root/vendor/acts_as_authenticated/generators/authenticated/templates/model.rb

Revision 2, 2.1 kB (checked in by falcon, 17 years ago)

added plugins
  • Property svn:executable set to *
Line 
1require 'digest/sha1'
2class <%= class_name %> < ActiveRecord::Base
3  # Virtual attribute for the unencrypted password
4  attr_accessor :password
5
6  validates_presence_of     :login, :email
7  validates_presence_of     :password,                   :if => :password_required?
8  validates_presence_of     :password_confirmation,      :if => :password_required?
9  validates_length_of       :password, :within => 4..40, :if => :password_required?
10  validates_confirmation_of :password,                   :if => :password_required?
11  validates_length_of       :login,    :within => 3..40
12  validates_length_of       :email,    :within => 3..100
13  validates_uniqueness_of   :login, :email, :case_sensitive => false
14  before_save :encrypt_password
15
16  # Authenticates a user by their login name and unencrypted password.  Returns the user or nil.
17  def self.authenticate(login, password)
18    u = find_by_login(login) # need to get the salt
19    u && u.authenticated?(password) ? u : nil
20  end
21
22  # Encrypts some data with the salt.
23  def self.encrypt(password, salt)
24    Digest::SHA1.hexdigest("--#{salt}--#{password}--")
25  end
26
27  # Encrypts the password with the user salt
28  def encrypt(password)
29    self.class.encrypt(password, salt)
30  end
31
32  def authenticated?(password)
33    crypted_password == encrypt(password)
34  end
35
36  def remember_token?
37    remember_token_expires_at && Time.now.utc < remember_token_expires_at
38  end
39
40  # These create and unset the fields required for remembering users between browser closes
41  def remember_me
42    self.remember_token_expires_at = 2.weeks.from_now.utc
43    self.remember_token            = encrypt("#{email}--#{remember_token_expires_at}")
44    save(false)
45  end
46
47  def forget_me
48    self.remember_token_expires_at = nil
49    self.remember_token            = nil
50    save(false)
51  end
52
53  protected
54    # before filter
55    def encrypt_password
56      return if password.blank?
57      self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?
58      self.crypted_password = encrypt(password)
59    end
60   
61    def password_required?
62      crypted_password.blank? || !password.blank?
63    end
64end
Note: See TracBrowser for help on using the browser.