leonb
July 16, 2007, 10:00pm
1
Hi,
Users can edit their own passwords in my app. But when they leave both
password-fields (_confirmation) empty, they get “” as their password.
Is their a way to get around this problem? This is my userobject when
I try to save it:
— !ruby/object:User
attributes:
updated_at: 2007-07-16 21:54:27
id: “2”
firstname: Leon
lastname: Bogaert
password: “”
account_number: 53.76.68.829
email: [email protected]
created_at: 2007-03-29 00:24:21
password_confirmation: “”
Thanks in advance!
leonb
July 16, 2007, 10:09pm
2
Add this in your User model:
validates_presence_of :password
validates_presence_of :password_confirmation
validates_confirmation_of :password
p.s. I would use the restful_authentication or act_as_authenticated
plugins for logins
leonb
July 16, 2007, 10:57pm
3
PatRoy,
Thanks for your quick reply.
I don’t use a standard plugin for educational purposes.
When an user does not fill in his or her password it shouldn’t give an
error. The system should just not update the password.
This is (a part of) my usermodel:
MINIMUM_PASSPHRASE_LENGTH = 8
MAXIMUM_PASSPHRASE_LENGTH = 64
validates_presence_of :password,
:on => :create,
:message => “^Geen wachtwoord ingevuld”
validates_length_of :password,
:in =>
MINIMUM_PASSPHRASE_LENGTH…MAXIMUM_PASSPHRASE_LENGTH,
:if => Proc.new { |u| !
u.password.blank? },
:too_long => “Het wachtwoord mag maximaal %d tekens
lang
zijn”,
:too_short => “^Het wachtwoord moet minimaal %d tekens
lang
zijn”
validates_confirmation_of :password,
:if => Proc.new { |u| !
u.password.blank? },
:message => “^De wachtwoorden komen niet overeen”
leonb
July 17, 2007, 12:41am
4
when you save your object …
oldPassword = userObject.password
if params[:password] == “”
userObject.password = oldPassword
end
leonb
July 18, 2007, 11:29pm
5
Thanks Patroy! But I would like to implement the code in my model.
It’s kind of business logic so I would like to implement it in the
proper place.
leonb
July 20, 2007, 3:53pm
6
Or just use:
validates_confirmation_of :password,
:message => “must match confirm password”,
:if => Proc.new { |u| !u.password.blank? }
Wim
Meng wrote:
end
–
NEW on aXs GUARD: SSL VPN !! (contact your reseller for more info)
aXs GUARD has completed security and anti-virus checks on this e-mail
(http://www.axsguard.com )
Able NV: ond.nr 0457.938.087
RPR Mechelen
leonb
July 19, 2007, 5:25am
7
Thanks PayRoy!
But I would rather not do that in my controller. It’s kind of business
logic. So it would be more suitable to place it in my model.
leonb
July 19, 2007, 5:54am
8
Hi I just stumbled on to this
heres my solution:
validates_presence_of :password, :password_confirmation,
:on => :update,
:if => :req_password?
def req_password?
!password.blank?
end
hope this helps.
leonb
July 20, 2007, 11:12pm
9
Thanks Meng and Wim! But if the password is empty it will be saved to
the database (empty).
I think I’ll use the empty? function to set the password to the old
value.
Thanks for the help!
I found a topic on tweakers.net that handles this same problem:
[ruby on rails] wie gebruikt het? - Softwareontwikkeling - GoT
leonb
July 20, 2007, 11:52pm
10
Mhhh… just thought about something. Maybe I can use before_save() to
set the original password when empty or nil.
Is there a way to extract a single value from the database? Without
using a query ofcourse That’s something I do in php. Not RoR.