I’ve added authentication to my application using Guardian. However, I have zero experience with creating well written/secure authentication code for web applications. The idea that Pow provides best practices/common patterns that I can just follow - is very enticing! So I’d like to switch.
However, one thing I’m not sure about is how to migrate existing users. I’d like to use Pow on top of my existing users
table - but the existing :password_hash
field has been populated with a call to Comeonin.Bcrypt.hashpwsalt
. I was hoping that when I tried to login with Pow, it would simply deny access and then the user would have no choice but to use the password recovery feature. But instead, it crashes.
Maybe I could get around this by setting the :password_hash
field to null
? Is there a friendlier way to do this?
Thanks!