Allow to not specify a password when signing up with openID
authorKai Krueger <kakrueger@gmail.com>
Sat, 23 Jan 2010 01:38:18 +0000 (01:38 +0000)
committerKai Krueger <kakrueger@gmail.com>
Sat, 23 Jan 2010 01:38:18 +0000 (01:38 +0000)
If the password field has a length of 0 and we have a valid
openID, then disable password login by generating a random
unknown password.

This still needs some warnings to indicate that not all services
such as trac, the forum or some editors are supported with
openid only via oauth.

app/controllers/user_controller.rb

index fa82f62512346ac38eaa8e12bf359185b94ce795..7a4448e515337117aa951caae29059948a941b0a 100644 (file)
@@ -47,6 +47,13 @@ class UserController < ApplicationController
                @user.openid_url = nil
 
                if (params[:user][:openid_url].length > 0)
+                 if @user.pass_crypt.length == 0 
+            #if the password is empty, but we have a openid 
+            #then generate a random passowrd to disable 
+            #loging in via password 
+            @user.pass_crypt = ActiveSupport::SecureRandom.base64(16) 
+            @user.pass_crypt_confirmation = @user.pass_crypt 
+          end
                  #Validate all of the other fields before
                  #redirecting to the openid provider
                  if !@user.valid?