activemodel 5.2.5 → 6.0.4.6

data/lib/active_model/dirty.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require "active_support/hash_with_indifferent_access"
-require "active_support/core_ext/object/duplicable"
 require "active_model/attribute_mutation_tracker"
 
 module ActiveModel
@@ -122,9 +120,6 @@ module ActiveModel
     extend ActiveSupport::Concern
     include ActiveModel::AttributeMethods
 
-    OPTION_NOT_GIVEN = Object.new # :nodoc:
-    private_constant :OPTION_NOT_GIVEN
-
     included do
       attribute_method_suffix "_changed?", "_change", "_will_change!", "_was"
       attribute_method_suffix "_previously_changed?", "_previous_change"
@@ -145,21 +140,20 @@ module ActiveModel
     # +mutations_from_database+ to +mutations_before_last_save+ respectively.
     def changes_applied
       unless defined?(@attributes)
-        @previously_changed = changes
+        mutations_from_database.finalize_changes
       end
       @mutations_before_last_save = mutations_from_database
-      @attributes_changed_by_setter = ActiveSupport::HashWithIndifferentAccess.new
       forget_attribute_assignments
       @mutations_from_database = nil
     end
 
-    # Returns +true+ if any of the attributes have unsaved changes, +false+ otherwise.
+    # Returns +true+ if any of the attributes has unsaved changes, +false+ otherwise.
     #
     #   person.changed? # => false
     #   person.name = 'bob'
     #   person.changed? # => true
     def changed?
-      changed_attributes.present?
+      mutations_from_database.any_changes?
     end
 
     # Returns an array with the name of the attributes with unsaved changes.
@@ -168,42 +162,37 @@ module ActiveModel
     #   person.name = 'bob'
     #   person.changed # => ["name"]
     def changed
-      changed_attributes.keys
+      mutations_from_database.changed_attribute_names
     end
 
-    # Handles <tt>*_changed?</tt> for +method_missing+.
-    def attribute_changed?(attr, from: OPTION_NOT_GIVEN, to: OPTION_NOT_GIVEN) # :nodoc:
-      !!changes_include?(attr) &&
-        (to == OPTION_NOT_GIVEN || to == _read_attribute(attr)) &&
-        (from == OPTION_NOT_GIVEN || from == changed_attributes[attr])
+    # Dispatch target for <tt>*_changed?</tt> attribute methods.
+    def attribute_changed?(attr_name, **options) # :nodoc:
+      mutations_from_database.changed?(attr_name.to_s, **options)
     end
 
-    # Handles <tt>*_was</tt> for +method_missing+.
-    def attribute_was(attr) # :nodoc:
-      attribute_changed?(attr) ? changed_attributes[attr] : _read_attribute(attr)
+    # Dispatch target for <tt>*_was</tt> attribute methods.
+    def attribute_was(attr_name) # :nodoc:
+      mutations_from_database.original_value(attr_name.to_s)
     end
 
-    # Handles <tt>*_previously_changed?</tt> for +method_missing+.
-    def attribute_previously_changed?(attr) #:nodoc:
-      previous_changes_include?(attr)
+    # Dispatch target for <tt>*_previously_changed?</tt> attribute methods.
+    def attribute_previously_changed?(attr_name) # :nodoc:
+      mutations_before_last_save.changed?(attr_name.to_s)
     end
 
     # Restore all previous data of the provided attributes.
-    def restore_attributes(attributes = changed)
-      attributes.each { |attr| restore_attribute! attr }
+    def restore_attributes(attr_names = changed)
+      attr_names.each { |attr_name| restore_attribute!(attr_name) }
     end
 
     # Clears all dirty data: current changes and previous changes.
     def clear_changes_information
-      @previously_changed = ActiveSupport::HashWithIndifferentAccess.new
       @mutations_before_last_save = nil
-      @attributes_changed_by_setter = ActiveSupport::HashWithIndifferentAccess.new
       forget_attribute_assignments
       @mutations_from_database = nil
     end
 
     def clear_attribute_changes(attr_names)
-      attributes_changed_by_setter.except!(*attr_names)
       attr_names.each do |attr_name|
         clear_attribute_change(attr_name)
       end
@@ -216,13 +205,7 @@ module ActiveModel
     #   person.name = 'robert'
     #   person.changed_attributes # => {"name" => "bob"}
     def changed_attributes
-      # This should only be set by methods which will call changed_attributes
-      # multiple times when it is known that the computed value cannot change.
-      if defined?(@cached_changed_attributes)
-        @cached_changed_attributes
-      else
-        attributes_changed_by_setter.reverse_merge(mutations_from_database.changed_values).freeze
-      end
+      mutations_from_database.changed_values
     end
 
     # Returns a hash of changed attributes indicating their original
@@ -232,9 +215,7 @@ module ActiveModel
     #   person.name = 'bob'
     #   person.changes # => { "name" => ["bill", "bob"] }
     def changes
-      cache_changed_attributes do
-        ActiveSupport::HashWithIndifferentAccess[changed.map { |attr| [attr, attribute_change(attr)] }]
-      end
+      mutations_from_database.changes
     end
 
     # Returns a hash of attributes that were changed before the model was saved.
@@ -244,27 +225,23 @@ module ActiveModel
     #   person.save
     #   person.previous_changes # => {"name" => ["bob", "robert"]}
     def previous_changes
-      @previously_changed ||= ActiveSupport::HashWithIndifferentAccess.new
-      @previously_changed.merge(mutations_before_last_save.changes)
+      mutations_before_last_save.changes
     end
 
     def attribute_changed_in_place?(attr_name) # :nodoc:
-      mutations_from_database.changed_in_place?(attr_name)
+      mutations_from_database.changed_in_place?(attr_name.to_s)
     end
 
     private
       def clear_attribute_change(attr_name)
-        mutations_from_database.forget_change(attr_name)
+        mutations_from_database.forget_change(attr_name.to_s)
       end
 
       def mutations_from_database
-        unless defined?(@mutations_from_database)
-          @mutations_from_database = nil
-        end
         @mutations_from_database ||= if defined?(@attributes)
           ActiveModel::AttributeMutationTracker.new(@attributes)
         else
-          NullMutationTracker.instance
+          ActiveModel::ForcedMutationTracker.new(self)
         end
       end
 
@@ -276,68 +253,28 @@ module ActiveModel
         @mutations_before_last_save ||= ActiveModel::NullMutationTracker.instance
       end
 
-      def cache_changed_attributes
-        @cached_changed_attributes = changed_attributes
-        yield
-      ensure
-        clear_changed_attributes_cache
-      end
-
-      def clear_changed_attributes_cache
-        remove_instance_variable(:@cached_changed_attributes) if defined?(@cached_changed_attributes)
-      end
-
-      # Returns +true+ if attr_name is changed, +false+ otherwise.
-      def changes_include?(attr_name)
-        attributes_changed_by_setter.include?(attr_name) || mutations_from_database.changed?(attr_name)
-      end
-      alias attribute_changed_by_setter? changes_include?
-
-      # Returns +true+ if attr_name were changed before the model was saved,
-      # +false+ otherwise.
-      def previous_changes_include?(attr_name)
-        previous_changes.include?(attr_name)
-      end
-
-      # Handles <tt>*_change</tt> for +method_missing+.
-      def attribute_change(attr)
-        [changed_attributes[attr], _read_attribute(attr)] if attribute_changed?(attr)
+      # Dispatch target for <tt>*_change</tt> attribute methods.
+      def attribute_change(attr_name)
+        mutations_from_database.change_to_attribute(attr_name.to_s)
       end
 
-      # Handles <tt>*_previous_change</tt> for +method_missing+.
-      def attribute_previous_change(attr)
-        previous_changes[attr] if attribute_previously_changed?(attr)
+      # Dispatch target for <tt>*_previous_change</tt> attribute methods.
+      def attribute_previous_change(attr_name)
+        mutations_before_last_save.change_to_attribute(attr_name.to_s)
       end
 
-      # Handles <tt>*_will_change!</tt> for +method_missing+.
-      def attribute_will_change!(attr)
-        unless attribute_changed?(attr)
-          begin
-            value = _read_attribute(attr)
-            value = value.duplicable? ? value.clone : value
-          rescue TypeError, NoMethodError
-          end
-
-          set_attribute_was(attr, value)
-        end
-        mutations_from_database.force_change(attr)
+      # Dispatch target for <tt>*_will_change!</tt> attribute methods.
+      def attribute_will_change!(attr_name)
+        mutations_from_database.force_change(attr_name.to_s)
       end
 
-      # Handles <tt>restore_*!</tt> for +method_missing+.
-      def restore_attribute!(attr)
-        if attribute_changed?(attr)
-          __send__("#{attr}=", changed_attributes[attr])
-          clear_attribute_changes([attr])
+      # Dispatch target for <tt>restore_*!</tt> attribute methods.
+      def restore_attribute!(attr_name)
+        attr_name = attr_name.to_s
+        if attribute_changed?(attr_name)
+          __send__("#{attr_name}=", attribute_was(attr_name))
+          clear_attribute_change(attr_name)
         end
       end
-
-      def attributes_changed_by_setter
-        @attributes_changed_by_setter ||= ActiveSupport::HashWithIndifferentAccess.new
-      end
-
-      # Force an attribute to have a particular "before" value
-      def set_attribute_was(attr, old_value)
-        attributes_changed_by_setter[attr] = old_value
-      end
   end
 end

data/lib/active_model/errors.rb

@@ -62,6 +62,11 @@ module ActiveModel
     CALLBACKS_OPTIONS = [:if, :unless, :on, :allow_nil, :allow_blank, :strict]
     MESSAGE_OPTIONS = [:message]
 
+    class << self
+      attr_accessor :i18n_customize_full_message # :nodoc:
+    end
+    self.i18n_customize_full_message = false
+
     attr_reader :messages, :details
 
     # Pass in the instance of the object that is using the errors object.
@@ -107,6 +112,17 @@ module ActiveModel
       @details.merge!(other.details) { |_, ary1, ary2| ary1 + ary2 }
     end
 
+    # Removes all errors except the given keys. Returns a hash containing the removed errors.
+    #
+    #   person.errors.keys                  # => [:name, :age, :gender, :city]
+    #   person.errors.slice!(:age, :gender) # => { :name=>["cannot be nil"], :city=>["cannot be nil"] }
+    #   person.errors.keys                  # => [:age, :gender]
+    def slice!(*keys)
+      keys = keys.map(&:to_sym)
+      @details.slice!(*keys)
+      @messages.slice!(*keys)
+    end
+
     # Clear the error messages.
     #
     #   person.errors.full_messages # => ["name cannot be nil"]
@@ -312,15 +328,15 @@ module ActiveModel
     #   person.errors.added? :name, :blank           # => true
     #   person.errors.added? :name, "can't be blank" # => true
     #
-    # If the error message requires an option, then it returns +true+ with
-    # the correct option, or +false+ with an incorrect or missing option.
+    # If the error message requires options, then it returns +true+ with
+    # the correct options, or +false+ with incorrect or missing options.
     #
-    #  person.errors.add :name, :too_long, { count: 25 }
-    #  person.errors.added? :name, :too_long, count: 25                     # => true
-    #  person.errors.added? :name, "is too long (maximum is 25 characters)" # => true
-    #  person.errors.added? :name, :too_long, count: 24                     # => false
-    #  person.errors.added? :name, :too_long                                # => false
-    #  person.errors.added? :name, "is too long"                            # => false
+    #   person.errors.add :name, :too_long, { count: 25 }
+    #   person.errors.added? :name, :too_long, count: 25                     # => true
+    #   person.errors.added? :name, "is too long (maximum is 25 characters)" # => true
+    #   person.errors.added? :name, :too_long, count: 24                     # => false
+    #   person.errors.added? :name, :too_long                                # => false
+    #   person.errors.added? :name, "is too long"                            # => false
     def added?(attribute, message = :invalid, options = {})
       message = message.call if message.respond_to?(:call)
 
@@ -331,6 +347,27 @@ module ActiveModel
       end
     end
 
+    # Returns +true+ if an error on the attribute with the given message is
+    # present, or +false+ otherwise. +message+ is treated the same as for +add+.
+    #
+    #   person.errors.add :age
+    #   person.errors.add :name, :too_long, { count: 25 }
+    #   person.errors.of_kind? :age                                            # => true
+    #   person.errors.of_kind? :name                                           # => false
+    #   person.errors.of_kind? :name, :too_long                                # => true
+    #   person.errors.of_kind? :name, "is too long (maximum is 25 characters)" # => true
+    #   person.errors.of_kind? :name, :not_too_long                            # => false
+    #   person.errors.of_kind? :name, "is too long"                            # => false
+    def of_kind?(attribute, message = :invalid)
+      message = message.call if message.respond_to?(:call)
+
+      if message.is_a? Symbol
+        details[attribute.to_sym].map { |e| e[:error] }.include? message
+      else
+        self[attribute].include? message
+      end
+    end
+
     # Returns all the full error messages in an array.
     #
     #   class Person
@@ -364,12 +401,54 @@ module ActiveModel
     # Returns a full message for a given attribute.
     #
     #   person.errors.full_message(:name, 'is invalid') # => "Name is invalid"
+    #
+    # The `"%{attribute} %{message}"` error format can be overridden with either
+    #
+    # * <tt>activemodel.errors.models.person/contacts/addresses.attributes.street.format</tt>
+    # * <tt>activemodel.errors.models.person/contacts/addresses.format</tt>
+    # * <tt>activemodel.errors.models.person.attributes.name.format</tt>
+    # * <tt>activemodel.errors.models.person.format</tt>
+    # * <tt>errors.format</tt>
     def full_message(attribute, message)
       return message if attribute == :base
-      attr_name = attribute.to_s.tr(".", "_").humanize
+      attribute = attribute.to_s
+
+      if self.class.i18n_customize_full_message && @base.class.respond_to?(:i18n_scope)
+        attribute = attribute.remove(/\[\d\]/)
+        parts = attribute.split(".")
+        attribute_name = parts.pop
+        namespace = parts.join("/") unless parts.empty?
+        attributes_scope = "#{@base.class.i18n_scope}.errors.models"
+
+        if namespace
+          defaults = @base.class.lookup_ancestors.map do |klass|
+            [
+              :"#{attributes_scope}.#{klass.model_name.i18n_key}/#{namespace}.attributes.#{attribute_name}.format",
+              :"#{attributes_scope}.#{klass.model_name.i18n_key}/#{namespace}.format",
+            ]
+          end
+        else
+          defaults = @base.class.lookup_ancestors.map do |klass|
+            [
+              :"#{attributes_scope}.#{klass.model_name.i18n_key}.attributes.#{attribute_name}.format",
+              :"#{attributes_scope}.#{klass.model_name.i18n_key}.format",
+            ]
+          end
+        end
+
+        defaults.flatten!
+      else
+        defaults = []
+      end
+
+      defaults << :"errors.format"
+      defaults << "%{attribute} %{message}"
+
+      attr_name = attribute.tr(".", "_").humanize
       attr_name = @base.class.human_attribute_name(attribute, default: attr_name)
-      I18n.t(:"errors.format",
-        default:  "%{attribute} %{message}",
+
+      I18n.t(defaults.shift,
+        default:  defaults,
         attribute: attr_name,
         message:   message)
     end
@@ -400,6 +479,14 @@ module ActiveModel
     # * <tt>errors.messages.blank</tt>
     def generate_message(attribute, type = :invalid, options = {})
       type = options.delete(:message) if options[:message].is_a?(Symbol)
+      value = (attribute != :base ? @base.send(:read_attribute_for_validation, attribute) : nil)
+
+      options = {
+        model: @base.model_name.human,
+        attribute: @base.class.human_attribute_name(attribute),
+        value: value,
+        object: @base
+      }.merge!(options)
 
       if @base.class.respond_to?(:i18n_scope)
         i18n_scope = @base.class.i18n_scope.to_s
@@ -408,6 +495,11 @@ module ActiveModel
             :"#{i18n_scope}.errors.models.#{klass.model_name.i18n_key}.#{type}" ]
         end
         defaults << :"#{i18n_scope}.errors.messages.#{type}"
+
+        catch(:exception) do
+          translation = I18n.translate(defaults.first, **options.merge(default: defaults.drop(1), throw: true))
+          return translation unless translation.nil?
+        end unless options[:message]
       else
         defaults = []
       end
@@ -417,17 +509,9 @@ module ActiveModel
 
       key = defaults.shift
       defaults = options.delete(:message) if options[:message]
-      value = (attribute != :base ? @base.send(:read_attribute_for_validation, attribute) : nil)
-
-      options = {
-        default: defaults,
-        model: @base.model_name.human,
-        attribute: @base.class.human_attribute_name(attribute),
-        value: value,
-        object: @base
-      }.merge!(options)
+      options[:default] = defaults
 
-      I18n.translate(key, options)
+      I18n.translate(key, **options)
     end
 
     def marshal_dump # :nodoc:

data/lib/active_model/gem_version.rb

@@ -7,10 +7,10 @@ module ActiveModel
   end
 
   module VERSION
-    MAJOR = 5
-    MINOR = 2
-    TINY  = 5
-    PRE   = nil
+    MAJOR = 6
+    MINOR = 0
+    TINY  = 4
+    PRE   = "6"
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
   end

data/lib/active_model/naming.rb

@@ -110,6 +110,22 @@ module ActiveModel
     #   BlogPost.model_name.eql?('BlogPost')  # => true
     #   BlogPost.model_name.eql?('Blog Post') # => false
 
+    ##
+    # :method: match?
+    #
+    # :call-seq:
+    #   match?(regexp)
+    #
+    # Equivalent to <tt>String#match?</tt>. Match the class name against the
+    # given regexp. Returns +true+ if there is a match, otherwise +false+.
+    #
+    #   class BlogPost
+    #     extend ActiveModel::Naming
+    #   end
+    #
+    #   BlogPost.model_name.match?(/Post/) # => true
+    #   BlogPost.model_name.match?(/\d/) # => false
+
     ##
     # :method: to_s
     #
@@ -131,7 +147,7 @@ module ActiveModel
     #   to_str()
     #
     # Equivalent to +to_s+.
-    delegate :==, :===, :<=>, :=~, :"!~", :eql?, :to_s,
+    delegate :==, :===, :<=>, :=~, :"!~", :eql?, :match?, :to_s,
              :to_str, :as_json, to: :name
 
     # Returns a new ActiveModel::Name instance. By default, the +namespace+
@@ -187,13 +203,12 @@ module ActiveModel
       defaults << @human
 
       options = { scope: [@klass.i18n_scope, :models], count: 1, default: defaults }.merge!(options.except(:default))
-      I18n.translate(defaults.shift, options)
+      I18n.translate(defaults.shift, **options)
     end
 
     private
-
       def _singularize(string)
-        ActiveSupport::Inflector.underscore(string).tr("/".freeze, "_".freeze)
+        ActiveSupport::Inflector.underscore(string).tr("/", "_")
       end
   end
 
@@ -236,7 +251,7 @@ module ActiveModel
     #   Person.model_name.plural   # => "people"
     def model_name
       @_model_name ||= begin
-        namespace = parents.detect do |n|
+        namespace = module_parents.detect do |n|
           n.respond_to?(:use_relative_model_naming?) && n.use_relative_model_naming?
         end
         ActiveModel::Name.new(self, namespace)

data/lib/active_model/railtie.rb

@@ -7,8 +7,14 @@ module ActiveModel
   class Railtie < Rails::Railtie # :nodoc:
     config.eager_load_namespaces << ActiveModel
 
+    config.active_model = ActiveSupport::OrderedOptions.new
+
     initializer "active_model.secure_password" do
       ActiveModel::SecurePassword.min_cost = Rails.env.test?
     end
+
+    initializer "active_model.i18n_customize_full_message" do
+      ActiveModel::Errors.i18n_customize_full_message = config.active_model.delete(:i18n_customize_full_message) || false
+    end
   end
 end

data/lib/active_model/secure_password.rb

@@ -16,15 +16,16 @@ module ActiveModel
 
     module ClassMethods
       # Adds methods to set and authenticate against a BCrypt password.
-      # This mechanism requires you to have a +password_digest+ attribute.
+      # This mechanism requires you to have a +XXX_digest+ attribute.
+      # Where +XXX+ is the attribute name of your desired password.
       #
       # The following validations are added automatically:
       # * Password must be present on creation
       # * Password length should be less than or equal to 72 bytes
-      # * Confirmation of password (using a +password_confirmation+ attribute)
+      # * Confirmation of password (using a +XXX_confirmation+ attribute)
       #
-      # If password confirmation validation is not needed, simply leave out the
-      # value for +password_confirmation+ (i.e. don't provide a form field for
+      # If confirmation validation is not needed, simply leave out the
+      # value for +XXX_confirmation+ (i.e. don't provide a form field for
       # it). When this attribute has a +nil+ value, the validation will not be
       # triggered.
       #
@@ -37,9 +38,10 @@ module ActiveModel
       #
       # Example using Active Record (which automatically includes ActiveModel::SecurePassword):
       #
-      #   # Schema: User(name:string, password_digest:string)
+      #   # Schema: User(name:string, password_digest:string, recovery_password_digest:string)
       #   class User < ActiveRecord::Base
       #     has_secure_password
+      #     has_secure_password :recovery_password, validations: false
       #   end
       #
       #   user = User.new(name: 'david', password: '', password_confirmation: 'nomatch')
@@ -48,11 +50,15 @@ module ActiveModel
       #   user.save                                                       # => false, confirmation doesn't match
       #   user.password_confirmation = 'mUc3m00RsqyRe'
       #   user.save                                                       # => true
+      #   user.recovery_password = "42password"
+      #   user.recovery_password_digest                                   # => "$2a$04$iOfhwahFymCs5weB3BNH/uXkTG65HR.qpW.bNhEjFP3ftli3o5DQC"
+      #   user.save                                                       # => true
       #   user.authenticate('notright')                                   # => false
       #   user.authenticate('mUc3m00RsqyRe')                              # => user
+      #   user.authenticate_recovery_password('42password')               # => user
       #   User.find_by(name: 'david').try(:authenticate, 'notright')      # => false
       #   User.find_by(name: 'david').try(:authenticate, 'mUc3m00RsqyRe') # => user
-      def has_secure_password(options = {})
+      def has_secure_password(attribute = :password, validations: true)
         # Load bcrypt gem only when has_secure_password is used.
         # This is to avoid ActiveModel (and by extension the entire framework)
         # being dependent on a binary library.
@@ -63,9 +69,9 @@ module ActiveModel
           raise
         end
 
-        include InstanceMethodsOnActivation
+        include InstanceMethodsOnActivation.new(attribute)
 
-        if options.fetch(:validations, true)
+        if validations
           include ActiveModel::Validations
 
           # This ensures the model has a password by checking whether the password_digest
@@ -73,56 +79,49 @@ module ActiveModel
           # when there is an error, the message is added to the password attribute instead
           # so that the error message will make sense to the end-user.
           validate do |record|
-            record.errors.add(:password, :blank) unless record.password_digest.present?
+            record.errors.add(attribute, :blank) unless record.send("#{attribute}_digest").present?
           end
 
-          validates_length_of :password, maximum: ActiveModel::SecurePassword::MAX_PASSWORD_LENGTH_ALLOWED
-          validates_confirmation_of :password, allow_blank: true
+          validates_length_of attribute, maximum: ActiveModel::SecurePassword::MAX_PASSWORD_LENGTH_ALLOWED
+          validates_confirmation_of attribute, allow_blank: true
         end
       end
     end
 
-    module InstanceMethodsOnActivation
-      # Returns +self+ if the password is correct, otherwise +false+.
-      #
-      #   class User < ActiveRecord::Base
-      #     has_secure_password validations: false
-      #   end
-      #
-      #   user = User.new(name: 'david', password: 'mUc3m00RsqyRe')
-      #   user.save
-      #   user.authenticate('notright')      # => false
-      #   user.authenticate('mUc3m00RsqyRe') # => user
-      def authenticate(unencrypted_password)
-        BCrypt::Password.new(password_digest).is_password?(unencrypted_password) && self
-      end
+    class InstanceMethodsOnActivation < Module
+      def initialize(attribute)
+        attr_reader attribute
+
+        define_method("#{attribute}=") do |unencrypted_password|
+          if unencrypted_password.nil?
+            self.send("#{attribute}_digest=", nil)
+          elsif !unencrypted_password.empty?
+            instance_variable_set("@#{attribute}", unencrypted_password)
+            cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
+            self.send("#{attribute}_digest=", BCrypt::Password.create(unencrypted_password, cost: cost))
+          end
+        end
 
-      attr_reader :password
+        define_method("#{attribute}_confirmation=") do |unencrypted_password|
+          instance_variable_set("@#{attribute}_confirmation", unencrypted_password)
+        end
 
-      # Encrypts the password into the +password_digest+ attribute, only if the
-      # new password is not empty.
-      #
-      #   class User < ActiveRecord::Base
-      #     has_secure_password validations: false
-      #   end
-      #
-      #   user = User.new
-      #   user.password = nil
-      #   user.password_digest # => nil
-      #   user.password = 'mUc3m00RsqyRe'
-      #   user.password_digest # => "$2a$10$4LEA7r4YmNHtvlAvHhsYAeZmk/xeUVtMTYqwIvYY76EW5GUqDiP4."
-      def password=(unencrypted_password)
-        if unencrypted_password.nil?
-          self.password_digest = nil
-        elsif !unencrypted_password.empty?
-          @password = unencrypted_password
-          cost = ActiveModel::SecurePassword.min_cost ? BCrypt::Engine::MIN_COST : BCrypt::Engine.cost
-          self.password_digest = BCrypt::Password.create(unencrypted_password, cost: cost)
+        # Returns +self+ if the password is correct, otherwise +false+.
+        #
+        #   class User < ActiveRecord::Base
+        #     has_secure_password validations: false
+        #   end
+        #
+        #   user = User.new(name: 'david', password: 'mUc3m00RsqyRe')
+        #   user.save
+        #   user.authenticate_password('notright')      # => false
+        #   user.authenticate_password('mUc3m00RsqyRe') # => user
+        define_method("authenticate_#{attribute}") do |unencrypted_password|
+          attribute_digest = send("#{attribute}_digest")
+          BCrypt::Password.new(attribute_digest).is_password?(unencrypted_password) && self
         end
-      end
 
-      def password_confirmation=(unencrypted_password)
-        @password_confirmation = unencrypted_password
+        alias_method :authenticate, :authenticate_password if attribute == :password
       end
     end
   end

data/lib/active_model/serialization.rb

@@ -150,7 +150,6 @@ module ActiveModel
     end
 
     private
-
       # Hook method defining how an attribute value should be retrieved for
       # serialization. By default this is assumed to be an instance named after
       # the attribute. Override this method in subclasses should you need to