This addition will now allow configuring an attribute name for the

existing `#has_secure_password`. This can be useful when one would
like to store some secure field as a digest, just like a password.

The method still defaults to `password`. It now also allows using the
same `#authenticate` method which now accepts a second argument for
specifying the attribute to be authenticated, or will default to 'password`.

A new method is also added for generating a new token for an attribute by
calling `#regenerate_XXXX` where `XXXX` is the attribute name.

1 files changed, 21 insertions, 0 deletions

diff --git a/activemodel/CHANGELOG.md b/activemodel/CHANGELOG.md
index 10f1de6706..0721655a9c 100644
--- a/activemodel/CHANGELOG.md
+++ b/activemodel/CHANGELOG.md
@@ -1,3 +1,24 @@
+*   Allows configurable attribute name for `#has_secure_password`. This
+    still defaults to an attribute named 'password', causing no breaking
+    change. Also includes a convenience method `#regenerate_XXX` where 
+    +XXX+ is the name of the custom attribute name, eg:
+    
+        class User < ActiveRecord::Base
+            has_secure_password :activation_token, validations: false
+        end
+        
+        user = User.new()
+        user.regenerate_activation_token
+        user.activation_token               # => "ME7abXFGvzZWJRVrD6Et0YqAS6Pg2eDo"
+        user.activation_token_digest        # => "$2a$10$0Budk0Fi/k2CDm2PEwa3Be..."
+        
+     The existing `#authenticate` method now allows specifying the attribute
+     to be authenticated, but defaults to 'password', eg:
+      
+        user.authenticate('ME7abXFGvzZWJRVrD6Et0YqAS6Pg2eDo', :activation_token) # => user
+        
+     *Unathi Chonco*
+
 *   Removed deprecated `:tokenizer` in the length validator.
 
     *Rafael Mendonça França*