[Newbie] Require old password when changing it (Rails 3)


I’m trying to create a user update action, and I want to check so that
the user has entered his correct old password before changing it. I’ve
been googeling for a while but I can’t find any good tips.

I’m thinking of adding a ‘old password’ column to my User model but I
don’t know if thats necessary.

My current update action locks like this:

def update
@user = User.find(params[:id])

if @user.update_attributes(params[:user])
  flash[:success] = "Din profil har uppdaterats."
  redirect_to @user
  @title = "Redigera profil"
  render 'edit'


I’ve tried a couple of things whiteout good result.

Any general tips would be greatly appreciated.

// Anders