summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2026-07-17 18:20:25 +0200
committererdgeist <erdgeist@erdgeist.org>2026-07-17 18:20:25 +0200
commit5221c5400e193a64ab607d7de7c0450f5f15cd55 (patch)
treef745cc4f474b05301e1b1face6a9417d1fdb41bc /lib
parent27e89a8e931d4f2c3fd9aa45adae506af6733d0d (diff)
Allow updating migrated users without supplying a passworderdgeist-modernize-auth
password_required? treated a blank crypted_password as "needs a password", but after bcrypt migration crypted_password is nil by design -- every subsequent save of a migrated or new user failed validation. The predicate now requires a password only when both the legacy and the bcrypt credential are absent, or when one is actually being set.
Diffstat (limited to 'lib')
-rw-r--r--lib/authentication.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/authentication.rb b/lib/authentication.rb
index 56df391..4d8a5ae 100644
--- a/lib/authentication.rb
+++ b/lib/authentication.rb
@@ -98,7 +98,7 @@ module Authentication
98 end 98 end
99 99
100 def password_required? 100 def password_required?
101 crypted_password.blank? || !password.blank? 101 (crypted_password.blank? && password_digest.blank?) || !password.blank?
102 end 102 end
103 end # instance methods 103 end # instance methods
104 end 104 end