Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## Session controller
- def log_in
- if request.post?
- user = User.find_by_username(params[:user][:username])
- if user.blank? or (User.hash_password(params[:user][:password]) != user.password_hash)
- redirect_to login_url
- else
- session[:user] = user.id
- end
- end
- end
- def log_out
- session[:user] = nil
- end
- ## User model
- require 'digest/sha1'
- class User < ActiveRecord::Base
- attr_reader :password
- def before_save
- password = self.class.hash_password(password)
- end
- class << self
- def hash_password(password)
- Digest::SHA1.hexdigest(password + "some random salt string")
- end
- end
- end
Add Comment
Please, Sign In to add comment