Home/ Questions/Q 6187227
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T02:01:28+00:00

I am having the exact same problem describe in this question , but for

  • 0

I am having the exact same problem describe in this question, but for a different reason, apparently.

This is the relevant section of the book.

I’ve done it exactly as on the book, as far as I can tell, and my rspec tests are all working fine.

My User model code is this:

require 'digest' #Needs digest to do password encryption


class User < ActiveRecord::Base

  attr_accessor :password
  attr_accessible :name, :email, :password, :password_confirmation
  validates :name, :presence => true,
            :length => { :maximum => 20 }

  email_regex = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i

  validates :email, :presence => true,
                    :format => { :with => email_regex },
                    :uniqueness => { :case_sensitive => false }

  validates :password, :presence => true,
                       :confirmation =>true,
                       :length => { :within => 5..24 }

  before_save :encrypt_password

  def has_password?(submitted_password)
    encrypt_password == encrypt(submitted_password)
  end




  private

  def encrypt_password
     self.salt = make_salt if new_record?
     self.encrypted_password = encrypt(password)
   end

   def encrypt(string)
     secure_hash("#{salt}--#{string}")
   end

   def make_salt
     secure_hash("#{Time.now.utc}--#{password}")
   end

   def secure_hash(string)
     Digest::SHA2.hexdigest(string)
   end


end

As I said, the tests are working fine, but has_password? always returns false in the console.
This is what I did in the console:

ruby-1.9.2-p180 :002 > User.create!(:name => 'userdude', :email => 'a@a.com', :password => 'foobar', :password_confirmation => 'foobar' )

=> #<User id: 2, name: "userdude", email: "a@a.com", created_at: "2011-07-28 23:13:40", updated_at: "2011-07-28 23:13:40", encrypted_password: "84f9a1348af1f7e6610fb1d0c7002efe96f43dc97d807b3ac00...", salt: "13cf7bfd386af4fcf282ae5fa4831eb9d1dff15e842be8cba88..."> 

ruby-1.9.2-p180 :003 > User.all
 => [#<User id: 2, name: "userdude", email: "a@a.com", created_at: "2011-07-28 23:13:40", updated_at: "2011-07-28 23:13:40", encrypted_password: "84f9a1348af1f7e6610fb1d0c7002efe96f43dc97d807b3ac00...", salt: "13cf7bfd386af4fcf282ae5fa4831eb9d1dff15e842be8cba88...">] 

ruby-1.9.2-p180 :004 > user = User.first
 => #<User id: 2, name: "userdude", email: "a@a.com", created_at: "2011-07-28 23:13:40", updated_at: "2011-07-28 23:13:40", encrypted_password: "84f9a1348af1f7e6610fb1d0c7002efe96f43dc97d807b3ac00...", salt: "13cf7bfd386af4fcf282ae5fa4831eb9d1dff15e842be8cba88..."> 

ruby-1.9.2-p180 :005 > user
 => #<User id: 2, name: "userdude", email: "a@a.com", created_at: "2011-07-28 23:13:40", updated_at: "2011-07-28 23:13:40", encrypted_password: "84f9a1348af1f7e6610fb1d0c7002efe96f43dc97d807b3ac00...", salt: "13cf7bfd386af4fcf282ae5fa4831eb9d1dff15e842be8cba88..."> 

ruby-1.9.2-p180 :006 > user.has_password?('foobar')
 => false 
ruby-1.9.2-p180 :007 >

As you see, there are not any records already created, as in the other question I linked.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    it seems like you accidentally mixed encrypt_password and encrypted_password

    try to change your has_password? method to this:

      def has_password?(submitted_password)
    self.encrypted_password == encrypt(submitted_password)
  end

    The problem was that you used encrypt_password, so if you look up a record, the plain password attribute password is nil, therefore your encrypt_password method does self.encrypted_password = encrypt(nil)

    • 0