aboutsummaryrefslogtreecommitdiffstats
path: root/activemodel/test/cases/secure_password_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* `has_secure_password` is not invalid when assigning empty Strings.Yves Senn2013-03-041-0/+6
| | | | | | | | | | Closes #9535. With 692b3b6 the `password=` setter does no longer set blank passwords. This triggered validation errors when assigning empty Strings to `password` and `password_confirmation`. This patch only sets the confirmation if it is not `blank?`.
* Use secure password min cost option in its own tests for a speed upCarlos Antonio da Silva2012-11-211-2/+10
| | | | Around 0.564359s => 0.092244s speed up in my machine.
* Use BCrypt's MIN_COST in the test environment for speedier testsTrevor Turk2012-11-141-1/+12
|
* Cleanup trailing whitespacesdfens2012-10-121-1/+1
|
* Remove MassAssignmentSecurity from ActiveModelGuillermo Iguaran2012-09-161-12/+0
| | | | This will be moved out to protected_attributes gem
* has_secure_password should not raise a 'digest missing' error if the calling ↵Robby Grossman2012-07-311-0/+8
| | | | class has specified for validations to be skipped.
* Updated tests for has_secure_password.Erich Menge2012-05-081-8/+22
|
* Fix secure_password setterOscar Del Ben2012-04-241-0/+6
|
* use variables from test setupVijay Dev2011-10-171-6/+4
|
* AM mass assignment security attr_accessible and attr_protected now allow for ↵Josh Kalderimis2011-04-241-5/+6
| | | | | | | | scopes using :as => scope eg. attr_accessible :name attr_accessible :name, :admin, :as => :admin
* bcrypt will encrypt anything, so validate_presence_of would not catch nil / ↵Aaron Patterson2011-04-141-0/+12
| | | | blank passwords. Thank you to Aleksander Kamil Modzelewski for reporting this
* Override attributes_protected_by_default when has_secure_password is called.Tsutomu Kuroda2011-02-091-0/+13
| | | | | | | attr_protected should not be called, because it nullifies the mass assignment protection that has been set by attr_accessible. Signed-off-by: Santiago Pastorino <santiago@wyeworks.com>
* Remove weak_passwords list and the length/strong password validator, leave ↵Santiago Pastorino2010-12-191-49/+1
| | | | that up to the programmer
* Add set_weak_passwords call in alignment with set_table_name.Mikel Lindsaar2010-12-191-0/+5
|
* Added ability to specify which passwords you want as weak passwordsMikel Lindsaar2010-12-191-11/+31
|
* Make password messages translatable.José Valim2010-12-191-1/+1
|
* Avoid warnings and fix small typo on SecurePassword.José Valim2010-12-191-1/+3
|
* BCrypt does its own salting, lovely!David Heinemeier Hansson2010-12-181-0/+11
|
* Added ActiveRecord::Base#has_secure_password (via ↵David Heinemeier Hansson2010-12-181-0/+42
ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting