Ruby on Rails

validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? }

because of this .. unless: .... so you have to modify that

tom

On Oct 28, 2012, at 23:43 , Jean <joso...@gmail.com> wrote:

> Hello Guys I have the following problem. I made a controller to reset the password of a user.
>
> Here is the controller:
>
> class PasswordResetsController < ApplicationController
>
>         layout "sessions"
>         
>   def new
>   end
>  
>   def create
>           user = User.find_by_email!(params[:password_resets][:email] )
>           user.send_password_reset if user
>            redirect_to root_url, :notice => "Las instrucciones para reestrablecer la contrasena fueron enviadas."
>   end
>  
>   def edit
>           @user = User.find_by_password_reset_token!(params[:id])
>   end
>  
>   def update
>           @user = User.find_by_password_reset_token!(params[:id])
>           if @user.password_reset_at < (2.hours.ago).to_date
>                   redirect_to new_password_reset_path, :alert => "El link para actualizar la contrasena ha expirado."
>           elsif @user.update_attributes(params[:user])
>                   @user.reset_password_token
>                   redirect_to root_url, :notice => "La contrasena ha sido cambiada."
>           else
>                   render :edit
>           end
>   end
>  
> end
>
>
> Here is the model:
>
> class User < ActiveRecord::Base
>   attr_accessible :email, :password, :password_confirmation
>   has_secure_password
>  
>   before_save { |user| user.email = email.downcase }
>   before_save :create_remember_token
>  
>   VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
>   validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false }
>   validates :password, presence: true, length: { minimum: 6 }, confirmation: true, unless: Proc.new { |a| !a.new_record? && a.password.blank? }
>  
>         def send_password_reset
>                 self.password_reset_token = SecureRandom.urlsafe_base64
>                 self.password_reset_at = Time.zone.now
>                 save!
>                 UserMailer.password_reset(self).deliver
>         end
>         
>         def reset_password_token
>                 self.password_reset_token = nil
>                 self.password_reset_at = nil
>                 save!
>         end
>  
>   private
>           
>           def create_remember_token
>                   self.remember_token = SecureRandom.urlsafe_base64
>           end
>  
> end
>
>
> Basically this is my problem:
>
> the user click on the link that he receive in his email, then user, use the form of the edit password_reset form to reset his password, everything works great, except the following issues; if the user leave the password field and the password_confirmation field in blank, the form_for didn't validate and save the user with a blank password. I don't know how to fix this. Does anybody has an idea?
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To post to this group, send email to rubyonra...@googlegroups.com.
> To unsubscribe from this group, send email to rubyonrails-ta...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/IYetAvDMgrEJ.
> For more options, visit https://groups.google.com/groups/opt_out.
>  
>  

--
===============================================================================
Tomas Meinlschmidt, MS {MCT, MCP+I, MCSE, AER}, NetApp Filer/NetCache

www.meinlschmidt.com  www.maxwellrender.cz  www.lightgems.cz
===============================================================================