Raymond Brigleb
2005-Jul-08 17:06 UTC
Question about Tobi''s Login Generator (changing password)
Hello, I''m running 0.13 (but that''s probably not related to my problem!) and I can''t figure out how to change a password stored via Tobias'' Login Generator. It seems they''re stored with SHA1, so I''ve even tried just manually generating a SHA1 hash of the password I want, and changing it by hand in the database, to no avail. Any suggestions? Long-term solution would be nice, but a quick hack is A-OK! Thanks, Raymond
Tyler Kiley
2005-Jul-08 17:33 UTC
Re: Question about Tobi''s Login Generator (changing password)
The password changing functionality in the Login Generator is pretty
broken in 1.1.0. I''ve been meaning to submit a patch, but never got
around to it. My workaround right now is to replace the before_update
call with these two calls:
before_validation_on_update :password_nil_if_empty
# If the user submitted a "change my details" form and left the
# password empty, it gets set to "", which causes
# validates_length_of to choke on it, so we''ll set it back to nil.
def password_nil_if_empty
if !self.password.nil? && self.password.empty?
self.password = nil
self.password_confirmation = nil
end
end
before_update :crypt_unless_nil
# If the record is updated we will check if the password is nil.
# If its nil we assume that the user didn''t want to change his
# password and just reset it to the old value.
def crypt_unless_nil
if password.nil?
user = self.class.find(self.id)
self.password = user.password
else
write_attribute "password", self.class.sha1(password)
end
end
And then, change your validations so you allow password to be nil on update.
Of course, there''s probably a prettier way to do this, particularly in
0.13.
Tyler
On 7/8/05, Raymond Brigleb
<ray-THGPwszTed5CpjqP0VxSwUEOCMrvLtNR@public.gmane.org>
wrote:> Hello,
>
> I''m running 0.13 (but that''s probably not related to my
problem!) and
> I can''t figure out how to change a password stored via
Tobias'' Login
> Generator. It seems they''re stored with SHA1, so I''ve
even tried just
> manually generating a SHA1 hash of the password I want, and changing
> it by hand in the database, to no avail.
>
> Any suggestions? Long-term solution would be nice, but a quick hack
> is A-OK!
>
> Thanks,
> Raymond
>
> _______________________________________________
> Rails mailing list
> Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>