How to validate password complexity

Hi,

I have a user model that saves password_salt and password_hash in DB,
there is no password attribute. I would like to validate the password
complexity with regular expression, but because password is not an
attribute validation always fails. How can I accomplish this
validation using the validation framework?

Thanks.

class User < ActiveRecord::Base
  validates_format_of :password,
      :with => /^.*(?=.{6,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/

  def password=(pass)
    salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp
    self.password_salt, self.password_hash =
      salt, Digest::SHA256.hexdigest(pass + salt)
  end

  def password
  end
end

Hi,

I have a user model that saves password_salt and password_hash in DB,
there is no password attribute. I would like to validate the password
complexity with regular expression, but because password is not an
attribute validation always fails. How can I accomplish this
validation using the validation framework?

You can always override validate or validate_on_create

See: http://api.rubyonrails.com/classes/ActiveRecord/Validations.html

Thank you Christopher. I will do that.