Please read for an updated status on RailsCasts:
Learn more or hide this
GitHub User: jgthms
Hi everyone and thank you Ryan for this great screencast
I have an issue with the password reset edit form. The reset url is correctly generate and I can access the form, but my update action doesn't seem to work. Actually, I can send my form with empty fields for "password" and "password confirmation" and it will still trigger the "Password has been reset!" notice.
It looks as though my user validations aren't being taken into account here.
I tried adding both password and password confirmation validation to my User model:
validates :username, :email, :password, :password_confirmation, :presence => true
which is weird because when creating a new user, I didn't need those validations (the has_secure_password feature seemed to implement these validations), but the edit reset password form seems to need them.
Anyway, my edit_password_reset form worked, but it broke my new_password_reset form because it required both non blank password and password confirmation.
What am I missing here?