Throws exception if the password field is empty #2

aaroncraigongithub opened this Issue Jun 27, 2013 · 2 comments


None yet
2 participants

I think instead it should set an error so that object.valid? returns false.

My model validations regarding the password are:

validates :password, presence: true
validates :password, password_strength: {min_entropy: 15}, length: { minimum: 8 }

From the console:

account = MyModel.create(login: 'username')

Throws this error:
TypeError: can't dup NilClass
from /home/aaron/Documents/Temptster/projects/api/vendor/bundle/ruby/2.0.0/gems/strong_password-0.0.2/lib/strong_password/strength_checker.rb:8:in `dup'

Commenting out the second validation removes the exception, and validation correctly fails because the password wasn't passed in the create call.


bdmac commented Jun 27, 2013

Aaron, thanks for alerting me to this problem. As a temporary workaround you can add allow_nil: true to the second validation call. Your first validate presence call should catch that case anyways and that will bypass the password_strength checking if the password is nil.

I'm also releasing 0.0.3 to address this. The change will follow standard Rails validations such as validates_format_of which call to_s on the value. That will result in nil being treated as an empty string.

Thanks for the quick response.

At the moment, I'm simply checking the parameter coming in through the controller to ensure it isn't empty. I look forward to your release, and so far, I'm liking the gem!

bdmac closed this in 4bddf15 Jun 27, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment