Untitled

## create_users.rb

class CreateUsers < ActiveRecord::Migration
  def self.up
    create_table :users do |t|
      t.column :email_address, :string, :null => false
      t.column :hashed_password, :string, :null => false
      t.column :screen_name, :string, :limit => 20, :null => false
      t.column :real_name, :string, :limit => 50
      t.column :salt, :string, :null => false
    end
  end

  def self.down
    drop_table :users
  end
end

## User Modle

require 'digest/sha1'

class User < ActiveRecord::Base

  attr_accessor :password
  attr_accessor :password_confirmation
  message_order = "new, created_on ASC"
  #has_many :messages, :class_name => 'Message', :foreign_key =>  'author_id'
  validates_presence_of :email_address, :screen_name, :real_name
  validates_uniqueness_of :email_address
  validates_length_of :screen_name, :maximum => 20
  validates_length_of :real_name, :maximum => 50
  validates_length_of :password, :within => 5..25
  validates_confirmation_of :password, :message => "did not match the confirmation"
  validates_format_of :email_address, :with => /^[a-zA-Z][\w\.-]*[a-zA-Z0-9]@[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$/


  def after_validation_on_create
    return false unless self.password
    create_salt
    self.hashed_password = User.encrypt_password(self.password, self.salt)
    #self.password, self.password_confirmation = nil
  end

  def self.login(email_address, password)
    user = self.find_by_email_address(email_address)
    unless user && (User.encrypt_password(password, user.salt) == user.hashed_password)
      user = nil
    end
    user
  end

  def mailbox
    MailBox.new(self)
  end

  def is_authorized?
    !self.is_guest?
  end

  def is_guest?
    self.new_record?
  end

  private
  def create_salt
    self.salt = self.object_id.to_s   rand.to_s
  end

  def self.encrypt_password(password, salt)
    string_to_hash = password   "blync"   salt
    Digest::SHA1.hexdigest(string_to_hash)
  end

  def set_session_key

  end
end