A: 

I would do it this way, add accessors old_password, reset_password (boolean that we set to true when reseting password):

attr_accessor :old_password, :reset_password

Now, we need to validate the old password when updating, but not reseting:

validate :old_password_valid, :unless => [:reset_password]

def old_password_valid
  errors.add(:old_password, "You must introduce your password") if !new_record? && !valid_password?(old_password)
end

So far, we've validated that the old password is valid when the user is updating their profile.

Now, to ask for the new password or not, Authlogic adds a method 'require_password?' to your user model, you have to override it. I did this way:

def require_password?
  password_changed? || (crypted_password.blank? && !new_record?) || reset_password
end

Basically asks for the password (and confirmation) when: 1) User updating password, 2) User activating their account (so they still haven't got a password), 3) user resetting password.

Hope this helps.

jordinl  2010-08-28 10:52:46
I'm not sure where I'm supposed to put this code... I placed the attr_accessors in the user.rb, and I placed the rest of the code in the UsersController, but when I do that, it says undefined method for validate when I go to the registration page (I haven't tried to update the user). So I moved the code into the user.rb and it no longer gives the undefined error, but it asks for an Old Password when I try to register. Can you tell me more precisely where this code goes?
Felix Solis  2010-08-31 21:12:22
The could should all be in user.rbThe problem with the old password might be caused because I wrote:'validate :old_password_valid, :on => [:update], :unless => [:reset_password]' when it should be:'validate :old_password_valid, :on => :update, :unless => [:reset_password]'
jordinl  2010-09-02 13:06:41
oops, wrote could instead of code...
jordinl  2010-09-02 13:15:49
I'm afraid it's still not working. It continues to ask for an Old Password when I try to register a new account.
Felix Solis  2010-09-02 21:51:11
can you create a gist with the code in your user.rb and share it?
jordinl  2010-09-03 09:02:30
I edited the page above with the user.rb code. I tried it with and without require_password_confirmation = false
Felix Solis  2010-09-04 02:09:29
you don't need this... I've edited my code, it seems to work fine.
jordinl  2010-09-05 17:58:19

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.