Permalink
Browse files

Ensure authenticatable_salt can be nil.

  • Loading branch information...
1 parent 14d7729 commit 67a49f3b75477f11176697a04c7c0a2109fcb489 @josevalim josevalim committed Nov 11, 2010
View
2 lib/devise/models/database_authenticatable.rb
@@ -68,7 +68,7 @@ def after_database_authentication
# A reliable way to expose the salt regardless of the implementation.
def authenticatable_salt
- self.encrypted_password[0,29]
+ self.encrypted_password[0,29] if self.encrypted_password
end
protected
View
10 lib/devise/models/rememberable.rb
@@ -76,7 +76,15 @@ def remember_expires_at
end
def rememberable_value
- respond_to?(:remember_token) ? self.remember_token : self.authenticatable_salt
+ if respond_to?(:remember_token)
+ remember_token
+ elsif respond_to?(:authenticatable_salt) && (salt = authenticatable_salt)
+ salt
+ else
+ raise "The #{self.class.name} class does not respond to remember_token and " <<
+ "authenticatable_salt returns nil. In order to use rememberable, you must " <<
+ "add a remember_token field to your model or ensure a password is always set."
+ end
end
def cookie_options
View
6 test/models/database_authenticatable_test.rb
@@ -13,6 +13,12 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
assert_present user.encrypted_password
end
+ test 'allow authenticatable_salt to work even with nil encrypted password' do
+ user = User.new
+ user.encrypted_password = nil
+ assert_nil user.authenticatable_salt
+ end
+
test 'should not generate encrypted password if password is blank' do
assert_blank new_user(:password => nil).encrypted_password
assert_blank new_user(:password => '').encrypted_password
View
8 test/models/rememberable_test.rb
@@ -268,4 +268,12 @@ def create_resource
user.remember_me!
assert_equal user, User.serialize_from_cookie(user.to_key, user.authenticatable_salt)
end
+
+ test 'raises a RuntimeError if authenticatable_salt is nil' do
+ user = User.new
+ user.encrypted_password = nil
+ assert_raise RuntimeError do
+ user.rememberable_value
+ end
+ end
end

0 comments on commit 67a49f3

Please sign in to comment.