Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #user_controller.rb
- class UserController < ApplicationController
- #def index
- #render :action=>:register
- #end
- def register
- @customer = Customer.new
- end
- def create
- @customer = Customer.new(params[:customer])
- if @customer.save
- flash[:notice] = 'Customer was successfully created.'
- redirect_to "/list"
- else
- render :action => 'register'
- end
- end
- def login
- session[:user_id]=nil
- user = Customer.login(params[:email],params[:password])
- if user
- session[:user_id]=user.id
- session[:user_email]=user.email
- redirect_to(:controller=>:list)
- else
- flash[:notice]="Invalid user/password combination"
- end
- end
- end
- #customer.rb
- def password
- @password
- end
- def password=(pwd)
- @password=pwd
- create_new_salt
- self.hashed_password = User.encrypted_password(self.password, self.salt)
- end
- def self.login(email, password)
- user = self.find_by_email(email) #can do a find_by_whatevercolumn
- if user
- expected_password = encrypted_password(password, user.salt)
- if user.hashed_password != expected_password
- user=nil
- end
- end
- user
- end
- private
- def create_new_salt
- self.salt = self.object_id.to_s rand.to_s
- end
- def self.encrypted_password(password, salt)
- string_to_hash = password "arg0drulz" salt
- Digest::SHA1.hexdigest(string_to_hash)
- end
- #welcome -> index.rhtml
- <%= start_form_tag({:controller=>"user", :action=>"login"}) %>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement