Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

validating password format in Authlogic

Is there a way to get Authlogic to validate the format of a password, for instance must contain at least one letter and at least one number? The omission of a validates_format_of_password_options method to be used in the acts_as_authentic config block seems to indicate that Authlogic has the opinion that one should not be imposing such a constraint on one's users.

I thought I would simply put in a normal ActiveRecord validates_format_of :password, but this means that a current_user object I build is inherently invalid, as I can't retrieve the plaintext password (and wouldn't be storing it in that object even if I could!). Upon detecting that my current_user is invalid, Rails or Authlogic (not sure which, since I'm fairly new to both) directs me to my 'edit user' page with a validation error for its password.

like image 225
hynkle Avatar asked Feb 02 '10 19:02

hynkle


1 Answers

requires no monkey-patching, but not tied to any future Authlogic changes. Just add this to your User model:

validates_format_of :password, :with => /^(?=.\d)(?=.([a-z]|[A-Z]))([\x20-\x7E]){6,40}$/, :if => :require_password?, :message => "must include one number, one letter and be between 6 and 40 characters"

Of course you can alter the regex to suite your needs.

like image 87
bassnode Avatar answered Sep 25 '22 13:09

bassnode