0

I'm 3 months into learning Rails. Trying to add Facebook auth to a Hartl tutorial sample app clone.

I'd like to still allow users to create accounts w/o FB... though I'm open to suggestions on that. I want the FB login to happen instantly, without users having to enter a password.

I've been using the relevant Railscasts (#235-236, etc.) but Ryan uses devise, and I don't want to. In fact, I find the complexity of his solution a good argument for authentication from scratch.

My current bug (after saving a user without validation) is "Password digest missing on new record" and seems to be caused by this. What are my options?

  1. I'm tempted to just add a random password_digest but feel a little dirty about that. Should I?
  2. Should I rewrite the sign_in function? What exactly needs to happen in it? Maybe I don't fully understand the lifecycle of Hartl's remember_token...
  3. Is there anything else I'm missing?

My code is up on Github.

Thanks!

bluemihai
  • 405
  • 4
  • 15

1 Answers1

0

The has_secure_password module automatically adds this validation: validates_presence_of :password_digest. And, there is no way to bypass this validation.

One solution that I can think of is to fallback to the secured password theory explained in the previous version of rails tutorial (http://ruby.railstutorial.org/chapters/modeling-and-viewing-users-two?version=3.0#sec:secure_passwords) and roll your authentication mechanism instead of using has_secure_password.

Rupesh Pandey
  • 16
  • 1