Safeguarding the past, present and future of RISC OS for everyone
Account
News | Downloads | Bugs | Bounties | Forums | Library
You are currently browsing the Subversion repository.
Changesets can be listed by changeset number.
The Git repository is here.
  • Changesets
  • » Changeset 11

Changeset 11

Applied acts_as_authenticated patch described here:
http://www.ruby-forum.com/topic/71303

Archive obtained from:
http://clanwhiskey.net/bobfunk/rforum_modification.zip

Note that the patch is for RForum 0.2 but it is being applied to a
slightly newer version. The database migration step has had to be
renamed as a result, to 008_... instead of 005_..., since 005 to
007 are now used.

  • Comitted by: adh
  • Date: Saturday July 22 20:23:23 2006 (over 18 years ago)

Affected files:

  • Added rool/rails/rforum/trunk/db/migrate/008_acts_as_authenticated_modifications.rb
  • Updated rool/rails/rforum/trunk/app/models/user.rb (diff)
  • Updated rool/rails/rforum/trunk/test/fixtures/users/admin (diff)
  • Updated rool/rails/rforum/trunk/test/fixtures/users/sergej (diff)
  • Updated rool/rails/rforum/trunk/test/fixtures/users/user (diff)

rool/rails/rforum/trunk/app/models/user.rb:

prev.current 
1   require 'digest/md5'
  1 require 'digest/sha1'
require_dependency 'user_permissions'
class User < ActiveRecord::Base
... ...
# CLASS METHODS
# Find a user by user name and password.
22   def self.find_by_login(name, password)
  22 def self.find_by_login(name, unencrypted_password)
raise ArgumentError if name.nil?
24   raise ArgumentError if password.nil?
25   find_first ["name='%s' AND password='%s'", name, Digest::MD5.hexdigest(password)]
  24 raise ArgumentError if unencrypted_password.nil?
  25 # find_first ["name='%s' AND password='%s'", name, encrypt(password)]
  26 u = find_by_name(name)
  27 u && u.authenticated?(unencrypted_password) ? u : nil
end
def self.find_by_token(id, token)
... ...
return user
end
end
  40
  41 # Encrypts some data with the salt.
  42 def self.encrypt(password, salt)
  43 Digest::SHA1.hexdigest("--#{salt}--#{password}--")
  44 end
# CALLBACKS
... ...
self[attr] = self[attr].to_s.strip.squeeze(' ').chomp
end
50   self.surname.capitalize!
51   self.firstname.capitalize!
self.name.downcase!
self.email.downcase!
self.role = 'User'
@unencrypted_password = makepass
56   self.encrypt_password(@unencrypted_password)
  61 encrypt_stored_password
end
def validate_on_create
... ...
if (@new_password or self.password.nil?) and password.size < 3
errors.add 'new_password', :user_password_invalid
end
77  
  82
# nick cannot be changed
unless self.new_record?
old_record = User.find(self.id)
... ...
end
end
  116 def authenticated?(unencrypted_password)
  117 password == encrypt(unencrypted_password)
  118 end
  119
def encrypt_password(new_password)
112   self['password'] = Digest::MD5.hexdigest(new_password)
  121 self['password'] = self.class.encrypt(new_password, salt)
end
  124 # Encrypts the password with the user salt
  125 def encrypt(unencrypted_password)
  126 self.class.encrypt(unencrypted_password, salt)
  127 end
  128
def guest_email
nil
end
... ...
private
def new_security_token
self['security_token'] =
226   Digest::MD5.hexdigest(self['password'] + (Time.now.to_i.to_s) + rand.to_s)
  240 Digest::SHA1.hexdigest(self['password'] + (Time.now.to_i.to_s) + rand.to_s)
self.token_expiry = Time.at(Time.now.to_i + token_lifetime)
self.save
return self['security_token']
... ...
RForum::CONFIG[:security_token_life_hours] * 60 * 60
end
  250 def encrypt_stored_password
  251 return if @unencrypted_password.blank?
  252 self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{name}--") if new_record?
  253 self.password = encrypt(@unencrypted_password)
  254 end
end

rool/rails/rforum/trunk/test/fixtures/users/admin:

prev.current 
email => admin@example.com
firstname => Admin
surname => The Powerful
8   password => 0cc175b9c0f1b6a831c399e269772661
  8 password => 344a4827e06b9a5ae00b173a8ac2cc592d99aaa2
  9 salt => 513c4fd861eb14ab47e64638ef2a78401ec7bf82
role => Admin
receives_email => 0
sends_email => 0

rool/rails/rforum/trunk/test/fixtures/users/sergej:

prev.current 
email => sergej@example.com
firstname => Sergej
surname => Fährlich
8   password => 098f6bcd4621d373cade4e832627b4f6
  8 password => c405da7fe8dac702b860e8eee12bc83c0f8eef15
  9 salt => f744fbd2b056979c4be65d049708a53ac0880f65
role => User
receives_email => 0
sends_email => 1

rool/rails/rforum/trunk/test/fixtures/users/user:

prev.current 
email => user@example.com
firstname => Userus
surname => Vulgaris
8   password => 7b774effe4a349c6dd82ad4f4f21d34c
  8 password => caadabcf34f388a6ce98112e4a712bd035b17c09
  9 hash => 3ee94e9ee33def85dfd39083d887cfdad1e30110
role => User
receives_email => 1
sends_email => 0

Search tickets

Social

Follow us on and

ROOL Store

Buy RISC OS Open merchandise here, including SD cards for Raspberry Pi and more.

Donate! Why?

Help ROOL make things happen – please consider donating!

RISC OS IPR

RISC OS is an Open Source operating system owned by RISC OS Developments Ltd and licensed primarily under the Apache 2.0 license.

Options

  • Tickets
  • New ticket
  • Milestones
  • Subversion: Changesets
  • Subversion: Browse
  • CVS: Revisions
  • CVS: Browse
  • Search

RSS feeds Rss

  • Changesets
  • Everything!
  • More feeds...
Contact Us  |  About Us

The RISC OS Open Collaboa theme is distantly based on the Collaboa default layout
Site design © RISC OS Open Limited 2024 except where indicated

Hosted by Arachsys

Powered by Collaboa
This site runs on Rails