database_authenticatable.rb in devise-3.2.0

- old
+ new

@@ -3,19 +3,16 @@
 module Devise
   module Strategies
     # Default strategy for signing in a user, based on his email and password in the database.
     class DatabaseAuthenticatable < Authenticatable
       def authenticate!
-        resource  = valid_password? && mapping.to.find_for_database_authentication(authentication_hash)
-        encrypted = false
+        resource = valid_password? && mapping.to.find_for_database_authentication(authentication_hash)
+        return fail(:not_found_in_database) unless resource
 
-        if validate(resource){ encrypted = true; resource.valid_password?(password) }
+        if validate(resource){ resource.valid_password?(password) }
           resource.after_database_authentication
           success!(resource)
         end
-
-        mapping.to.new.password = password if !encrypted && Devise.paranoid
-        fail(:not_found_in_database) unless resource
       end
     end
   end
 end
 