-
Notifications
You must be signed in to change notification settings - Fork 0
06 Trying has_secure_password
Dave Strus edited this page Nov 13, 2014
·
1 revision
Let's try creating a user with just a user name.
[1] pry(main)> user = User.new
=> #<User id: nil, username: nil, name: nil, password_digest: nil, created_at: nil, updated_at: nil>
[2] pry(main)> user.username = "prezbiz"
=> "prezbiz"
[3] pry(main)> user.save
(0.2ms) BEGIN
(0.2ms) ROLLBACK
=> false
[4] pry(main)> user.errors.messages
=> {:password=>["can't be blank", "is too short (minimum is 8 characters)"]}It fails, as password is blank. It's also too short, naturally. Let's set a password and try again.
[5] pry(main)> user.password = "abc12345"
=> "abc12345"
[6] pry(main)> user.save
(0.1ms) BEGIN
SQL (0.4ms) INSERT INTO "users" ("created_at", "password_digest", "updated_at", "username") VALUES ($1, $2, $3, $4) RETURNING "id" [["created_at", "2014-11-09 19:24:39.810016"], ["password_digest", "$2a$10$VE9UwwRzhEG/i3o1RSPMAenPvwcqcb28M/wXz1Hh/Kro2MG3WjDUm"], ["updated_at", "2014-11-09 19:24:39.810016"], ["username", "prezbiz"]]
(6.6ms) COMMIT
=> true
[7] pry(main)> user.password_digest
=> "$2a$10$VE9UwwRzhEG/i3o1RSPMAenPvwcqcb28M/wXz1Hh/Kro2MG3WjDUm"That works, and it stores the encrypted password in the database.
By default, has_secure_password does not require that you re-enter the password into password_confirmation. But if you do have a value for password_confirmation, it must match password.
[8] pry(main)> ironman = User.new username: 'tstark', password: 'iamhandsome', password_confirmation: 'sosohandsome'
=> #<User id: nil, username: "tstark", name: nil, password_digest: "$2a$10$QxLAzJ.13yB82ouGQNU8XudufRHj1MvuYyuHhlc7Ucd...", created_at: nil, updated_at: nil>
[9] pry(main)> ironman.save
(0.1ms) BEGIN
(0.1ms) ROLLBACK
=> false
[10] pry(main)> ironman.errors.messages
=> {:password_confirmation=>["doesn't match Password"]}Make the two fields match, and it works.
[11] pry(main)> captain = User.new username: "srogers", password: "MURRRICA!!!", password_confirmation: "MURRRICA!!!"
=> #<User id: nil, username: "srogers", name: nil, password_digest: "$2a$10$Kh18B4cbsjpUCPAMyWF53eHDNuakFJBQeVtlEKhGre2...", created_at: nil, updated_at: nil>
[12] pry(main)> captain.save
(0.1ms) BEGIN
SQL (0.2ms) INSERT INTO "users" ("created_at", "password_digest", "updated_at", "username") VALUES ($1, $2, $3, $4) RETURNING "id" [["created_at", "2014-11-09 19:42:40.079761"], ["password_digest", "$2a$10$Kh18B4cbsjpUCPAMyWF53eHDNuakFJBQeVtlEKhGre2GOsJuRgWQe"], ["updated_at", "2014-11-09 19:42:40.079761"], ["username", "srogers"]]
(6.6ms) COMMIT
=> trueLet's commit this:
git commit -m "Add User model and use has_secure_password"