From af54fc5586f00bbb82063f5110801ef08ad9ff39 Mon Sep 17 00:00:00 2001
From: Guillermo Iguaran <guilleiguaran@gmail.com>
Date: Sat, 3 Sep 2011 00:05:37 -0500
Subject: [PATCH 1/2] Add bcrypt-ruby to Gemfile template

---
 railties/lib/rails/generators/rails/app/templates/Gemfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/railties/lib/rails/generators/rails/app/templates/Gemfile b/railties/lib/rails/generators/rails/app/templates/Gemfile
index c83e7ddf80..910cd16950 100644
--- a/railties/lib/rails/generators/rails/app/templates/Gemfile
+++ b/railties/lib/rails/generators/rails/app/templates/Gemfile
@@ -10,6 +10,9 @@ source 'http://rubygems.org'
 <%= assets_gemfile_entry %>
 <%= javascript_gemfile_entry %>
 
+# To use ActiveModel has_secure_password
+# gem 'bcrypt-ruby', '~> 3.0.0'
+
 # Use unicorn as the web server
 # gem 'unicorn'
 

From 9b02f3f41f9be96bcc61222a8dcd197c1a2edf79 Mon Sep 17 00:00:00 2001
From: Guillermo Iguaran <guilleiguaran@gmail.com>
Date: Sat, 3 Sep 2011 00:27:07 -0500
Subject: [PATCH 2/2] Add comments about bcrypt-ruby gem to SecurePassword

---
 activemodel/lib/active_model/secure_password.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/activemodel/lib/active_model/secure_password.rb b/activemodel/lib/active_model/secure_password.rb
index a73276199a..7a109d9a52 100644
--- a/activemodel/lib/active_model/secure_password.rb
+++ b/activemodel/lib/active_model/secure_password.rb
@@ -10,6 +10,10 @@ module ActiveModel
       # a "password_confirmation" attribute) are automatically added.
       # You can add more validations by hand if need be.
       #
+      # You need to add bcrypt-ruby (~> 3.0.0) to Gemfile to use has_secure_password:
+      #
+      #   gem 'bcrypt-ruby', '~> 3.0.0'
+      #
       # Example using Active Record (which automatically includes ActiveModel::SecurePassword):
       #
       #   # Schema: User(name:string, password_digest:string)
@@ -28,6 +32,8 @@ module ActiveModel
       #   User.find_by_name("david").try(:authenticate, "notright")      # => nil
       #   User.find_by_name("david").try(:authenticate, "mUc3m00RsqyRe") # => user
       def has_secure_password
+        # Load bcrypt-ruby only when has_secured_password is used to avoid make ActiveModel
+        # (and by extension the entire framework) dependent on a binary library.
         gem 'bcrypt-ruby', '~> 3.0.0'
         require 'bcrypt'