Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Ruby on Rails Password Validation

Tags:

validation

ruby-on-rails

So I have interesting password validation requirements:

  • When a user signs up, I want them to have to type in password and confirm and be between 6..40 (GOT THIS WORKING 100%)

  • When a user updates their profile, the same validation rules apply (GOT THIS WORKING 100%)

  • When an admin adds a user, they only have to enter the password once and it should be validated (NOT WORKIG)

  • When an admin edits a user and the password field is blank, it shouldn't update the password, if they type something, it should be validated. (PARTIAL WORKING)

    validates :password, :presence => true,
                   :confirmation => true,
                   :length => {:within => 6..40},
                   :unless => :force_submit

The only cases I can't cover are when an admin adds a user, it is not validated and when an admin edits a user (and types in a password) it is not validated.

the :force_submit is passed in from the admin form, so the password isn't validated. (So the case of an updating empty password works)

Any ideas/magic?

like image 833
Chris Muench Avatar asked Feb 25 '11 23:02

Chris Muench

2 Answers

Building slightly on the accepted answer, here's the code that I used in a Rails project at work. (Note: We're using devise to handle user authentication, and devise_invitable to create new users.)

PASSWORD_FORMAT = /\A
  (?=.{8,})          # Must contain 8 or more characters
  (?=.*\d)           # Must contain a digit
  (?=.*[a-z])        # Must contain a lower case character
  (?=.*[A-Z])        # Must contain an upper case character
  (?=.*[[:^alnum:]]) # Must contain a symbol
/x

validates :password, 
  presence: true, 
  length: { in: Devise.password_length }, 
  format: { with: PASSWORD_FORMAT }, 
  confirmation: true, 
  on: :create 

validates :password, 
  allow_nil: true, 
  length: { in: Devise.password_length }, 
  format: { with: PASSWORD_FORMAT }, 
  confirmation: true, 
  on: :update
like image 88
Tom Lord Avatar answered Sep 18 '22 19:09

Tom Lord

The below seem to meet my requirements...I am actually now requiring a confirmation for all users.. (It makes the view cleaner). But on an update I am allowing blanks.

  validates :password, :presence => true,
                       :confirmation => true,
                       :length => {:within => 6..40},
                       :on => :create
  validates :password, :confirmation => true,
                       :length => {:within => 6..40},
                       :allow_blank => true,
                       :on => :update
like image 23
Chris Muench Avatar answered Sep 17 '22 19:09

Chris Muench
Sign in to Comment

Related questions

Select enum from form to set role
I18n: How to check if a translation key/value pairs is missing?
How to tell if sidekiq is connected to redis server?
JQuery .on() isn't binding click events to dynamically created elements [duplicate]
Rails select random record
Ruby 1.9.2 how to install RMagick on Windows?
Reprocessing images of different versions in Carrierwave
Heroku push rejected: can't find jquery-rails-2.0.0 in sources
Rails 4.0.1 on Heroku, can't create database
Roll back all rails migrations or drop tables and modify migrations (start from scratch)
EOF error javascript_include_tag Rails 4
Can't install RMagick 0.0.0. Can't find Magick-config
What's the shortest way to generate a random IP address in Ruby?
Undefined Method crop! Using Carrierwave with MiniMagick on rails 3.1.3
Rails: rake task with arguments not working
Default values for models in rails
Breadcrumbs in Ruby on Rails
Rails REST routing: dots in the resource item ID
Adding Routes to Rails' Spree E-Commerce
What's the right way to define an anchor tag in rails?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!