Simply check instead or rescueing.

heartcombo · Apr 16, 2011 · 34a54da · 34a54da
1 parent e329930
commit 34a54da
Showing 1 changed file with 4 additions and 7 deletions.
diff --git a/lib/devise/models/database_authenticatable.rb b/lib/devise/models/database_authenticatable.rb
@@ -33,13 +33,10 @@ def password=(new_password)
 
       # Verifies whether an password (ie from sign in) is the user password.
       def valid_password?(password)
-        begin
-          bcrypt   = ::BCrypt::Password.new(self.encrypted_password)
-          password = ::BCrypt::Engine.hash_secret("#{password}#{self.class.pepper}", bcrypt.salt)
-          Devise.secure_compare(password, self.encrypted_password)
-        rescue BCrypt::Errors::InvalidHash
-          return false
-        end
+        return false if encrypted_password.blank?
+        bcrypt   = ::BCrypt::Password.new(self.encrypted_password)
+        password = ::BCrypt::Engine.hash_secret("#{password}#{self.class.pepper}", bcrypt.salt)
+        Devise.secure_compare(password, self.encrypted_password)
       end
 
       # Set password and password confirmation to nil