i'm using the authentication chapter in the rails recipes book to help me out, but i ran into a snag... it uses password_hash and password_salt as the fields for storing the database info. but in the model, there is a password=(pass) method that does the work for generating the salt and the encryption. since "password" isn't one of the database fields, i'm having validation problems. i have a 'validates_presence_of' for the password method which works fine, but my problem comes when i am updating a User record that doesn't have a password field in the form. i am still getting the "password can't be blank" error. what's the best workaround for this so i can only use the validations on "password" when i am updating the password. i hope that makes sense...
on 2007-02-20 23:27
on 2007-02-20 23:46
This is a great article: http://www.aidanf.net/rails_user_authentication_tutorial It does authentications like the rails recipe but it explains the validation process for password. I implemented authentication by following this article and it worked great. Hope that helps - K
on 2007-02-21 02:23
actually that did help out alot. i didn't find the answer i was looking for in the article, but someone had the same problem as i did in the comments and posted their solution. they just wanted validation to work if there was a password field in the form, like if they wanted to change just their name or email address. they put this in their model: validates_presence_of :password, :if => :password_required? and further down had something like this: protected def password_required? !password.nil? end i think i read that this is similar to the way that mephisto works.
on 2007-09-11 15:46
Kim wrote: > This is a great article: > http://www.aidanf.net/rails_user_authentication_tutorial > It does authentications like the rails recipe but it explains the > validation process for password. That was very useful, thanks. It answered my question about the best place to put the password validation (i.e. in the user model, despite the password not being in the database).