Clear pass_crypt_confirmation when encrypting a new password
authorTom Hughes <tom@compton.nu>
Fri, 27 Jul 2012 10:39:11 +0000 (11:39 +0100)
committerTom Hughes <tom@compton.nu>
Fri, 27 Jul 2012 11:05:19 +0000 (12:05 +0100)
If we change pass_crypt (by encrypting it) without clearing the
confirmation then the user record becomes invalid.

app/models/user.rb

index b6c126076bd29d5305a475c07b738e566cf7440a..8a594b01dcbdd4ce0fb947ca906a514c4ad45a87 100644 (file)
@@ -233,6 +233,7 @@ private
     if pass_crypt_confirmation
       self.pass_salt = OSM::make_token(8)
       self.pass_crypt = OSM::encrypt_password(pass_crypt, pass_salt)
+      self.pass_crypt_confirmation = nil
     end
   end
 end