Есть модель пользователя User с
has_secure_password();irb(main):001:0> usr=User.create(name:"Anonimus", email: "other@domain.com", password:"qwerty12", password_confirmation:"qwerty12")
(39.2ms) BEGIN
User Exists (40.5ms) SELECT 1 AS one FROM "users" WHERE LOWER("users"."email") = LOWER('other@domain.com') LIMIT 1
SQL (122.4ms) INSERT INTO "users" ("created_at", "email", "name", "password_digest", "updated_at") VALUES ($1, $2, $3, $4, $5) RETURNING "id" [["created_at", Thu, 26 Jun 2014 19:49:34 UTC +00:00], ["email", "other@domain.com"], ["name", "Anonimus"], ["password_digest", "$2a$10$UKiOPkggq9B.7guIsHloGepnew0mut8RNywqKH2YQOCiuVjQ1TZWC"], ["updated_at", Thu, 26 Jun 2014 19:49:34 UTC +00:00]]
(39.4ms) COMMIT
=> #<User id: 4, name: "Anonimus", email: "other@domain.com", created_at: "2014-06-26 19:49:34", updated_at: "2014-06-26 19:49:34", password_digest: "$2a$10$UKiOPkggq9B.7guIsHloGepnew0mut8RNywqKH2YQOCi...">
irb(main):002:0> usr
Но при загрузке из бд эти значения nil, что приводит к отмене транзакции:
irb(main):013:0> anon=User.find_by(name:"Anonimus")
User Load (39.9ms) SELECT "users".* FROM "users" WHERE "users"."name" = 'Anonimus' LIMIT 1
=> #<User id: 4, name: "Anonimus", email: "other@domain.com", created_at: "2014-06-26 19:49:34", updated_at: "2014-06-26 19:49:34", password_digest: "$2a$10$UKiOPkggq9B.7guIsHloGepnew0mut8RNywqKH2YQOCi...">
irb(main):014:0> anon.password
=> nil
irb(main):015:0> anon.password_confirmation
=> nil
irb(main):016:0> anon.update_attributes(name: "Anonim")
(39.1ms) BEGIN
User Exists (39.5ms) SELECT 1 AS one FROM "users" WHERE (LOWER("users"."email") = LOWER('other@domain.com') AND "users"."id" != 4) LIMIT 1
(39.3ms) ROLLBACK
=> false
И как же быть? Не хранить же пароль в куки
