blocks|key|364253|text|没有办法跳过验证，但是编写您自己的方法版本将非常容易，它允许您传递一个参数来确定是否验证password_digest字段的存在。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|364254|只需像在SecurePassword+module中一样(通过ActiveSupport::Concern)扩展ActiveModel，并添加您自己的安全密码方法。|offset|length|style|CODE|364255|即|364256|module+ActiveModel
++module+MySecurePassword
++++extend+ActiveSupport::Concern

++++module+ClassMethods
++++++def+my_has_secure_password(validate_password_digest=true)
++++++++#+you+custom+logic
++++++end
++++end
++end
end|code-block|syntax|javascript|364257|entityMap|0|LINK|mutability|MUTABLE|url|https://github.com/lifo/docrails/blob/master/activemodel/lib/active_model/secure_password.rb^0|0|V|M|1K|B|4|L|0|0|0|0^^$0|@$1|2|3|4|5|6|7|W|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|X|8|@$D|Y|E|Z|F|G]|$D|10|E|11|F|G]]|9|@$D|12|E|13|1|14]]|A|$]]|$1|H|3|I|5|6|7|15|8|@]|9|@]|A|$]]|$1|J|3|K|5|L|7|16|8|@]|9|@]|A|$M|N]]|$1|O|3|-4|5|6|7|17|8|@]|9|@]|A|$]]]|P|$Q|$5|R|S|T|A|$U|V]]]]

There's no way to skip the validation, but it would be easy enough to write your own version of the method that allows you to pass an argument to determine whether or not to validate presence of the password_digest field.

Just extend <code>ActiveModel</code> the same way they do in the <a href="https://github.com/lifo/docrails/blob/master/activemodel/lib/active_model/secure_password.rb" rel="nofollow">SecurePassword module</a> (via <code>ActiveSupport::Concern</code>) and add your own secure password method.

i.e.

<pre><code>module ActiveModel
 module MySecurePassword
 extend ActiveSupport::Concern

 module ClassMethods
 def my_has_secure_password(validate_password_digest=true)
 # you custom logic
 end
 end
 end
end
</code></pre>

blocks|key|364325|text|我决定进行自己的自定义身份验证。以下解决方案将仅在设置密码时验证密码。这使管理员无需添加密码即可创建用户。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|364326|class+User+<+ActiveRecord::Base
++include+BCrypt

++attr_accessor+:password,+:password_confirmation

++validates+:password,+length:+(6..32),+confirmation:+true,+if:+:setting_password?

++def+password=(password)
++++@password+=+password
++++self.password_hash+=+Password.create(password)
++end

++def+authenticate(password)
++++password.present?+&&+password_hash.present?+&&+Password.new(password_hash)+==+password
++end

private

++def+setting_password?
++++password+%7C%7C+password_confirmation
++end

end|code-block|syntax|javascript|364327|如果有人发布的答案允许我仍然使用has_secure_password方法，我将改为接受它。|offset|length|style|CODE|364328|entityMap^0|0|0|G|J|0^^$0|@$1|2|3|4|5|6|7|O|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|P|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|Q|8|@$I|R|J|S|K|L]]|9|@]|A|$]]|$1|M|3|-4|5|6|7|T|8|@]|9|@]|A|$]]]|N|$]]

I decided to do my own custom authentication. The following solution will validate passwords but only when they are being set. This allows admins to create users without adding a password.

<pre><code>class User &lt; ActiveRecord::Base
 include BCrypt

 attr_accessor :password, :password_confirmation

 validates :password, length: (6..32), confirmation: true, if: :setting_password?

 def password=(password)
 @password = password
 self.password_hash = Password.create(password)
 end

 def authenticate(password)
 password.present? &amp;&amp; password_hash.present? &amp;&amp; Password.new(password_hash) == password
 end

private

 def setting_password?
 password || password_confirmation
 end

end
</code></pre>

If someone posts an answer that allows me to still use the <code>has_secure_password</code> method, I'll accept it instead.

blocks|key|364394|text|从rails的4.X版本开始，has_secure_password采用了一个选项:验证。如果将其设置为false，则不会运行验证。|type|unstyled|depth|inlineStyleRanges|offset|length|style|CODE|entityRanges|data|364395|gem的3.X版本不支持此参数。但是，您可以从支持此参数的latest+4.0.XRC+code向后移植activemodel/lib/active_model/secure_password.rb。|364396|因此，您的代码将如下所示：|364397|class+User+<+ActiveRecord::Base
++has_secure_password+:validations+=>+false
++...
end|code-block|syntax|javascript|364398|entityMap|0|LINK|mutability|MUTABLE|url|https://github.com/rails/rails/blob/ef5d85709d346e55827e88f53430a2cbe1e5fb9e/activemodel/lib/active_model/secure_password.rb#L51^0|F|J|1G|5|0|T|J|0|0|0|0^^$0|@$1|2|3|4|5|6|7|W|8|@$9|X|A|Y|B|C]|$9|Z|A|10|B|C]]|D|@]|E|$]]|$1|F|3|G|5|6|7|11|8|@]|D|@$9|12|A|13|1|14]]|E|$]]|$1|H|3|I|5|6|7|15|8|@]|D|@]|E|$]]|$1|J|3|K|5|L|7|16|8|@]|D|@]|E|$M|N]]|$1|O|3|-4|5|6|7|17|8|@]|D|@]|E|$]]]|P|$Q|$5|R|S|T|E|$U|V]]]]

Since 4.X versions of rails, <code>has_secure_password</code> takes an option :validations. If you set it to <code>false</code>, it will not run validations. 

The 3.X version of the gem does not support this parameter. However you can backport the activemodel/lib/active_model/secure_password.rb from <a href="https://github.com/rails/rails/blob/ef5d85709d346e55827e88f53430a2cbe1e5fb9e/activemodel/lib/active_model/secure_password.rb#L51" rel="noreferrer">latest 4.0.XRC code</a> which supports this argument.

So with that, your code will look like this:

<pre><code>class User &lt; ActiveRecord::Base
 has_secure_password :validations =&gt; false
 ...
end
</code></pre>

blocks|key|364439|text|根据Journeyer和Tybro的回答，我想看看是否可以添加一个私有方法，将true或false返回给验证散列。它起作用了，我将它用于不同的用例，但在这个上下文中，它看起来像这样。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|364440|++class+User+<+ActiveRecord::Base
++++has_secure_password+validations:+!:setting_password

+++#If+setting_password+is+true+then+this+will+be+the+same+as+
+++validations:+false
+++.....+
+++private

+++def+setting_password?
++++#Some+logic+that+determines+if+a+user+is+setting+a+password+and+resolves+
++++to+true+or+false
++++password+%7C%7C+password_confirmation
+++end
+++...
++end|code-block|syntax|javascript|364441|entityMap^0|0|0^^$0|@$1|2|3|4|5|6|7|I|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|J|8|@]|9|@]|A|$E|F]]|$1|G|3|-4|5|6|7|K|8|@]|9|@]|A|$]]]|H|$]]

Piggybacking off of Journeyer and Tybro's answers I wanted to see if you can add a private method that returns true or false to the validations hash. It worked and I used it for a different use case but in this context it would look something like this.
<pre><code>
 class User &lt; ActiveRecord::Base
 has_secure_password validations: !:setting_password

 #If setting_password is true then this will be the same as 
 validations: false
 ..... 
 private

 def setting_password?
 #Some logic that determines if a user is setting a password and resolves 
 to true or false
 password || password_confirmation
 end
 ...
 end

</code></pre>

In my app, only admins can create new User records. The user is emailed an activation link where they set their password.

I'd like to use the has_secure_passord method (<a href="http://railscasts.com/episodes/250-authentication-from-scratch-revised" rel="noreferrer">railscast</a>):

<pre><code>class User &lt; ActiveRecord::Base
 has_secure_password
 ...
end
</code></pre>

Works great, but it automatically validates presence of password digest...so when the admin creates the record the validations fail. I there a way to skip just the automatically added password_digest validation without skipping the others I've added?

How to skip has_secure_password validations

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

在我的应用程序中，只有管理员可以创建新的用户记录。通过电子邮件向用户发送激活链接，用户可在其中设置其密码。我想使用has_secure_passord方法()：class User < ActiveRecord::Base has_secure_password ...end效果很好，但是当管理员创建验证失败的记录...

问如何跳过has_secure_password验证
EN

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问如何跳过has_secure_password验证EN

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问如何跳过has_secure_password验证
EN