Hi,
You aren't doing anything wrong. Authlogic ignores blank passwords.
This really is an application specific issue. Some people like to have
1 form where the user can change their details as well as their
password, but leaving the password blank would just ignore a password
change. In your instance the user is explicitly trying to change the
password, and you want validation to occur no matter what in this
action. You don't want the password being validated on every save
because the password is a virtual field and thus would need to be
supplied every time you want to save a user object.
So what I did was add a validate_password attribute. Just pass true to
this and the object will be validated using the password validations.
So your action will look something like:
@user.validate_password = true
...
Just update from the repo and you should be good.