Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Login method
- def login
- session[:user_id] = nil
- if request.post?
- user = User.authenticate(params[:email], params[:password])
- if user
- session[:user_id] = user.id
- User.last_login = Time.now()
- redirect_to(:action => "index")
- else
- flash[:notice] = "Invalid user/password combination"
- end
- end
- end
- #which calls authenticate method in User class
- def self.authenticate(email, password)
- user = self.find_by_email(email)
- if user
- expected_password = encrypted_password(password, user.salt)
- if user.password != expected_password
- user = nil
- end
- end
- user
- end
- #Which uses encrypted_password() function
- def self.encrypted_password(password, salt)
- string_to_hash = password + "junk" + salt
- Digest::SHA1.hexdigest(string_to_hash)
- end
Add Comment
Please, Sign In to add comment