#65 ✓resolved
Sean Kirby

Can't update attributes on newly created users

Reported by Sean Kirby | March 24th, 2009 @ 05:22 PM

When running the following code in our rails app (2.1.2) with authlogic 2.0.2:


u = User.create! :login => 'quentin', :password => 'pass', :password_confirmation => 'pass'
u.update_attributes :login => 'quire'

You get the following exception:


BCrypt::Errors::InvalidSalt: invalid salt
	from /usr/lib/ruby/gems/1.8/gems/bcrypt-ruby-2.0.5/lib/bcrypt.rb:36:in `hash_secret'
	from /usr/lib/ruby/gems/1.8/gems/bcrypt-ruby-2.0.5/lib/bcrypt.rb:142:in `=='
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/dirty.rb:161:in `field_changed?'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/dirty.rb:131:in `write_attribute'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/base.rb:2355:in `[]='
	from /home/james/src/packmanager/dev/vendor/plugins/strip_attributes/lib/strip_attributes.rb:8:in `strip_attributes!'
	from /home/james/src/packmanager/dev/vendor/plugins/strip_attributes/lib/strip_attributes.rb:6:in `each'
	from /home/james/src/packmanager/dev/vendor/plugins/strip_attributes/lib/strip_attributes.rb:6:in `strip_attributes!'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:177:in `call'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:177:in `evaluate_method'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:161:in `call'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:93:in `run'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:92:in `each'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:92:in `send'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:92:in `run'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/../../activesupport/lib/active_support/callbacks.rb:272:in `run_callbacks'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/callbacks.rb:298:in `callback'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/callbacks.rb:263:in `valid?'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/validations.rb:920:in `save_without_dirty!'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/dirty.rb:83:in `save_without_transactions!'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/transactions.rb:110:in `save!'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb:66:in `transaction'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/transactions.rb:79:in `transaction'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/transactions.rb:98:in `transaction'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/transactions.rb:110:in `save!'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/transactions.rb:118:in `rollback_active_record_state!'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/transactions.rb:110:in `save!'
	from /home/james/src/packmanager/dev/vendor/rails/activerecord/lib/active_record/base.rb:2279:in `update_attributes!'
	from (irb):5

However, doing an update_attributes on a User just loaded from the DB doesn't fail. The above code works in authlogic 1.4.3.

Comments and changes to this ticket

  • Sean Kirby

    Sean Kirby March 24th, 2009 @ 05:25 PM

    Forgot to mention that in authlogic 2.0.2 the following DOES work:

    
    u = User.create! :login => 'quentin', :password => 'pass', :password_confirmation => 'pass'
    u.reload.update_attributes :login => 'quire'
    
  • Ben Johnson

    Ben Johnson March 24th, 2009 @ 05:46 PM

    • State changed from “new” to “open”

    Seems to work for me:

    >> u = User.create! :email => "a2@a.com", :password => "test", :password_confirmation => "test", :company => Company.first, :first_name => "Ben", :last_name => "J"
    
    >> u.update_attributes! :email => "neat@neat.com"
    => true
    

    I am also using BCrypt

  • Ben Johnson

    Ben Johnson March 24th, 2009 @ 05:48 PM

    It might be possible that your crypted_password field isn't big enough and the encrypted string is being cut short?

  • Sean Kirby

    Sean Kirby March 24th, 2009 @ 06:40 PM

    It seems like the issue was with our use of the strip_attributes plugin which removes leading and trailing whitespace from all fields in our User model. Not stripping the password_salt field seems to fix the issue.

    We prevented stripping on some of the other fields as well:

    
    strip_attributes! :except => [:crypted_password, :password_salt, :persistence_token, :single_access_token, :perishable_token]
    
  • Ben Johnson

    Ben Johnson March 24th, 2009 @ 06:43 PM

    • State changed from “open” to “resolved”

    Yeah, I think bcrypt relies on a new line at the end or the string.

  • Rodolfo515

    Rodolfo515 January 1st, 2019 @ 04:56 AM

    It’s pretty frustrating to have a name attribute used in all the responses, and sprinkled throughout the actual auth0 UI w/ no ability to actually update the value mypremiercreditcard.

  • talktowendyst

    talktowendyst February 13th, 2019 @ 01:05 AM

    As mentioned, all talktowendys survey participants find a chance to be given a reward for answering this questionnaire. After completing the survey, you will be invited to input the talktowendys Sweepstakes. The talktowendys Sweepstakes offers ten daily prizes of 1000. You will also qualify for one of those talktowendys weekly awards, worth upto $1500. https://www.talktowendys.ooo/

  • sirnocares

    sirnocares March 15th, 2019 @ 02:10 AM

    Take Krogerfeedback Survey & Win 50 Bonus Fuel Points. This Customer Survey is the online Feedback which is initiated by Kroger Store just to improve the standards.

  • tizili

    tizili April 13th, 2019 @ 01:49 PM

    This has been made conceivable by prepaidcardstatus. You should simply sign on to their official site at prepaidcardstatus This online entryway makes it feasible for you to check your offset online with no hustle and a working web association.

  • jerry rogers

    jerry rogers April 26th, 2019 @ 11:54 PM

    Have you considered your crypted_password field is possibly too small? Shark Apex AZ1002 review

  • ahmad khan

    ahmad khan May 28th, 2019 @ 08:26 AM

    I am encountering this issue and I don’t know how to fix it. Is there anyone who could help me out fixing it? The issue is that I Can't update attributes on newly created users. Is there any possible way to solve this problem? I need to know about postmodernclog.com from my instructor. It would be a lot of help for many people.

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.

People watching this ticket

Pages