password_digest, has_secret_password and form validations in RoR 3.1

If you haven't seen it yet, have a look at the latest railscast authenticatio开发者_如何学JAVAn in rails 3.1. He uses password_digest:string when generating the model and adds has_secret_password to the User model. He also adds some accessible_attributes, :password and :password_confirmation.

By using validates_confirmation_of :password we can make sure the password is confirmed before creating an instance. If I leave the password fields empty in my form I get this error message:

ruby-1.9.2-p180 :024 > u = User.new
 => #<User id: nil, name: nil, email: nil, password_digest: nil, created_at: nil, updated_at: nil> 
ruby-1.9.2-p180 :027 > u.save
   (0.4ms)  SELECT 1 FROM "users" WHERE "users"."email" = '' LIMIT 1
 => false 
ruby-1.9.2-p180 :028 > u.errors.full_messages
 => ["Password digest can't be blank"]

Of course we don't want to call the password field "Password digest" when communicating with our users. How do I change this error message?

Bonus question

When using validates_confirmation_of and using mismatching passwords I get two error messages telling me about it, and only the :password label and input tags are surrounded with fields_with_errors divs. If the passwords don't match I want to also highlight the password_confirmation input, if possible remove it altogether from the password part.

Should I write my own method for checking password confirmation? If so, could you provide some small guidelines?

The official way to solve this is to add the following to your locale file:

en:
  activerecord:
    attributes:
      user:
        password_digest: 'Password'

The English locale file is located at config/locales/en.yml. You may have to restart your server for the changes to be loaded in your environment.

To get rid of password_digest message, you can modify the view:

<% @user.errors.messages.delete(:password_digest) -%>

You could override the human_attribute_name method and set your own humanized version of the password_digest attribute. Try something like this:

HUMANIZED_ATTRIBUTES = {
  :password_digest => "Password"
}

def self.human_attribute_name(attr, options={})
  HUMANIZED_ATTRIBUTES[attr.to_sym] || super
end

Then your error should look like this: "Password can't be blank"