--- title: "Rails 6 allows configurable attribute on #has_secure_password" description: "Rails 6 allows configurable attribute name on has_secure_password" canonical_url: "https://www.bigbinary.com/blog/rails-6-allows-configurable-attribute-name-on-has_secure_password" markdown_url: "https://www.bigbinary.com/blog/rails-6-allows-configurable-attribute-name-on-has_secure_password.md" --- # Rails 6 allows configurable attribute on #has_secure_password Rails 6 allows configurable attribute name on has_secure_password - Author: Amit Choudhary - Published: April 23, 2019 - Categories: Rails 6, Rails [has_secure_password](https://api.rubyonrails.org/v5.2/classes/ActiveModel/SecurePassword/ClassMethods.html#method-i-has_secure_password) is used to encrypt and authenticate passwords using [BCrypt](https://github.com/codahale/bcrypt-ruby) . It assumes the model has a column named `password_digest`. Before Rails 6, [has_secure_password](https://api.rubyonrails.org/v5.2/classes/ActiveModel/SecurePassword/ClassMethods.html#method-i-has_secure_password) did not accept any attribute as a parameter. So, if we needed [BCrypt](https://github.com/codahale/bcrypt-ruby) encryption on a different column other than `password_digest`, we would have to manually encrypt the value before storing it. Rails 6 makes it easy and allows custom attributes as a parameter to `has_secure_password`. `has_secure_password` still defaults to `password` so it works with previous versions of Rails. `has_secure_password` still needs the column named `column_name_digest` defined on the model. `has_secure_password` also adds the `authenticate_column_name` method to authenticate the custom column. Let's check out how it works. #### Rails 5.2 ```ruby >> class User < ApplicationRecord >> has_secure_password >> end => [ActiveModel::Validations::ConfirmationValidator] >> user = User.create(email: 'amit.choudhary@bigbinary.com', password: 'amit.choudhary') BEGIN User Create (0.8ms) INSERT INTO "users" ("email", "password_digest", "created_at", "updated_at") VALUES ($1, $2, $3, $4) RETURNING "id" [["email", "amit.choudhary@bigbinary.com"], ["password_digest", "$2a$10$g6ZJNgakn4I1w/qjAx3vM.I76QSNjFCHtTtT9ovko/9Th50SEmIBO"], ["created_at", "2019-03-17 23:30:13.754379"], ["updated_at", "2019-03-17 23:30:13.754379"]] COMMIT => # >> user.authenticate('amit.choudhary') => # >> class User < ApplicationRecord >> has_secure_password :transaction_password >> end => NoMethodError: undefined method 'fetch' for :transaction_password:Symbol from (irb):9:in '' from (irb):8 ``` #### Rails 6.0.0.beta2 ```ruby >> class User < ApplicationRecord >> has_secure_password >> has_secure_password :transaction_password >> end => [ActiveModel::Validations::ConfirmationValidator] >> user = User.create(email: 'amit.choudhary@bigbinary.com', password: 'amit.choudhary', transaction_password: 'amit.choudhary') BEGIN User Create (0.5ms) INSERT INTO "users" ("email", "password_digest", "transaction_password_digest", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5) RETURNING "id" [["email", "amit.choudhary@bigbinary.com"], ["password_digest", "$2a$10$nUiO7E2XrIJx/sSdpG0JAOL00uFvPRH7kXHLk5f/6qA1zLPHIrpPy"], ["transaction_password_digest", "$2a$10$l6cTpHwV9xOEn2.OumI29OnualGpvr1CgrNrbuMuHyGTltko8eBG2"], ["created_at", "2019-03-17 23:42:28.723431"], ["updated_at", "2019-03-17 23:42:28.723431"]] COMMIT => # >> user.authenticate('amit.choudhary') => # >> user.authenticate_transaction_password('amit.choudhary') => # ``` Here is the relevant [pull request](https://github.com/rails/rails/pull/26764). ## Links - [Human page](https://www.bigbinary.com/blog/rails-6-allows-configurable-attribute-name-on-has_secure_password)