Method: Devise::Models::DatabaseAuthenticatable#update_with_password

Defined in:
lib/devise/models/database_authenticatable.rb

#update_with_password(params) ⇒ Object

Update record attributes when :current_password matches, otherwise returns error on :current_password.

This method also rejects the password field if it is blank (allowing users to change relevant information like the e-mail without changing their password). In case the password field is rejected, the confirmation is also rejected as long as it is also blank.



87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'lib/devise/models/database_authenticatable.rb', line 87

def update_with_password(params)
  current_password = params.delete(:current_password)

  if params[:password].blank?
    params.delete(:password)
    params.delete(:password_confirmation) if params[:password_confirmation].blank?
  end

  result = if valid_password?(current_password)
    update(params)
  else
    assign_attributes(params)
    valid?
    errors.add(:current_password, current_password.blank? ? :blank : :invalid)
    false
  end

  clean_up_passwords
  result
end