[Newbie] Require old password when changing it (Rails 3).


I'm trying to create a user update action, and I want to check so that
the user has entered his correct old password before changing it. I've
been googeling for a while but I can't find any good tips.

I'm thinking of adding a 'old password' column to my User model but I
don't know if thats necessary.

My current update action locks like this:

def update
    @user = User.find(params[:id])

    if @user.update_attributes(params[:user])
      flash[:success] = "Din profil har uppdaterats."
      redirect_to @user
      @title = "Redigera profil"
      render 'edit'

I've tried a couple of things whiteout good result.

Any general tips would be greatly appreciated.

// Anders