Refactor `has_secure_password` to extract dedicated attribute module

Follow up of #26764 and #35700.

And add test case for #35700.

2 files changed, 21 insertions, 0 deletions

diff --git a/activemodel/test/cases/secure_password_test.rb b/activemodel/test/cases/secure_password_test.rb
index bbf443290b..0aca714bd2 100644
--- a/activemodel/test/cases/secure_password_test.rb
+++ b/activemodel/test/cases/secure_password_test.rb
@@ -184,6 +184,20 @@ class SecurePasswordTest < ActiveModel::TestCase
     assert_nil @existing_user.password_digest
   end
 
+  test "override secure password attribute" do
+    assert_nil @user.password_called
+
+    @user.password = "secret"
+
+    assert_equal "secret", @user.password
+    assert_equal 1, @user.password_called
+
+    @user.password = "terces"
+
+    assert_equal "terces", @user.password
+    assert_equal 2, @user.password_called
+  end
+
   test "authenticate" do
     @user.password = "secret"
     @user.recovery_password = "42password"
diff --git a/activemodel/test/models/user.rb b/activemodel/test/models/user.rb
index bb1b187694..fc4a9e4334 100644
--- a/activemodel/test/models/user.rb
+++ b/activemodel/test/models/user.rb
@@ -10,4 +10,11 @@ class User
   has_secure_password :recovery_password, validations: false
 
   attr_accessor :password_digest, :recovery_password_digest
+  attr_accessor :password_called
+
+  def password=(unencrypted_password)
+    self.password_called ||= 0
+    self.password_called += 1
+    super
+  end
 end