Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class User < ActiveRecord::Base
- attr_accessor :password
- attr_accessible :name, :email, :password, :password_confirmation
- email_regex = /\A[\w+\-.]+@[a-zA-Z\d\-.]+\.[a-z]+\z/i
- validates :name, :presence => true,
- :length => { :maximum => 50 }
- validates :email, :presence => true,
- :format => { :with=> email_regex },
- :uniqueness => { :case_sensitive => false }
- validates :password, :presence => true,
- :confirmation => true,
- :length => { :within => 6..40 }
- before_save :encrypt_password
- # Return true if the user's password matches the submitted password.
- def has_password?(submitted_password)
- # Compare encrypted_password with the encrypted version of
- # submitted_password.
- encrypted_password == encrypt(submitted_password)
- end
- def self.authenticate(email, submitted_password)
- user = find_by_email(email)
- return nil if user.nil?
- return user if user.has_password?(submitted_password)
- end
- private
- def encrypt_password
- self.salt = make_salt unless has_password?(password)
- self.encrypted_password = encrypt(password)
- end
- def encrypt(string)
- secure_hash("#{salt}--#{string}")
- end
- def make_salt
- secure_hash("#{Time.now.utc}--#{password}")
- end
- def secure_hash(string)
- Digest::SHA2.hexdigest(string)
- end
- end
Add Comment
Please, Sign In to add comment
