Topic: SOLVED Refactoring existing auth to Rails 3.1.3 has_secure_password

Hi,I am using rails 3.1.3 with ruby 1.9.3-po and postgresql9.1.

I was following the screencasts and its authentication model, but now I wish to refactor it to use the has_secure_password that we find in rails 3.1.

Upto this point, that is, before I begin to implement the has_secure_password, I have commented out all definitions and references to password and password_confirmation.
All tests still pass.

I then added the 
column to my employees table and
     gem 'bcrypt-ruby', '~> 3.0.0' to my Gemfile
I ran
     bundle install and
     'bundle exec rake db:migrate'
     'bundle exec rake db:test:prepare'.
Still, all tests pass.
Now, I added
to my employee.rb model and I have
     attr_accessible :password, :email
   validates  :password, :presence  => true

In my spec/models/employee_spec.rb file, I have;
    require 'spec_helper'
    describe Employee do
       before(:each) do
         @attr = { :first_name => "Teress",
                          :last_name => "Pottle",
                          :password => "foobar",
                          :password_confirmation => "foobar"
and then I have this test which fails,

      it "should create a new instance given valid attributes" do

The test fails with this flag: "undefined method "password_digest""

Could you please help me understand how to test this new feature in rails 3.1, namely, has_secure_password.?
I have watched Ryan Bates's railcast on this subject, checked the documentation on has_secure_password, and read the railsguide article on secure_password and I thought I understood the process, but, the test raises a flag that befuddles me.

Thanks for any help, suggestions or pointers to resources that might lead me to a better understanding of what is all involved in this new feature, well you know, new to me:).

I re-ran my migration and the rake db:test:prepare and I now no-longer have the "undefined method "password_digest"" error.

Instead I have Failure/Error: Employee.create!(@attr)
ActiveRecord: RecordInvalid:
the above because all the records are blank....I think this has something to do with attr_accesible and attr_accessor, so I will do more research.
The invitation is still open to anyone who has some insights that they are willing to share:)

**Another Update**
I removed the attr_accessible :password, :email line and the tests pass.
The reasoning, I got this from 'stackoverflow', (normal object attributes which attr_accessor and attr_accessible create are not the same as those created by ActiveRecord. Apparently ActiveRecord will examine the tables structure and create it's own internal storage for the database backed attributes, also it will create the accessor methods and then use these to see what's in the object.) I do not understand it all, but I know enough to take the advice of a pro and leave the attr_accesor methods upto ActiveRecord. I think this is because I am using postgreql as my database but I am not sure.

***Yet another update***
Michael Hartl is busy pusing out his 2nd edition of the Ruby on Rails Tutorial and in that edition he will be dealing with has_secure_password.


Last edited by fuzzytom (2012-03-23 16:12:44)