Module: Authlogic::Session::Password::InstanceMethods

Defined in:

lib/authlogic/session/password.rb

Overview

Password-related instance methods

Constant Summary

E_AC_PARAMETERS =

<<-STR.strip_heredoc.freeze
  You have passed an ActionController::Parameters to Authlogic 3. That's
  OK for now, but in Authlogic 4, it will raise an error. Please
  replace:

      UserSession.new(user_session_params)
      UserSession.create(user_session_params)

  with

      UserSession.new(user_session_params.to_h)
      UserSession.create(user_session_params.to_h)

  And don't forget to `permit`!

  During the transition of rails to Strong Parameters, it has been
  common for Authlogic users to forget to `permit` their params. They
  would pass their params into Authlogic, we'd call `to_h`, and they'd
  be surprised when authentication failed.

  In 2018, people are still making this mistake. We'd like to help them
  and make authlogic a little simpler at the same time, so in Authlogic
  3.7.0, we deprecated the use of ActionController::Parameters.

  We discussed this issue thoroughly between late 2016 and early
  2018. Notable discussions include:

  - https://github.com/binarylogic/authlogic/issues/512
  - https://github.com/binarylogic/authlogic/pull/558
  - https://github.com/binarylogic/authlogic/pull/577
STR

Instance Method Summary

• #credentials ⇒ Object

  Returns the login_field / password_field credentials combination in hash form.

• #credentials=(value) ⇒ Object

  Accepts the login_field / password_field credentials combination in hash form.

• #initialize(*args) ⇒ Object
• #invalid_password? ⇒ Boolean

Instance Method Details

#credentials ⇒ Object

Returns the login_field / password_field credentials combination in hash form.

# File 'lib/authlogic/session/password.rb', line 174

def credentials
  if authenticating_with_password?
    details = {}
    details[login_field.to_sym] = send(login_field)
    details[password_field.to_sym] = "<protected>"
    details
  else
    super
  end
end

#credentials=(value) ⇒ Object

Accepts the login_field / password_field credentials combination in hash form.

# File 'lib/authlogic/session/password.rb', line 187

def credentials=(value)
  super
  values = parse_param_val(value) # add strong parameters check

  if values.first.is_a?(Hash)
    values.first.with_indifferent_access.slice(login_field, password_field).each do |field, value|
      next if value.blank?
      send("#{field}=", value)
    end
  end
end

#initialize(*args) ⇒ Object

# File 'lib/authlogic/session/password.rb', line 164

def initialize(*args)
  if !self.class.configured_password_methods
    configure_password_methods
    self.class.configured_password_methods = true
  end
  super
end

#invalid_password? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/authlogic/session/password.rb', line 199

def invalid_password?
  invalid_password == true
end