How to compare hashes coming from JSON in RAILS

1

Personal I created a web service that today receives a registry and a password, it makes a select in the bank and compares to see if the registry and password are equal, if yes it shows a few options.At that moment the password is being sent in pure text, I would implement security on it, either via hash or otherwise ...

I would like the application to send registration":102030" want to receive a hash and compare it with the hash of the BD;

Controller

def index
  student = Student.new
  return_dados = student.sqlValidatedLogin(params[:registration].to_s,params[:password].to_s)
  render :json => return_dados
  end

Model

def sqlValidatedLogin(registration,password)
        query_student = "SELECT id, name, registration FROM students WHERE registration = "+
        registration+" AND password = "+password
        ActiveRecord::Base.connection.execute(query_student)
end

Does anyone have any idea how I can not send the password in plain text from Mobile via JSON

    
asked by anonymous 31.08.2016 / 15:48

2 answers

1

Hello,

I suggest you take a look at this RailsCast that talks about Token Authentication .

    
01.09.2016 / 15:13
1

JWT is the way.

Take a look at this post:

link

    
08.09.2016 / 15:27