Reputation: 8521
How can I sometimes require password and sometimes not with has_secure_password?
My app lets people register using a password OR with Facebook.
Even when I remove the password validations from my User model, I get :password_digest => ["can't be blank"] on the user model.
I use has_secure_password.
How can I make password_digest NOT required?
Upvotes: 7
Views: 2223
Answers (2)
Reputation: 810
More recent commits have added an options hash to has_secure_password which allows skipping validations for the password_digest field. You use it like this:
has_secure_password :validations => false
This is not present in the 3.2.13 version of rails unfortunately. Refer to https://stackoverflow.com/a/16706045/1356792
Upvotes: 7
Reputation: 239291
You can't. has_secure_password automatically adds two validators to your model:
validates_confirmation_of :password
validates_presence_of :password_digest
Instead, supply a dummy value for password_digest for users that don't have a password:
user.password = user.password_confirmation = ""
user.password_digest = "facebook-authorized account"
This is secure, as no password can possibly be hashed to match that digest.
Upvotes: 8
Related Questions
- How to skip has_secure_password validations
- Getting Password can't be blank with has_secure_password
- How to run "has_secure_password" in condition?
- Can I conditionally remove the has_secure_password requirement when creating a second user?
- Password can't be blank in Rails (Using has_secure_password)
- Validating presence of has_secure_password only when password is in params
- Rails: How to write your own authentication without using has_secure_password
- Make has_secure_password optional in rails 3.2.13
- Rails: has_secure_password override
- How can I make the user confirm their current password when using has_secure_password?