I’ve added authentication to my application using Guardian. However, I have zero experience with creating well written/secure authentication code for web applications. The idea that Pow provides best practices/common patterns that I can just follow - is very enticing! So I’d like to switch.
However, one thing I’m not sure about is how to migrate existing users. I’d like to use Pow on top of my existing
users table - but the existing
:password_hash field has been populated with a call to
Comeonin.Bcrypt.hashpwsalt. I was hoping that when I tried to login with Pow, it would simply deny access and then the user would have no choice but to use the password recovery feature. But instead, it crashes.
Maybe I could get around this by setting the
:password_hash field to
null? Is there a friendlier way to do this?