# == Schema Information## Table name: users## id

1. # == Schema Information
2. #
3. # Table name: users
4. #
5. # id | int(11) | NO | PRI | NULL | auto_increment |
6. # login | varchar(255) | YES | | NULL | |
7. # email | varchar(255) | YES | | NULL | |
8. # crypted_password | varchar(40) | YES | | NULL | |
9. # salt | varchar(40) | YES | | NULL | |
10. # created_at | datetime | YES | | NULL | |
11. # updated_at | datetime | YES | | NULL | |
12. # remember_token | varchar(255) | YES | | NULL | |
13. # remember_token_expires_at | datetime | YES | | NULL | |
14. # activated_at | datetime | YES | | NULL | |
15.  
16.  
17. require 'digest/sha1'
18. class User < ActiveRecord::Base
19.  
20. has_many :accounts
21.  
22. # Virtual attribute for the unencrypted password
23. attr_accessor :password
24.  
25. validates_presence_of :login, :email
26. validates_presence_of :password, :if => :password_required?
27. validates_presence_of :password_confirmation, :if => :password_required?
28.  
29. validates_length_of :password, :within => 4..40, :if => :password_required?
30. validates_length_of :login, :within => 3..40
31. validates_length_of :email, :within => 3..100
32.  
33. validates_confirmation_of :password, :if => :password_required?
34.  
35. validates_uniqueness_of :login, :email, :case_sensitive => false
36.  
37. before_save :encrypt_password
38. # before_create :make_activation_code
39. # prevents a user from submitting a crafted form that bypasses activation
40. # anything else you want your user to change should be added here.
41. attr_accessible :login, :email, :password, :password_confirmation
42.  
43. def active?
44. # the existence of an activation at means they have been activated
45. #puts self.activated_at
46. self.activated_at.nil? == false
47. end
48.  
49. # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
50. def self.authenticate(login, password)
51. u = find :first, :conditions => ['login = ?', login] # need to get the salt
52. u && u.authenticated?(password) ? u : nil
53. end
54.  
55. # Encrypts some data with the salt.
56. def self.encrypt(password, salt)
57. Digest::SHA1.hexdigest("--#{salt}--#{password}--")
58. end
59.  
60. # Encrypts the password with the user salt
61. def encrypt(password)
62. self.class.encrypt(password, salt)
63. end
64.  
65. def authenticated?(password)
66. crypted_password == encrypt(password)
67. end
68.  
69. def remember_token?
70. remember_token_expires_at && Time.now.utc < remember_token_expires_at
71. end
72.  
73. # These create and unset the fields required for remembering users between browser closes
74. def remember_me
75. remember_me_for 2.weeks
76. end
77.  
78. def remember_me_for(time)
79. remember_me_until time.from_now.utc
80. end
81.  
82. def remember_me_until(time)
83. self.remember_token_expires_at = time
84. self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
85. save(false)
86. end
87.  
88. def forget_me
89. self.remember_token_expires_at = nil
90. self.remember_token = nil
91. save(false)
92. end
93.  
94. # Returns true if the user has just been activated.
95. def recently_activated?
96. @activated
97. end
98.  
99. protected
100. # before filter
101. def encrypt_password
102. return if password.blank?
103. self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?
104. self.crypted_password = encrypt(password)
105. end
106.  
107. def password_required?
108. crypted_password.blank? || !password.blank?
109. end
110.  
111. end