password validation

i'm using the authentication chapter in the rails recipes book to help
me out, but i ran into a snag...

it uses password_hash and password_salt as the fields for storing the
database info. but in the model, there is a password=(pass) method
that does the work for generating the salt and the encryption.

since "password" isn't one of the database fields, i'm having
validation problems. i have a 'validates_presence_of' for the password
method which works fine, but my problem comes when i am updating a
User record that doesn't have a password field in the form. i am still
getting the "password can't be blank" error.

what's the best workaround for this so i can only use the validations
on "password" when i am updating the password.

i hope that makes sense...

This is a great article: http://www.aidanf.net/rails_user_authentication_tutorial
It does authentications like the rails recipe but it explains the
validation process for password.

I implemented authentication by following this article and it worked
great.

Hope that helps - K

actually that did help out alot. i didn't find the answer i was
looking for in the article, but someone had the same problem as i did
in the comments and posted their solution. they just wanted validation
to work if there was a password field in the form, like if they wanted
to change just their name or email address.

they put this in their model:

  validates_presence_of :password, :if => :password_required?

and further down had something like this:

  protected
  def password_required?
    !password.nil?
  end

i think i read that this is similar to the way that mephisto works.