add password validation while updating password

Question

I have following validation for a user in rails project

validates :password,   presence: true, format: { with: /^[a-zA-Z0-9]+$/, multiline: true }, on: :create

How can I validate the password in devise_token_auth password update

Answer 1

There you go:

validates :password,   presence: true, format: { with: /^[a-zA-Z0-9]+$/, multiline: true }, if: :password_validation

def password_validation
  new_record? || password_digest_changed?
end

This will trigger the validation on password in two cases:

1. When it's a new record.
2. When the password change is attempted.

Assuming you are using has_secure_password, it gives password and password_confirmation as attributes, and password_digest as the field. Rails exposes _changed? method to check if the given attribute has changed (is dirty) (and not persisted yet).

u = User.last
u.email = '[email protected]'
u.email_changed? #=> true
u.save #=> true
u.email_changed? #=> false