before_save :encrypt_password

11155 · October 14, 2011, 2:53pm

I am having a problem finding the best way to make a "before_save :encrypt_password" conditional.

I have to at times update user model attributes but each time I do this the password is reencrypted because of the above. I need to differentiate between when the user is first logging in and the password does need to be encrypted, and when they are already logged in and the "before_save :encrypt_password" should not be called.

eg if !signed_in? before_save :encrypt_password end

This does not work but Is there a rails variable that gets set when logged in I can use?

Thanks,

DC

Franz_Strebel · October 14, 2011, 3:05pm

I suppose you’ll need to re-encrypt it if it gets updated. So why not just check if the password was changed in your callback?

If not, and you only need to encrypt once, look at the before_create callback.

Michael_Pavling · October 14, 2011, 6:29pm

I would typically do something like this upon setting the attribute - so it gets saved as normal as necessary. Create your own method, and handle the encryption in there. Something along the lines of:

# user.rb def password=(value) attributes[:password] = FunkyEncryptionModule::encrypt(value) end

I *actually* generally extract passwords out to their own model (if I don't use an authorization gem), with a belongs_to :user association, so the Password object stores all its own information regarding hashed-value/salt/expiry-date/etc.

Topic		Replies	Views
conditional before_safe rubyonrails-talk	2	88	October 27, 2007
Model password validation rubyonrails-talk	4	123	September 6, 2006
How to hook into model attribute changes? rubyonrails-talk	0	131	October 22, 2007
password encryption is not working.. rubyonrails-talk	3	478	January 28, 2012
Same name action and attribute in a model rubyonrails-talk	19	255	July 30, 2012

before_save :encrypt_password

Related topics

More Resources