Switch has_secure_token to before_save.

Adding `if` and `unless` support doesn't bode well if the callback to assign a token only runs on create. Switch to `before_save`, but keep the conditional so that no token already assigned is overriden.
2022-11-09 12:12:34 -05:00 · 2016-01-09 23:21:18 +01:00 · 2016-01-09 23:21:18 +01:00 · a3ab6ad008
commit a3ab6ad008
parent 62abae9172
1 changed files with 4 additions and 3 deletions
--- a/activerecord/lib/active_record/secure_token.rb
+++ b/activerecord/lib/active_record/secure_token.rb
@ -41,13 +41,14 @@ module ActiveRecord
      # Note that it's still possible to generate a race condition in the database in the same way that
      # {validates_uniqueness_of}[rdoc-ref:Validations::ClassMethods#validates_uniqueness_of] can.
      # You're encouraged to add a unique index in the database to deal with this even more unlikely scenario.
-      def has_secure_token(attribute = :token, **before_create_options)
+      def has_secure_token(attribute = :token, **before_save_options)
        # Load securerandom only when has_secure_token is used.
        require 'active_support/core_ext/securerandom'
        define_method("regenerate_#{attribute}") { update! attribute => self.class.generate_unique_secure_token }
-        before_create(before_create_options) do
+
-          self.send("#{attribute}=", self.class.generate_unique_secure_token) unless self.send("#{attribute}?")
+        before_save(before_save_options) do
          send("#{attribute}=", self.class.generate_unique_secure_token) unless send("#{attribute}?")
        end
      end