finished the write-up for crytpo vuln, close issue #5

2013-06-03 18:08:21 -04:00
parent 0b09e0d4c1
commit e1dfb8309c
2 changed files with 65 additions and 6 deletions
@@ -25,7 +25,6 @@ class User < ActiveRecord::Base
  def self.authenticate(email, password)
       auth = nil
       user = find_by_email(email)
-       # I heard something about hashing, dunno, why bother really. Nobody will get access to my stuff!
       if user
         if user.password == Digest::MD5.hexdigest(password)
           auth = user