Cannot get my password to validate

Hello,

I am working through the railsspace tutorrial, and i've noticed that
the password validation is no longer working.

I can get screen_name and email to validate, but for some reason, the
password field is ignored...

here's what i have so far:

within user.rb file
  PASSWORD_MIN_LENGTH = 4
  PASSWORD_MAX_LENGTH = 40

  validates_length_of :password, :within => PASSWORD_RANGE

def validate
   errors.add(:email, "must be valid.") unless email.include?("@")
    if screen_name.include?(" ")
  errors.add(:screen_name, "cannot include spaces.")
      if password.include?(" ")
        errors.add(:password, "Must be filled in")
      end

    end

In my user controller, i have a digest to mask the password in the
database at registration:

def register

     @title = "Register"
     if request.post? and params[:user]
         @user = User.new(params[:user])
           @user.password = Digest::SHA1.hexdigest
(@user.password)
         if @user.save

            session[:user_id] = @user.id
            flash[:notice] = "User '#{@user.screen_name}' created!"
            redirect_to :action => "index", :controller => "user"
          else @user.password = nil

          end

     end

  end

If I remove the Digest line, the password validation works again, but
this means any password is then visible. I moved the digest line so it
appeared AFTER the user.save.
This solved the validation issue, but displayed the password in the
database,

How do i get round this??

many thanks

Hello!
Try to look at authlogic plugin for user authentication:
http://github.com/binarylogic/authlogic/tree/master
Its really cool!

if password.include?(" ")
        errors.add(:password, "Must be filled in")

why??

for saving crypted password in database use before_create callback

class User < AR::B
  before_cerate :crypt_password

  protected

  def crypt_password
    self.password = Digest::SHA1.hexdigest(password)
  end
end

Thanks!!

         @user.password = Digest::SHA1.hexdigest(@user.password) if

@user.valid?

works perfectly!

thanks a lot!!