password validation

rubyonrails-talk
1

i'm using the authentication chapter in the rails recipes book to help me out, but i ran into a snag...

it uses password_hash and password_salt as the fields for storing the database info. but in the model, there is a password=(pass) method that does the work for generating the salt and the encryption.

since "password" isn't one of the database fields, i'm having validation problems. i have a 'validates_presence_of' for the password method which works fine, but my problem comes when i am updating a User record that doesn't have a password field in the form. i am still getting the "password can't be blank" error.

what's the best workaround for this so i can only use the validations on "password" when i am updating the password.

i hope that makes sense...

2

This is a great article: http://www.aidanf.net/rails_user_authentication_tutorial It does authentications like the rails recipe but it explains the validation process for password.

I implemented authentication by following this article and it worked great.

Hope that helps - K

3

actually that did help out alot. i didn't find the answer i was looking for in the article, but someone had the same problem as i did in the comments and posted their solution. they just wanted validation to work if there was a password field in the form, like if they wanted to change just their name or email address.

they put this in their model:

  validates_presence_of :password, :if => :password_required?

and further down had something like this:

  protected   def password_required?     !password.nil?   end

i think i read that this is similar to the way that mephisto works.