has_secure_password takes an attribute

For many years has_secure_password only allowed a default password attribute. But now you can stash whatever you want in there.

Source code

• Allows configurable attribute name for #has_secure_password. This
  still defaults to an attribute named ‘password’, causing no breaking
  change. Also includes a convenience method #<strong><span style="color:#008000;">regenerate_XXX</span></strong> where
  +XXX+ is the name of the custom attribute name, eg:

class User < ActiveRecord::Base
has_secure_password :activation_token, validations: false
end

user = User.new()
user.regenerate_activation_token
user.activation_token # => “ME7abXFGvzZWJRVrD6Et0YqAS6Pg2eDo”
user.activation_token_digest # => “$2a$10$0Budk0Fi/k2CDm2PEwa3Be…”

The existing #authenticate method now allows specifying the attribute
to be authenticated, but defaults to ‘password’, eg:

user.authenticate(‘ME7abXFGvzZWJRVrD6Et0YqAS6Pg2eDo’, :activation_token) # => user