I’m porting a project from Rails 3 to 3.1. My authentication system was easily switched over to the new has_secure_password in ActiveRecord. The only problem I’m running into is that I also use OmniAuth and I have the system set up so if a user signs up using one of the OmniAuth providers the account shouldn’t require a password. I can’t seem to override the password_digest validations setup by has_secure_password. Is there anyway to turn off those validations and write my own, or am I going to have to just use my old hand written bcrypt functions from my Rails 3 version of the site?
Share
I ended up going back to using custom methods. However, I did realize afterwards that I should’ve been able to use a before_validation callback to check the conditions, then if they matched set the password_digest to anything simple like ‘0’. This way the digest would never be blank, but at the same time it shouldn’t ever validate as a correct password, making them sign in through OmniAuth.
Feel free to correct me if I’m mistaken.