Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class ApplicationController < ActionController::Base
- # Pick a unique cookie name to distinguish our session data from others'
- session :session_key => '_aesolutions_session_id'
- # Ensure all users are authenticated
- before_filter :check_authentication
- user_id = session[:user]
- @user = User.find(user_id)
- def check_authentication
- unless session[:user]
- session[:intended_action] = action_name
- session[:intended_controller] = controller_name
- redirect_to :action => "signin", :controller => "user"
- end
- end
- end
- class UserController < ApplicationController
- before_filter :check_authentication, :except => [:signin]
- # Allows a user to log in.
- def signin
- if request.post?
- begin
- session[:user] = User.authenticate(params[:username], params[:password]).id
- redirect_to :action => 'list', :controller => 'companies'
- # redirect_to :action => session[:intended_action],
- # :controller => session[:intended_controller]
- rescue
- flash[:error] = "Username or password invalid."
- end
- end
- end
- # Logs a user out.
- def signout
- session[:user] = nil
- redirect_to login_url
- end
- end
- require 'digest/sha2'
- class User < ActiveRecord::Base
- validates_uniqueness_of :username => '- that username already exists.'
- def self.authenticate(username, password)
- user = User.find(:first, :conditions => ['username = ?', username])
- if user.blank? ||
- Digest::SHA256.hexdigest(password + user.password_salt) != user.password_hash
- raise "Username or password invalid"
- end
- user
- end
- def password=(pass)
- salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp
- self.password_salt, self.password_hash =
- salt, Digest::SHA256.hexdigest(pass + salt)
- end
- end
- For my application controller:
- user_id = session[:user]
- @user = User.find(user_id)
- The first line causes:
- Symbol as array index
- ./script/../config/../app/controllers/application.rb:11:in `[]'
Add Comment
Please, Sign In to add comment