Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
张重言
rails
提交
e2689d1d
R
rails
项目概览
张重言
/
rails
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
rails
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
e2689d1d
编写于
8月 07, 2014
作者:
S
Santiago Pastorino
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #16412 from yevhene/master
Fix in has_secure_password for passwords containing only spaces.
上级
f0fdba8b
f8dcb365
变更
3
隐藏空白更改
内联
并排
Showing
3 changed file
with
18 addition
and
2 deletion
+18
-2
activemodel/CHANGELOG.md
activemodel/CHANGELOG.md
+6
-0
activemodel/lib/active_model/secure_password.rb
activemodel/lib/active_model/secure_password.rb
+2
-2
activemodel/test/cases/secure_password_test.rb
activemodel/test/cases/secure_password_test.rb
+10
-0
未找到文件。
activemodel/CHANGELOG.md
浏览文件 @
e2689d1d
*
Passwords with spaces only allowed in
`ActiveModel::SecurePassword`
.
Presence validation can be used to resore old behavior.
*Yevhene Shemet*
*
Validate options passed to
`ActiveModel::Validations.validate`
.
Preventing, in many cases, the simple mistake of using `validate` instead of `validates`.
...
...
activemodel/lib/active_model/secure_password.rb
浏览文件 @
e2689d1d
...
...
@@ -105,7 +105,7 @@ def authenticate(unencrypted_password)
attr_reader
:password
# Encrypts the password into the +password_digest+ attribute, only if the
# new password is not
blank
.
# new password is not
empty
.
#
# class User < ActiveRecord::Base
# has_secure_password validations: false
...
...
@@ -119,7 +119,7 @@ def authenticate(unencrypted_password)
def
password
=
(
unencrypted_password
)
if
unencrypted_password
.
nil?
self
.
password_digest
=
nil
elsif
unencrypted_password
.
present
?
elsif
!
unencrypted_password
.
empty
?
@password
=
unencrypted_password
cost
=
ActiveModel
::
SecurePassword
.
min_cost
?
BCrypt
::
Engine
::
MIN_COST
:
BCrypt
::
Engine
.
cost
self
.
password_digest
=
BCrypt
::
Password
.
create
(
unencrypted_password
,
cost:
cost
)
...
...
activemodel/test/cases/secure_password_test.rb
浏览文件 @
e2689d1d
...
...
@@ -40,6 +40,11 @@ class SecurePasswordTest < ActiveModel::TestCase
assert
@user
.
valid?
(
:create
),
'user should be valid'
end
test
"create a new user with validation and a spaces only password"
do
@user
.
password
=
' '
*
72
assert
@user
.
valid?
(
:create
),
'user should be valid'
end
test
"create a new user with validation and a blank password"
do
@user
.
password
=
''
assert
!
@user
.
valid?
(
:create
),
'user should be invalid'
...
...
@@ -105,6 +110,11 @@ class SecurePasswordTest < ActiveModel::TestCase
assert
@existing_user
.
valid?
(
:update
),
'user should be valid'
end
test
"updating an existing user with validation and a spaces only password"
do
@user
.
password
=
' '
*
72
assert
@user
.
valid?
(
:update
),
'user should be valid'
end
test
"updating an existing user with validation and a blank password and password_confirmation"
do
@existing_user
.
password
=
''
@existing_user
.
password_confirmation
=
''
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录