How do I require that a password has a minimum length when using has_secure_password in Rails 3.1? I tried to do:
class User < ActiveRecord::Base
...
validates :password, presence: { on: create }, length { minimum: 8 }
...
end
but then the validation fails with password "too short" on update when password is not provided in form params. For other attributes length is only validated if the value for the field is provided. Is this a bug in the has_secure_password implementation or am I doing something wrong?
You should do something like:
validates :password, presence: { on: create }, length { minimum: 8 }, :if => :password_changed?
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With