TEST_CODEOWNERS/rails
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

[ci skip] Merge ActiveModel::SecurePassword guide from @aditya-kapoor

Browse Source 
Merge branch 'active-model-secure-password-guide' of https://github.com/aditya-kapoor/rails into aditya-kapoor-active-model-secure-password-guide

Conflicts:
	guides/source/active_model_basics.md
This commit is contained in:
Zachary Scott 2014-10-04 17:20:59 -07:00
commit b56d3adf9b
1 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
guides/source/active_model_basics.md
View File

@ -506,3 +506,49 @@ Finished in 0.024899s, 240.9735 runs/s, 1204.8677 assertions/s.
An object is not required to implement all APIs in order to work with
Action Pack. This module only intends to provide guidance in case you want all
features out of the box.
### SecurePassword
`ActiveModel::SecurePassword` provides a way to securely store any
password in an encrypted form. On including this module, a
`has_secure_password` class method is provided which defines
an accessor named `password` with certain validations on it.
#### Requirements
`ActiveModel::SecurePassword` depends on the [`bcrypt`](https://github.com/codahale/bcrypt-ruby 'BCrypt'),
so include this gem in your Gemfile to use `ActiveModel::SecurePassword` correctly.
In order to make this work, the model must have an accessor named `password_digest`.
The `has_secure_password` will add the following validations on the `password` accessor:
1. Password should be present.
2. Password should be equal to its confirmation.
3. This maximum length of a password is 72 (required by `bcrypt` on which ActiveModel::SecurePassword depends)
#### Examples
```ruby
class Person
include ActiveModel::SecurePassword
has_secure_password
attr_accessor :password_digest
end
person = Person.new
# When password is blank.
person.valid? # => false
# When the confirmation doesn't match the password.
person.password = 'aditya'
person.password_confirmation = 'nomatch'
person.valid? # => false
# When the length of password, exceeds 72.
person.password = person.password_confirmation = 'a' * 100
person.valid? # => false
# When all validations are passed.
person.password = person.password_confirmation = 'aditya'
person.valid? # => true
```