Merge pull request #78 from kou/try-to-fix-wrong-try

Try to fix wrong try usage
2026-05-05 19:06:12 +02:00 · 2014-08-22 17:06:51 +09:00 · 2014-08-22 17:06:51 +09:00 · 67d26bdc3c
commit 67d26bdc3c
parent ca368c932e ab903716bc
2 changed files with 7 additions and 2 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -16,8 +16,7 @@ class ApplicationController < ActionController::Base

  def current_user
    return unless session[:succeed_password]
-    # NOTE: if hashed password is invalid or broken, .authenticate would raise error. Using `try` is avoid that situation
-    @current_user ||= User.new(name: "admin").try(:authenticate, session[:succeed_password])
+    @current_user ||= User.new(name: "admin").authenticate(session[:succeed_password])
  end

  def login_required
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -19,6 +19,12 @@ class User
  validates :password, length: { minimum: 8 }
  validate :valid_current_password

+  def authenticate(unencrypted_password)
+    super
+  rescue BCrypt::Errors::InvalidHash
+    false
+  end
+
  def password_digest
    @password_digest ||
      begin