class AddSaltToUsers < ActiveRecord::Migration
  
  class User < ActiveRecord::Base; end
  
  def self.up
    add_column :users, :salt, :string

    # generate salt and rehash password for each user
    # this *must* be done exactly once
    User.all.each do |user|
      if user.salt.blank?
        puts "Adding salt to user ##{user.id} and rehashing password ..."
        user.salt = ActiveSupport::SecureRandom.hex(20)
        user.password_sha1 = Digest::SHA1.hexdigest(user.password_sha1 + user.salt)
        user.save
      end
    end
  end
  
  def self.down
    raise ActiveRecord::IrreversibleMigration
  end
end