Affects Version/s: 0.9.176
Fix Version/s: 0.9.181
Required Access Level:Admin
This is born from https://otwarchive.atlassian.net/browse/AO3-2839
Originally reported on Google Code with ID 2842
The Devise gem is a popular option for authentication with Rails 3: https://github.com/plataformatec/devise
It includes some functionality that we've implemented ourselves; if we migrated, that
would be code that we didn't need to maintain, and using a well-supported tool with
a large community behind it would have some security upsides. I also suspect that migrating
the users table over wouldn't be very difficult, and there are some good options available
for integrating it with Omniauth.
How to test.
This passes test which is positive. I would ask Betsy in particular to do so as she has a old,old password encrypted form on test.
Well check that non admins can login and out and can't access admin only pages.
Check that admins can log in and out with their old password and that they can access admin pages.