Changesets can be listed by changeset number.
The Git repository is here.
- Revision:
- 98
- Log:
Initial import of Hub, an account management application.
- Author:
- adh
- Date:
- Thu Oct 19 15:18:43 +0100 2006
- Size:
- 4063 Bytes
1 | require 'digest/sha1' |
2 | |
3 | class User < ActiveRecord::Base |
4 | belongs_to :member |
5 | before_create :make_activation_code |
6 | |
7 | # Virtual attribute for the unencrypted password |
8 | attr_accessor :password |
9 | |
10 | # Stop mass-assignment of the User model when we do something like |
11 | # "@user = User.new(params[:user])" in the Controller. Someone could |
12 | # build a form which submitted any value for all columns in the User |
13 | # table without this - e.g. they could assign "admin" to "roles". |
14 | # The line below states which attributes are accessible to mass |
15 | # assignment - everything else must be explicitly assigned. |
16 | attr_accessible :email, :real_name, :password, :password_confirmation |
17 | |
18 | validates_presence_of :email, :real_name |
19 | validates_presence_of :password, :if => :password_required? |
20 | validates_presence_of :password_confirmation, :if => :password_required? |
21 | validates_length_of :password, :within => 4..40, :if => :password_required? |
22 | validates_confirmation_of :password, :if => :password_required? |
23 | validates_length_of :email, :within => 3..200 |
24 | validates_length_of :real_name, :within => 3..200 |
25 | validates_uniqueness_of :email, :case_sensitive => false |
26 | before_save :encrypt_password |
27 | |
28 | # Authenticates a user by e-mail address and unencrypted password. Returns the user or nil. |
29 | def self.authenticate(email, password) |
30 | # hide records with a nil activated_at |
31 | u = find :first, :conditions => ['email = ? and activated_at IS NOT NULL', email] |
32 | u && u.authenticated?(password) ? u : nil |
33 | end |
34 | |
35 | # Encrypts some data with the salt. |
36 | def self.encrypt(password, salt) |
37 | Digest::SHA1.hexdigest("--#{salt}--#{password}--") |
38 | end |
39 | |
40 | # Encrypts the password with the user salt |
41 | def encrypt(password) |
42 | self.class.encrypt(password, salt) |
43 | end |
44 | |
45 | def authenticated?(password) |
46 | crypted_password == encrypt(password) |
47 | end |
48 | |
49 | def remember_token? |
50 | remember_token_expires_at && Time.now.utc < remember_token_expires_at |
51 | end |
52 | |
53 | # These create and unset the fields required for remembering users between browser closes |
54 | def remember_me |
55 | self.remember_token_expires_at = 2.weeks.from_now.utc |
56 | self.remember_token = encrypt("#{email}--#{remember_token_expires_at}") |
57 | save(false) |
58 | end |
59 | |
60 | def forget_me |
61 | self.remember_token_expires_at = nil |
62 | self.remember_token = nil |
63 | save(false) |
64 | end |
65 | |
66 | # Activates the user in the database. |
67 | def activate |
68 | @activated = true |
69 | self.activated_at = Time.now.utc |
70 | self.activation_code = nil |
71 | save(false) |
72 | end |
73 | |
74 | # Returns true if the user has just been activated. |
75 | def recently_activated? |
76 | @activated |
77 | end |
78 | |
79 | # Deal with forgotten passwords |
80 | def forgot_password |
81 | self.password_reset_code_expires_at = (Time.now.utc) + RESET_TIME_LIMIT |
82 | self.make_password_reset_code |
83 | save(false) |
84 | @forgotten_password = true |
85 | end |
86 | |
87 | def reset_password |
88 | # First update the password_reset_code before setting the |
89 | # reset_password flag to avoid duplicate email notifications. |
90 | self.password_reset_code_expires_at = nil |
91 | self.password_reset_code = nil |
92 | save(false) |
93 | @reset_password = true |
94 | end |
95 | |
96 | def recently_reset_password? |
97 | @reset_password |
98 | end |
99 | |
100 | def recently_forgot_password? |
101 | @forgotten_password |
102 | end |
103 | |
104 | protected |
105 | # before filter |
106 | def encrypt_password |
107 | return if password.blank? |
108 | self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{email}--") if new_record? |
109 | self.crypted_password = encrypt(password) |
110 | end |
111 | |
112 | def password_required? |
113 | crypted_password.blank? || !password.blank? |
114 | end |
115 | |
116 | # Create a user activation code for activation e-mail messages |
117 | def make_activation_code |
118 | self.activation_code = Digest::SHA1.hexdigest(Time.now.to_s.split(//).sort_by {rand}.join) |
119 | end |
120 | |
121 | # Make a password reset code for users who've forgotten their password |
122 | def make_password_reset_code |
123 | self.password_reset_code = Digest::SHA1.hexdigest(Time.now.to_s.split(//).sort_by {rand}.join) |
124 | end |
125 | end |