diff options
Diffstat (limited to 'activemodel/lib/active_model/secure_password.rb')
| -rw-r--r-- | activemodel/lib/active_model/secure_password.rb | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb index 8711b24124..3eab745c89 100644 --- a/activemodel/lib/active_model/secure_password.rb +++ b/activemodel/lib/active_model/secure_password.rb @@ -6,8 +6,9 @@ module ActiveModel # Adds methods to set and authenticate against a BCrypt password. # This mechanism requires you to have a password_digest attribute. # - # Validations for presence of password, confirmation of password (using + # Validations for presence of password on create, confirmation of password (using # a "password_confirmation" attribute) are automatically added. + # If you wish to turn off validations, pass 'validations: false' as an argument. # You can add more validations by hand if need be. # # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use has_secure_password: @@ -31,16 +32,20 @@ module ActiveModel # user.authenticate("mUc3m00RsqyRe") # => user # User.find_by_name("david").try(:authenticate, "notright") # => false # User.find_by_name("david").try(:authenticate, "mUc3m00RsqyRe") # => user - def has_secure_password + def has_secure_password(options = {}) # Load bcrypt-ruby only when has_secure_password is used. # This is to avoid ActiveModel (and by extension the entire framework) being dependent on a binary library. gem 'bcrypt-ruby', '~> 3.0.0' require 'bcrypt' attr_reader :password - - validates_confirmation_of :password - validates_presence_of :password_digest + + if options.fetch(:validations, true) + validates_confirmation_of :password + validates_presence_of :password, :on => :create + end + + before_create { raise "Password digest missing on new record" if password_digest.blank? } include InstanceMethodsOnActivation |