0

I used has_secure_password for the User model. Now I am trying to use AJAX to update some of the user's attributes, including password. However, it looks like with has_secure_password, the password attribute no longer exists, replaced by password_digest. So when I am trying to do

user[:password] = "The password passed by AJAX"
user.save!

I got:

ActiveModel::MissingAttributeError (can't write unknown attribute password)

The question is: What is the right way to update a user's password in this situation? Do I need to manually compute the hash and update the password_digest?

EDIT:

I am using Rails 4.2.1

zkytony
  • 1,242
  • 2
  • 18
  • 35

1 Answers1

0

Normally you just use:

user = User.find 1
user.password = 'Test123456789'
user.save

But, it sounds like you have not added a password_digest column to the users table or have not run the migrations.

infused
  • 24,000
  • 13
  • 68
  • 78
  • Yep, I don't have a password column, since the has_secure_password authenticates using the password_digest column. I think not having password column is the intended way to use has_secure_password – zkytony Dec 28 '15 at 08:02
  • I should have said password_digest. Corrected. – infused Dec 28 '15 at 08:03
  • It's just this simple! But the `password_confirmation` must be set too. This is a bit inconsistent with how other columns can be changed. But at least this works. – zkytony Dec 28 '15 at 08:08
  • It doesn't actually. I have never needed to do so and just tested it again. – infused Dec 28 '15 at 08:09
  • OK. hmm I tested without, and got `Password confirmation doesn't match Password`. I used `user.save!` – zkytony Dec 28 '15 at 08:10
  • Which is a completely different error than you specified in your original question. – infused Dec 28 '15 at 08:11