search

michaelbanfield / devise-pwned_password

Devise extension that checks user passwords against the PwnedPasswords dataset
https://rubygems.org/gems/devise-pwned_password
MIT License
156 stars 29 forks source link

Allow error message to be customised #5

Closed damonmorgan closed 6 years ago

damonmorgan commented 6 years ago

Unfortunately I couldn't find a way for devise extensions to define a default message if the message hasn't been added to the locales file

pfigel commented 6 years ago

You can add a locales/en.yml file with the default message and add it to the I18n load path via I18n.load_path.unshift. Here's an example from devise_zxcvbn. Hope this helps!

michaelbanfield commented 6 years ago

Thanks for this.

Let me know if im missing something but when I tested this locally with active admin the word "Password" is not prefixed. I'm guessing this is something framework specific but I'll probably change this message back to the original before releasing a new Rubygems version.

damonmorgan commented 6 years ago

I suspect active admin is doing something to change the default behaviour of devise.

The default rendering of devise_error_messages! in the view outputs errors.full_messages https://github.com/plataformatec/devise/blob/master/app/helpers/devise_helper.rb#L10

The error object on the model is an ActiveModel::Errors object and the default behaviour of that is to concatenate the attribute name with the message https://github.com/rails/rails/blob/0951306ca5edbaec10edf3440d5ba11062a4f2e5/activemodel/lib/active_model/errors.rb#L354

Hence the formatting of the error messages in the default devise locale file to omit the attribute name https://github.com/plataformatec/devise/blob/master/config/locales/en.yml#L56