Don't clear password fields if the password is ok

[Dmitry Maksyoma]

Hi,

I've done a registration form with password and password_confirmation fields and the fields are being cleared if there is an error with another form input, e.g. invalid email. I find it annoying that password has to be reentered when there is a problem with another field, actually, there can be many iterations until the user gets input right. All this time having to reenter password and confirmation is clearly annoying.

So, I would like the password and confirmation fields not to be cleared if the password is ok and confirmation matches it. However, I have no idea where to start. Any ideas?

Thanks.

[Walter Lee Davis]

Are you using an authentication engine, like Devise? This may be happening in a mixin in the model in that case, and you'll have to open that up and change the behavior. Otherwise, what does your view look like for the form?

Walter

>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
> To post to this group, send email to rubyonra...@googlegroups.com.
> To unsubscribe from this group, send email to rubyonrails-ta...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/lWwvK-y89gcJ.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>

[Dmitry Maksyoma]

On Saturday, October 27, 2012 2:08:53 AM UTC+13, Walter Lee Davis wrote:

> I've done a registration form with password and password_confirmation fields and the fields are being cleared if there is an error with another form input, e.g. invalid email. I find it annoying that password has to be reentered when there is a problem with another field, actually, there can be many iterations until the user gets input right. All this time having to reenter password and confirmation is clearly annoying. 
>
> So, I would like the password and confirmation fields not to be cleared if the password is ok and confirmation matches it. However, I have no idea where to start. Any ideas?

Are you using an authentication engine, like Devise? This may be happening in a mixin in the model in that case, and you'll have to open that up and change the behavior. Otherwise, what does your view look like for the form?

No, I'm not using auth engine, I only use `has_secure_password'. I've tried removing that and adding `attr_accessor :password, :password_confirmation' and it didn't change a thing, so it seems to be the default Rails behaviour.

My view: http://pastebin.com/s7tpwN4D

[Robert Walker]

Dmitry Maksyoma wrote in post #1081303:

> No, I'm not using auth engine, I only use `has_secure_password'. I've
> tried
> removing that and adding `attr_accessor :password,
> :password_confirmation'
> and it didn't change a thing, so it seems to be the default Rails
> behaviour.
>
> My view: http://pastebin.com/s7tpwN4D

I'm not 100% sure about this, but I have a feeling that behavior exists
for security reasons. The primary concern about providing a password to
a server is limiting the amount of time the cleartext version exists.

In fact I'd be willing to wager that the hashing occurs in the RACK
middleware, which means your Rails application never sees the cleartext
password, and therefore would not have it to send back in the response.

--
Posted via http://www.ruby-forum.com/.