorithm to register new algorithms for
has_secure_passwordby symbol:ActiveModel::SecurePassword.register_algorithm can be used to register new algorithms:
ActiveModel::SecurePassword.register_algorithm :custom_password, CustomPasswordclass User < ActiveRecord::Base has_secure_password algorithm: :custom_password endBCrypt is pre-registered as
:bcryptin the algorithms registry.Justin Bull, Guillermo Iguaran
has_secure_passwordcan support different password hashing algorithms (if defined) using the:algorithmoption:class CustomPassword def hash_password(unencrypted_password) CustomHashingLibrary.create(unencrypted_password) end def verify_password(password, digest) CustomHashingLibrary.verify(password, digest) end def password_salt(digest) CustomHashingLibrary.salt(digest) end def validate(record, attribute) # ... end def algorithm_name :custom end endclass User < ActiveRecord::Base has_secure_password algorithm: CustomPassword.new endJustin Bull, Lucas Mazza
Allow passing method name or proc to
allow_nilandallow_blankclass EnrollmentForm include ActiveModel::Validations attr_accessor :course validates :course, inclusion: { in: :open_courses }, allow_nil: :saving_progress? endRichard Lynch
Add error type support arguments to ActiveModel::Errors#messages_for and ActiveModel::Errors#full_messages_for
person = Person.create() person.errors.(:name, :invalid) # => ["Name is invalid"] person.errors.(:name, :invalid) # => ["is invalid"]Eugene Bezludny
Make ActiveModel::Serializers::JSON#from_json compatible with
#assign_attributesSean Doyle
Please check [8-1-stable]) for previous changes.