Alright then, lets see how well you guys do with this one: I've got merb_auth up and running just fine (it's very well documented), but I seem to have hit a snag. I want a user to be able to edit their account, but I want this to be password protected. That is, even though the user is logged in, I want them to have to enter their current password in order to change their settings/password/e- mail, etc. However, if I try to access the password directly, I only get "password" as a result (thus, unless the user actually has a password of "password" it always claims that they entered the password incorrectly. (Although actually I just tried having a password of "password", and no, it does nothing.)
I undestand that merb_auth encrypts or salts or whatever the password for security purposes, but is there anyway that I can compare the encrypted password with the password they give me, even if I have to let merb-auth encrypt the confirmation password? Failing that, can anyone think of a way for merb-auth to do this for me? You'd think this would be included functionality, but I can't find reference to it anywhere. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "merb" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/merb?hl=en -~----------~----~----~----~------~----~------~--~---
