model_mixin.rb in quo_vadis-1.1.1

- old
+ new

@@ -8,18 +8,20 @@
 
   module ClassMethods
     # Adds methods to set and authenticate against a password stored encrypted by BCrypt.
     # Also adds methods to generate and clear a token, used to retrieve the record of a
     # user who has forgotten their password.
+    #
+    # Note that if a password isn't supplied when creating a user, the error will be on
+    # the `password_digest` attribute.
     def authenticates
       send :include, InstanceMethodsOnActivation
 
       attr_reader    :password
       attr_protected :password_digest
 
       validates :username,        :presence => true, :uniqueness => true, :if => :should_authenticate?
-      validates :password,        :presence => true, :if => Proc.new { |u| u.should_authenticate? && u.changed.include?('password_digest') }
       validates :password_digest, :presence => true, :if => :should_authenticate?
 
       scope :valid_token, lambda { |token| where("token = ? AND token_created_at > ?", token, 3.hours.ago) }
 
       instance_eval <<-END, __FILE__, __LINE__ + 1
@@ -52,10 +54,12 @@
       true
     end
 
     def password=(plain_text_password) # :nodoc:
       @password = plain_text_password
-      self.password_digest = BCrypt::Password.create plain_text_password
+      unless @password.blank?
+        self.password_digest = BCrypt::Password.create plain_text_password
+      end
     end
 
     # Generates a unique, timestamped token which can be used in URLs, and
     # saves the record.  This is part of the forgotten-password workflow.
     def generate_token # :nodoc: