DEV Community

Igor Alexandrov for JetRockets

Posted on • Originally published at jetrockets.pro

Migrating user passwords from Django to Ruby

One of our clients asked us to migrate his existing Django application to Ruby. A part of this process was a migration of an existing users database.
Of course we had to find a way to use existing crypto passwords from Django and not asking our users to reset them

Passwords in Django are stored as a string that consists of four parts splitted with a dollar sign.

<algorithm>$<iterations>$<salt>$<hash>
Enter fullscreen mode Exit fullscreen mode

By default, Django uses the PBKDF2 algorithm with a SHA256 hash. I found a rather outdated Ruby gem that implements a Password-Based Key-Derivation Function and gave it a try.

def migrate_django_password_seamlessly(user, password)
  alg, iteration, salt, django_password = user.crypted_django_password.split('$')
  attempt = Base64.encode64(
    PBKDF2.new(password: password, salt: salt, iterations: 36000).bin_string
  ).strip

  # check if hash of user provided password equals to the password in a database
  if attempt == django_password
    user.update(password: password, password_confirmation: password)
  end
end
Enter fullscreen mode Exit fullscreen mode

The method above is a part of user sign in service and called only if crypted_django_passwordcolumn from users table is not null.

Top comments (0)