From 84fd9503ca740e7e237d65e9dbb500daf782fe8d Mon Sep 17 00:00:00 2001
From: ecneladis <ecneladis@gmail.com>
Date: Thu, 6 Mar 2014 19:40:33 +0100
Subject: [PATCH] Removed duplicated code from exemplary validations for
 password

---
 app/models/user.rb                                         | 5 ++---
 .../broken_auth_sess/_password_complexity.html.erb         | 7 -------
 2 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 105e3f0..2af7dc2 100755
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -4,11 +4,10 @@ class User < ActiveRecord::Base
                        :confirmation => true,
                        :length => {:within => 6..40},
                        :on => :create,
-                       :if => :password#,
-=begin                       :format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}
+                       :if => :password
+=begin
   validates :password, :presence => true,
                         :confirmation => true,
-                        :on => :update,
                         :if => :password,
                         :format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}
 =end  
diff --git a/app/views/layouts/tutorial/broken_auth_sess/_password_complexity.html.erb b/app/views/layouts/tutorial/broken_auth_sess/_password_complexity.html.erb
index a373e91..4ca6a3e 100644
--- a/app/views/layouts/tutorial/broken_auth_sess/_password_complexity.html.erb
+++ b/app/views/layouts/tutorial/broken_auth_sess/_password_complexity.html.erb
@@ -70,18 +70,11 @@
 				<li>1 special character</li>
 			  </p>	
 			  <pre class="ruby">
-			  # VALIDATE PASSWORD BOTH AT CREATION AND WHEN UPDATING	 
 			  validates :password, :presence => true,
 			                        :confirmation => true,
 			                        :length => {:within => 6..40},
-			                        :on => :create,
 			                        :if => :password,
 			                        :format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}
-			  validates :password, :presence => true,
-			                         :confirmation => true,
-			                         :on => :update,
-			                         :if => :password,
-			                         :format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}
 										
 			  </pre>	
             </div>