gistfile1.txt

# Problem #1
# If x == y is true, shouldn't y == x always be true as well?

ree-1.8.7-2010.02 > u = User.new :email => "[email protected]", :password => "test", :password_confirmation => "test"
 => #<User @id=nil @email="[email protected]" @password="$2a$10$PkBdp9e1Yk9nCSliPrdNB.5fKoMeQaMZt5MchV.DhzaP94rkdHQ6m"> 

ree-1.8.7-2010.02 > u.password == u.password_confirmation
 => true 

ree-1.8.7-2010.02 > u.password_confirmation == u.password
 => false

ree-1.8.7-2010.02 > u.valid?
 => true 

# Problem #2
# Shouldn't this be valid?

ree-1.8.7-2010.02 > u = User.new :email => "[email protected]", :password => "test"
 => #<User @id=nil @email="[email protected]" @password="$2a$10$IIZ5adIT2kF8h506ejAysetBpbaeVJGYXeAYr1x2vKRqS2PSOJuD2">
 
ree-1.8.7-2010.02 > u.password_confirmation = u.password
 => "$2a$10$IIZ5adIT2kF8h506ejAysetBpbaeVJGYXeAYr1x2vKRqS2PSOJuD2" 

ree-1.8.7-2010.02 > u.password.class
 => BCrypt::Password 

ree-1.8.7-2010.02 > u.password
 => "$2a$10$IIZ5adIT2kF8h506ejAysetBpbaeVJGYXeAYr1x2vKRqS2PSOJuD2" 

ree-1.8.7-2010.02 > u.password_confirmation.class
 => BCrypt::Password 

ree-1.8.7-2010.02 > u.password_confirmation
 => "$2a$10$IIZ5adIT2kF8h506ejAysetBpbaeVJGYXeAYr1x2vKRqS2PSOJuD2" 

ree-1.8.7-2010.02 > u.valid?
 => false 

user.rb

class User
  include DataMapper::Resource
  property :id, Serial

  property :email,         String, :required => true, :unique => true
  property :password,      BCryptHash, :required => true

  attr_accessor :password_confirmation

  validates_confirmation_of :password, :if => :password_changed?

  def password_changed?
    new? or dirty_attributes.has_key?(:password)
  end

  def self.authenticate(username, password)
    return nil unless (user = first(:username => username))
    user.password == password ? user : nil
  end
end