diff options
| author | Aaron Patterson <aaron.patterson@gmail.com> | 2012-05-17 10:32:15 -0700 |
|---|---|---|
| committer | Aaron Patterson <aaron.patterson@gmail.com> | 2012-05-17 10:32:15 -0700 |
| commit | 1b604c73f12ed11cf1f9bcc155f1fb89148bbe5c (patch) | |
| tree | cd9c3f59fd165b874e8008139806eb33c05b6b09 /activemodel/lib | |
| parent | de29c3088b624d6a5109e073ef76079d84028abd (diff) | |
| parent | f0213773584f3c15b960098c59d84ea0aafc54aa (diff) | |
| download | rails-1b604c73f12ed11cf1f9bcc155f1fb89148bbe5c.tar.gz rails-1b604c73f12ed11cf1f9bcc155f1fb89148bbe5c.tar.bz2 rails-1b604c73f12ed11cf1f9bcc155f1fb89148bbe5c.zip | |
Merge pull request #6215 from erichmenge/fix_has_secure_password
Fix has secure password
Diffstat (limited to 'activemodel/lib')
| -rw-r--r-- | activemodel/lib/active_model/secure_password.rb | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index 8711b24124..3eab745c89 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -6,8 +6,9 @@ module ActiveModel # Adds methods to set and authenticate against a BCrypt password. # This mechanism requires you to have a password_digest attribute. # - # Validations for presence of password, confirmation of password (using + # Validations for presence of password on create, confirmation of password (using # a "password_confirmation" attribute) are automatically added. + # If you wish to turn off validations, pass 'validations: false' as an argument. # You can add more validations by hand if need be. # # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use has_secure_password: @@ -31,16 +32,20 @@ module ActiveModel # user.authenticate("mUc3m00RsqyRe") # => user # User.find_by_name("david").try(:authenticate, "notright") # => false # User.find_by_name("david").try(:authenticate, "mUc3m00RsqyRe") # => user - def has_secure_password + def has_secure_password(options = {}) # Load bcrypt-ruby only when has_secure_password is used. # This is to avoid ActiveModel (and by extension the entire framework) being dependent on a binary library. gem 'bcrypt-ruby', '~> 3.0.0' require 'bcrypt' attr_reader :password - - validates_confirmation_of :password - validates_presence_of :password_digest + + if options.fetch(:validations, true) + validates_confirmation_of :password + validates_presence_of :password, :on => :create + end + + before_create { raise "Password digest missing on new record" if password_digest.blank? } include InstanceMethodsOnActivation |