Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class User
- include Dynamoid::Document
- attr_reader :password
- attr_accessor :password_confirmation
- field :username
- field :email_address
- field :password_hash
- field :first_name
- field :last_name
- field :time_zone_utc_offset_minutes, :integer, :default => 0
- field :active, :integer, :default => 0
- field :is_superuser, :integer, :default => 0
- field :can_manage_members, :integer, :default => 0
- field :can_manage_users, :integer, :default => 0
- before_validation :normalize_case
- before_save :validate_email_address
- # validates_uniqueness_of :username, :email_address
- validates_presence_of :first_name, :last_name, :username, :email_address
- validates_presence_of :password, :on => :create
- validates_confirmation_of :password, :on => :save
- def self.list
- where(:active => 1).order([ :last_name, :first_name ])
- end
- def password=(val)
- @password = val
- self.password_hash = self.class.hash_password(val) unless val.blank?
- end
- def validate_email_address
- self.class.valid_email_address?(self.email_address)
- end
- def normalize_case
- self.email_address = self.email_address.downcase rescue nil
- end
- def self.salt_length ; 16 ; end
- def self.salt_chars ; (('a'..'f').to_a).concat(('0'..'9').to_a) ; end
- def self.hash_password(val, salt = '')
- require 'digest/sha1'
- # create the salt if we need to
- if salt.length != salt_length
- salt = ''
- salt_length.times do
- salt << salt_chars[rand(salt_chars.length)]
- end
- end
- # now, let the hashing begin
- digest = Digest::SHA1.new
- digest << salt << val.strip
- salt << digest.hexdigest
- end
- # returns a User or an error code string
- def self.authenticate(username, password)
- test = where(:username => username).first || where(:email_address => username).first
- return 'not found' unless test
- test.reload
- return 'not active' unless test.active == 1 && test.password_hash
- if test.password_hash == hash_password(password, test.password_hash[0,salt_length])
- test
- else
- 'invalid password'
- end
- end
- # Determines whether the input string is a valid email address per RFC specification
- def self.valid_email_address?(addr, perform_mx_lookup = false)
- valid = !(addr.to_s =~ /\A([\w\d]+(?:[\w\d\!\#\$\%\&\*\+\-\/\=\?\^\`\{\|\}\~\.]*[\w\d]+)*)@((?:[\w\d]+\.)+[\w]{2,})\z/).nil?
- user, host = $1, $2
- if perform_mx_lookup
- begin
- require 'net/dns/resolver'
- res = Net::DNS::Resolver.new
- valid = valid && res.mx(host).size > 0
- rescue Exception => e
- puts e.to_s
- end
- end
- valid
- end
- end
Add Comment
Please, Sign In to add comment