require 'digest/sha1'class User < ActiveRecord::Base # Virtual attribute fo

1. require 'digest/sha1'
2. class User < ActiveRecord::Base
3. # Virtual attribute for the unencrypted password
4. attr_accessor :password
5.  
6. validates_presence_of :login, :email
7. validates_presence_of :password, :if => :password_required?
8. validates_presence_of :password_confirmation, :if => :password_required?
9. validates_length_of :password, :within => 4..40, :if => :password_required?
10. validates_confirmation_of :password, :if => :password_required?
11. validates_length_of :login, :within => 3..40
12. validates_length_of :email, :within => 6..100
13. validates_uniqueness_of :login, :email, :case_sensitive => false
14. validates_format_of :email, :with => /(^([^@\s]+)@((?:[-_a-z0-9]+\.)+[a-z]{2,})$)|(^$)/i
15.  
16. has_many :permissions
17. has_many :roles, :through => :permissions
18.  
19. before_save :encrypt_password
20. before_create :make_activation_code
21.  
22. # prevents a user from submitting a crafted form that bypasses activation
23. # anything else you want your user to change should be added here.
24. attr_accessible :login, :email, :password, :password_confirmation
25.  
26. class ActivationCodeNotFound < StandardError; end
27. class AlreadyActivated < StandardError
28. attr_reader :user, :message;
29. def initialize(user, message=nil)
30. @message, @user = message, user
31. end
32. end
33.  
34. # Finds the user with the corresponding activation code, activates their account and returns the user.
35. #
36. # Raises:
37. # +User::ActivationCodeNotFound+ if there is no user with the corresponding activation code
38. # +User::AlreadyActivated+ if the user with the corresponding activation code has already activated their account
39. def self.find_and_activate!(activation_code)
40. raise ArgumentError if activation_code.nil?
41. user = find_by_activation_code(activation_code)
42. raise ActivationCodeNotFound if !user
43. raise AlreadyActivated.new(user) if user.active?
44. user.send(:activate!)
45. user
46. end
47.  
48. def active?
49. # the existence of an activation code means they have not activated yet
50. activation_code.nil?
51. end
52.  
53. # Returns true if the user has just been activated.
54. def pending?
55. @activated
56. end
57.  
58. # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
59. # Updated 2/20/08
60. def self.authenticate(login, password)
61. u = find :first, :conditions => ['login = ?', login] # need to get the salt
62. u && u.authenticated?(password) ? u : nil
63. end
64.  
65. # Encrypts some data with the salt.
66. def self.encrypt(password, salt)
67. Digest::SHA1.hexdigest("--#{salt}--#{password}--")
68. end
69.  
70. # Encrypts the password with the user salt
71. def encrypt(password)
72. self.class.encrypt(password, salt)
73. end
74.  
75. def authenticated?(password)
76. crypted_password == encrypt(password)
77. end
78.  
79. def remember_token?
80. remember_token_expires_at && Time.now.utc < remember_token_expires_at
81. end
82.  
83. # These create and unset the fields required for remembering users between browser closes
84. def remember_me
85. remember_me_for 2.weeks
86. end
87.  
88. def remember_me_for(time)
89. remember_me_until time.from_now.utc
90. end
91.  
92. def remember_me_until(time)
93. self.remember_token_expires_at = time
94. self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
95. save(false)
96. end
97.  
98. def forget_me
99. self.remember_token_expires_at = nil
100. self.remember_token = nil
101. save(false)
102. end
103.  
104. def forgot_password
105. @forgotten_password = true
106. self.make_password_reset_code
107. end
108.  
109. def reset_password
110. # First update the password_reset_code before setting the
111. # reset_password flag to avoid duplicate email notifications.
112. update_attribute(:password_reset_code, nil)
113. @reset_password = true
114. end
115.  
116. #used in user_observer
117. def recently_forgot_password?
118. @forgotten_password
119. end
120.  
121. def recently_reset_password?
122. @reset_password
123. end
124.  
125. def self.find_for_forget(email)
126. find :first, :conditions => ['email = ? and activation_code IS NULL', email]
127. end
128.  
129. def has_role?(rolename)
130. self.roles.find_by_rolename(rolename) ? true : false
131. end
132.  
133.  
134. protected
135.  
136. # before filter
137. def encrypt_password
138. return if password.blank?
139. self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?
140. self.crypted_password = encrypt(password)
141. end
142.  
143. def password_required?
144. crypted_password.blank? || !password.blank?
145. end
146.  
147. def make_activation_code
148. self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
149. end
150.  
151. def make_password_reset_code
152. self.password_reset_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
153. end
154.  
155. private
156.  
157. def activate!
158. @activated = true
159. self.update_attribute(:activated_at, Time.now.utc)
160. self.update_attribute(:activation_code, nil)
161. end
162.  
163. end