Throws exception if the password field is empty
Closed this issue · 2 comments
I think instead it should set an error so that object.valid? returns false.
My model validations regarding the password are:
validates :password, presence: true
validates :password, password_strength: {min_entropy: 15}, length: { minimum: 8 }
From the console:
account = MyModel.create(login: 'username')
Throws this error:
TypeError: can't dup NilClass
from /home/aaron/Documents/Temptster/projects/api/vendor/bundle/ruby/2.0.0/gems/strong_password-0.0.2/lib/strong_password/strength_checker.rb:8:in `dup'
Commenting out the second validation removes the exception, and validation correctly fails because the password wasn't passed in the create call.
Aaron, thanks for alerting me to this problem. As a temporary workaround you can add allow_nil: true to the second validation call. Your first validate presence call should catch that case anyways and that will bypass the password_strength checking if the password is nil.
I'm also releasing 0.0.3 to address this. The change will follow standard Rails validations such as validates_format_of which call to_s on the value. That will result in nil being treated as an empty string.
Thanks for the quick response.
At the moment, I'm simply checking the parameter coming in through the controller to ensure it isn't empty. I look forward to your release, and so far, I'm liking the gem!