diff --git a/CHANGELOG.md b/CHANGELOG.md index 104b9057e..2c97c382f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,7 +18,11 @@ * Removed deprecations warning output for `Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION` (@soartec-lab) * Add Rails 8 support. - Routes are lazy-loaded by default in test and development environments now so Devise loads them before `Devise.mappings` call. - + * Password length validator is changed from + `validates_length_of :password, within: password_length, allow_blank: true` + to + `validates_length_of :password, minimum: proc { password_length.min }, maximum: proc { password_length.max }, allow_blank: true` + so it's possible to override `password_length` at runtime. (@manojmj92) * bug fixes * Make `Devise` work without `ActionMailer` when `Zeitwerk` autoloader is used. diff --git a/lib/devise/models/validatable.rb b/lib/devise/models/validatable.rb index 1c22fb5fe..62486cfbe 100644 --- a/lib/devise/models/validatable.rb +++ b/lib/devise/models/validatable.rb @@ -14,6 +14,8 @@ module Models # * +email_regexp+: the regular expression used to validate e-mails; # * +password_length+: a range expressing password length. Defaults to 6..128. # + # Since +password_length+ is applied in a proc within `validates_length_of` it can be overridden + # at runtime. module Validatable # All validations used by this module. VALIDATIONS = [:validates_presence_of, :validates_uniqueness_of, :validates_format_of, @@ -34,7 +36,7 @@ def self.included(base) validates_presence_of :password, if: :password_required? validates_confirmation_of :password, if: :password_required? - validates_length_of :password, within: password_length, allow_blank: true + validates_length_of :password, minimum: proc { password_length.min }, maximum: proc { password_length.max }, allow_blank: true end end diff --git a/test/models_test.rb b/test/models_test.rb index c213d2047..16acb92c9 100644 --- a/test/models_test.rb +++ b/test/models_test.rb @@ -26,8 +26,8 @@ def assert_include_modules(klass, *modules) test 'validations options are not applied too late' do validators = WithValidation.validators_on :password length = validators.find { |v| v.kind == :length } - assert_equal 2, length.options[:minimum] - assert_equal 6, length.options[:maximum] + assert_equal 2, length.options[:minimum].call + assert_equal 6, length.options[:maximum].call end test 'validations are applied just once' do