team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #271 from jmmastey/dont-reencrypt-password

Browse Source 
fix user password field to not accidentally re-encrypt itself on save
This commit is contained in:
Ken Johnson
2017-10-02 18:58:02 -04:00
committed by GitHub
parent b70e6e7b5e 8b2f93516d
commit e139019c4c
2 changed files with 4 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/users_controller.rb
+1 -3
View File
@@ -29,10 +29,8 @@ class UsersController < ApplicationController
if user
user.skip_user_id_assign = true
user.skip_hash_password = true
user.update_attributes(user_params_without_password)
if !(params[:user][:password].empty?) && (params[:user][:password] == params[:user][:password_confirmation])
user.skip_hash_password = false
if params[:user][:password].present? && (params[:user][:password] == params[:user][:password_confirmation])
user.password = params[:user][:password]
end
message = true if user.save!