From 677da599f2a626083b6928eb58c7123de608687c Mon Sep 17 00:00:00 2001
From: joshua stein <jcs@jcs.org>
Date: Sun, 11 Oct 2015 12:53:07 -0500
Subject: [PATCH] login: if user password hash is not at current rounds,
 re-encrypt it

---
 app/controllers/login_controller.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb
index 4171350..c2d0077 100644
--- a/app/controllers/login_controller.rb
+++ b/app/controllers/login_controller.rb
@@ -26,6 +26,11 @@ class LoginController < ApplicationController
     user.try(:authenticate, params[:password].to_s)
       session[:u] = user.session_token
 
+      if !user.password_digest.to_s.match(/^\$2a\$#{BCrypt::Engine::DEFAULT_COST}\$/)
+        user.password = user.password_confirmation = params[:password].to_s
+        user.save!
+      end
+
       if (rd = session[:redirect_to]).present?
         session.delete(:redirect_to)
         return redirect_to rd