diff options
| author | erdgeist <erdgeist@erdgeist.org> | 2026-07-17 18:20:25 +0200 |
|---|---|---|
| committer | erdgeist <erdgeist@erdgeist.org> | 2026-07-17 18:20:25 +0200 |
| commit | 5221c5400e193a64ab607d7de7c0450f5f15cd55 (patch) | |
| tree | f745cc4f474b05301e1b1face6a9417d1fdb41bc /lib | |
| parent | 27e89a8e931d4f2c3fd9aa45adae506af6733d0d (diff) | |
Allow updating migrated users without supplying a passworderdgeist-modernize-auth
password_required? treated a blank crypted_password as "needs a
password", but after bcrypt migration crypted_password is nil by
design -- every subsequent save of a migrated or new user failed
validation. The predicate now requires a password only when both
the legacy and the bcrypt credential are absent, or when one is
actually being set.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/authentication.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/authentication.rb b/lib/authentication.rb index 56df391..4d8a5ae 100644 --- a/lib/authentication.rb +++ b/lib/authentication.rb | |||
| @@ -98,7 +98,7 @@ module Authentication | |||
| 98 | end | 98 | end |
| 99 | 99 | ||
| 100 | def password_required? | 100 | def password_required? |
| 101 | crypted_password.blank? || !password.blank? | 101 | (crypted_password.blank? && password_digest.blank?) || !password.blank? |
| 102 | end | 102 | end |
| 103 | end # instance methods | 103 | end # instance methods |
| 104 | end | 104 | end |
