Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class HomeController < ApplicationController
- layout "main"
- before_filter :config, :except => [:login, :login_auth]
- def index
- @xs_menu_item_name = "home"
- @xs_menu_subitem_name = ""
- end
- def login
- if session[:user] != nil
- redirect_to :action => "index"
- else
- render :layout => false
- end
- end
- verify :method => :post, :only => [ :login_auth ],
- :redirect_to => { :action => :index }
- def login_auth
- login = Users.authenticate(params[:home][:username],params[:home][:password])
- if login != false
- session[:user] = login
- redirect_to :action => "index"
- else
- session[:user] = nil
- flash[:error] = "<div class='error'><strong>KLAIDA:</strong> Prisijungti Nepavyko</div>"
- render :action => 'login',:layout => false
- end
- end
- def logout
- session[:user] = nil
- redirect_to :action => "login"
- end
- protected
- def config
- @page_title = "Namai"
- if (session[:user] == nil)
- redirect_to :controller => "home", :action => "login"
- end
- end
- end
- def self.authenticate(username, pass)
- user = find(:first, :conditions => ['username = ?',username])
- if Password::check(pass,user.h_password)
- user
- else
- return false
- end
- end
- protected
- # Hash the password before saving the record
- def before_save
- self.h_password = Password::update(self.password)
- end
- require 'digest/sha2'
- module Password
- def Password.update(password)
- salt = self.salt
- hash = self.hash(password,salt)
- self.store(hash, salt)
- end
- def Password.check(password, store)
- hash = self.get_hash(store)
- salt = self.get_salt(store)
- if self.hash(password,salt) == hash
- true
- else
- false
- end
- end
- protected
- def Password.salt
- salt = ''
- 64.times { salt << (i = Kernel.rand(62); i += ((i < 10) ? 48 : ((i < 36) ? 55 : 61 ))).chr }
- salt
- end
- def Password.hash(password,salt)
- Digest::SHA512.hexdigest("#{password}:#{salt}")
- end
- def Password.store(hash, salt)
- hash + salt
- end
- def Password.get_hash(store)
- store[0..127]
- end
- def Password.get_salt(store)
- store[128..192]
- end
- end
Add Comment
Please, Sign In to add comment