Devise Not Validating Password/Password Confirmation
I have a custom controller that handles the editing of user passwords based off of the code here.
User Model
attr_accessible :password, :password_confirmation, :username, :login
...
devise :database_authenticatable,
:lockable,
:registerable,
:recoverable,
:rememberable,
:trackable
PasswordsController
expose(:user) { current_user }
def update
if user.update_with_password(params[:user])
sign_in(user, :bypass => true)
flash[:notice] = "success"
else
render :edit
end
end
My edit password form is located here.
The problem is that no matter what I enter (or don't enter for that matter) into the edit password form, The "success" flash method is displayed.
Answer
If you want Devise to do validations, you need to add the :validatable module to your model. This is fairly easy to do, just add :validatable to the list of module in the devise call, so your model says:
devise
:database_authenticatable,
:lockable,
:registerable,
:recoverable,
:rememberable,
:trackable,
:validatable
This will make devise add validations.
Another easy way is to add your own validations. If you just want to validate that the password confirmation matches, you can add a validates_confirmation_of validation by adding this to your model:
validates_confirmation_of :password
I hope this helps.