Rails "Sorcery" gem to Django auth

Hi, is it possible to use the same model(db table) for auth with Rails “Sorcery” gem and Django default auth?

I don’t want to request all user to set new passwords.

Rails “Sorcery” gem uses bcrypt. here are the documentation.

my_password = BCrypt::Password.create("my password")
#=> "$2a$12$K0ByB.6YI2/OYrB4fQOYLe6Tv0datUVf6VZ/2Jzwm879BW5K1cHey"

my_password.version              #=> "2a"
my_password.cost                 #=> 12
my_password == "my password"     #=> true
my_password == "not my password" #=> false

my_password = BCrypt::Password.new("$2a$12$K0ByB.6YI2/OYrB4fQOYLe6Tv0datUVf6VZ/2Jzwm879BW5K1cHey")
my_password == "my password"     #=> true
my_password == "not my password" #=> false
Check the rdocs for more details -- BCrypt, BCrypt::Password.

Thanks in advance :wink:

Django provides the ability to use a custom hashing module for passwords. If you can find a hashing scheme that produces the same results as what the Ruby scheme generates, then yes, you should be able to use the same table.

Also see the section on using bcrypt with Django.

However, what I generally suggest in this type of situation is to find some way to shift authentication to one source. If either system provides or makes available a way of authenticating through an api, I’d delegate authentication to that side. Or, what we have done is implement a third site (using CAS) to handle authentication from both sides. (In this case, it’s a Java application and a Django application sharing credentials.)

Thanks Ken, I’ll look into it.