Robby Grossman
2012-Jul-31 20:25 UTC
ISO: feedback on pull request for has_secure_password validation improvement
I submitted a pull request and would be curious what others think. https://github.com/rails/rails/pull/7217 My rationale, as explained in the PR: A pull request was recently merged that allows the has_secure_password to bypass the included password validations. See: https://github.com/rails/rails/commit/0e1e527654f286452fa6f86f5d229f278435319a However, the same commit raises an explicit error if the password_digest is blank even if validations are disabled. I have altered this behavior to raise the error only if validations are enabled. An example where the existing version is undesirable is if a user account model is created after an oauth sign in. In that case, a user may be created from Twitter/Facebook/Google/etc. credentials without ever creating a password. I believe this use case should work by default and not require catching an exception. --Robby -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-core/-/9vsw664e59sJ. To post to this group, send email to rubyonrails-core@googlegroups.com. To unsubscribe from this group, send email to rubyonrails-core+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en.