Months ago (maybe even months, months ago) a colleague and I had to rewrite a Laravel 4 backend app to a Rails 4 one. At the near final stage of the project, I took responsibility for migrating the old database so that our new app can work with. Everything was fine, except for the passwords. Laravel and Devise (a popular authentication solution for Rails) use different kinds of hash for passwords. It took me a day to dig into the problem but it turned out that the solution was quite simple, ridiculously. I thought of writing a custom encryptor for Devise, but actually I just needed to update the old passwords like this:

UPDATE users SET encrypted_password = REPLACE(encrypted_password, '$2y$10', '$2a$10');

Both Laravel and Devise use Bcrypt to encrypt the password, but Laravel seems to use a newer version of the algorithm (`2y`) compare to Devise’s (`2a`). But it’s luckily that the only difference between a `2a` and a `2y` password are their prefixes (`$2y$10` and `$2a$10`). That’s why the above solution works.