## controllerclass UserController < ApplicationController before_filter :au

1. ## controller
2. class UserController < ApplicationController
3. before_filter :authorize, :except => :login
4.  
5. layout "frontend"
6. def index
7. # @page_title = ""
8. end
9.  
10. def login
11. # @page_title = "Login"
12. if session[:user_id].nil?
13. if request.get?
14. @user = User.new
15. else
16. @user = User.new(params[:user])
17. authenticate, message = User.authenticate(@user.name,@user.password) # => Add Remember Me@user, message = User.authenticate(params[:user][:name],params[:user][:password]) # => Add Remember Me?
18. if authenticate.nil?
19. flash[:notice] = message
20. else
21. session[:user_id] = authenticate.id
22. session[:user_level] = authenticate.level
23. redirect_to :action => "index"
24. end
25. end
26. else
27. redirect_to :action => "index"
28. end
29. end
30.  
31. def change_prefs
32. if request.get?
33. @user = User.new
34. @user = User.find(session[:user_id])
35. else
36. @user = User.new(params[:user])
37. @user.password, message = @user.passwords_combine(params[:user][:password1], params[:user][:password2])
38.  
39. unless message.nil?
40. flash[:notice] = message
41. end
42.  
43. if @user.save!
44. flash[:notice] = "Preferences Saved"
45. else
46. flash[:notice] = "Testing Purposes: ERROR!"
47. end
48. end
49. end
50.  
51. def logout
52. session[:user_id] = nil
53. session[:user_level] = nil
54. redirect_to :action => "index"
55. end
56. end
57.  
58.  
59. ##model
60. require "digest/sha1"
61. class User < ActiveRecord::Base
62. # User Levels [:level]
63. # => 0 = Not loggedin
64. # => 1 = Normal USer
65. # => 90 = Admin
66. # => 99 = Super Admin
67.  
68. attr_accessor :password
69. attr_accessible :name, :password, :level, :message => 'is needed'
70. validates_uniqueness_of :name
71. validates_presence_of :name, :password
72. validates_length_of :password, :in => 6..15
73. validates_numericality_of :password
74. validates_numericality_of :level, :minimum => 1, :maximum => 2
75.  
76.  
77. # => Before save or update
78. def before_save
79. self.password = self.hash_password(self.password || "")
80. end
81.  
82. # => After save or update
83. def after_save
84. @password = nil
85. end
86.  
87. def self.authenticate(username, password)
88. if username.blank? || password.blank?
89. # html in models is BAD
90. return [nil, "Please input both username and password"]
91. end
92.  
93. user = self.find(:first,
94. :conditions => ['(name = ?) OR (name = ? AND password = ?)',
95. username, username, hash_password(password)])
96. if user.nil?
97. return [nil, "I can't find anybody with that username?"]
98. elsif user[:password] != hash_password(password)
99. return [nil, "That password is wrong"]
100. else
101. return [user, "Logged In"]
102. end
103. end
104.  
105. # => If the user is found, return TRUE, else FALSE
106. def self.check_is_user?(username)
107. return !User.find_by_name(username).nil?
108. end
109.  
110. def self.password_belongs_to_user?(username, password)
111. return self.find( :first,
112. :conditions => ["name = ? and password = ?",
113. username, hash_password(password)])
114. end
115.  
116. def self.passwords_combine(password1,password2)
117. unless (password1 == password2)
118. return [nil, "Password's don't match"]
119. end
120.  
121. @hashed_password = hash_password(password1)
122. return [@hashed_password, nil]
123. end
124.  
125. def self.hash_password(password)
126. return Digest::SHA1.hexdigest(password) # => SHA1 the password
127. end
128. end
129.  
130. ##error
131. NoMethodError in UserController#change_prefs
132.  
133. undefined method `passwords_combine' for #<User:0x135c5d0>