password_digest, has_secret_password and form validations in RoR 3.1

Question

If you haven't seen it yet, have a look at the latest railscast authentication in rails 3.1. He uses password_digest:string when generating the model and adds has_secret_password to the User model. He also adds some accessible_attributes, :password and :password_confirmation.

By using validates_confirmation_of :password we can make sure the password is confirmed before creating an instance. If I leave the password fields empty in my form I get this error message:

ruby-1.9.2-p180 :024 > u = User.new
 => #<User id: nil, name: nil, email: nil, password_digest: nil, created_at: nil, updated_at: nil> 
ruby-1.9.2-p180 :027 > u.save
   (0.4ms)  SELECT 1 FROM "users" WHERE "users"."email" = '' LIMIT 1
 => false 
ruby-1.9.2-p180 :028 > u.errors.full_messages
 => ["Password digest can't be blank"]

Of course we don't want to call the password field "Password digest" when communicating with our users. How do I change this error message?

Bonus question
When using validates_confirmation_of and using mismatching passwords I get two error messages telling me about it, and only the :password label and input tags are surrounded with fields_with_errors divs. If the passwords don't match I want to also highlight the password_confirmation input, if possible remove it altogether from the password part.

Should I write my own method for checking password confirmation? If so, could you provide some small guidelines?

duplicate for http://stackoverflow.com/questions/6158585/override-validation-error-message-for-securepassword — choonkeat, Nov 19 '11 at 09:41

score 8 · Accepted Answer · answered Dec 06 '11 at 21:19

8

The official way to solve this is to add the following to your locale file:

en:
  activerecord:
    attributes:
      user:
        password_digest: 'Password'

The English locale file is located at config/locales/en.yml. You may have to restart your server for the changes to be loaded in your environment.

answered Dec 06 '11 at 21:19

Shaun Chapman

176
1
5

Perfect and so simple! Thank you – Emil Ahlbäck Dec 07 '11 at 05:32

score 3 · Answer 2 · answered May 26 '13 at 15:52

3

To get rid of password_digest message, you can modify the view:

<% @user.errors.messages.delete(:password_digest) -%>

answered May 26 '13 at 15:52

Noddinoff

93
7

IMO this is the best answer. – DeeDee Oct 28 '13 at 21:54

score 1 · Answer 3 · answered Jun 13 '11 at 21:56

You could override the human_attribute_name method and set your own humanized version of the password_digest attribute. Try something like this:

HUMANIZED_ATTRIBUTES = {
  :password_digest => "Password"
}

def self.human_attribute_name(attr, options={})
  HUMANIZED_ATTRIBUTES[attr.to_sym] || super
end

Then your error should look like this: "Password can't be blank"

password_digest, has_secret_password and form validations in RoR 3.1

3 Answers3