Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## controller
- class UserController < ApplicationController
- before_filter :authorize, :except => :login
- layout "frontend"
- def index
- # @page_title = ""
- end
- def login
- # @page_title = "Login"
- if session[:user_id].nil?
- if request.get?
- @user = User.new
- else
- @user = User.new(params[:user])
- authenticate, message = User.authenticate(@user.name,@user.password) # => Add Remember Me@user, message = User.authenticate(params[:user][:name],params[:user][:password]) # => Add Remember Me?
- if authenticate.nil?
- flash[:notice] = message
- else
- session[:user_id] = authenticate.id
- session[:user_level] = authenticate.level
- redirect_to :action => "index"
- end
- end
- else
- redirect_to :action => "index"
- end
- end
- def change_prefs
- if request.get?
- @user = User.new
- @user = User.find(session[:user_id])
- else
- @user = User.new(params[:user])
- @user.password, message = @user.passwords_combine(params[:user][:password1], params[:user][:password2])
- unless message.nil?
- flash[:notice] = message
- end
- if @user.save!
- flash[:notice] = "Preferences Saved"
- else
- flash[:notice] = "Testing Purposes: ERROR!"
- end
- end
- end
- def logout
- session[:user_id] = nil
- session[:user_level] = nil
- redirect_to :action => "index"
- end
- end
- ##model
- require "digest/sha1"
- class User < ActiveRecord::Base
- # User Levels [:level]
- # => 0 = Not loggedin
- # => 1 = Normal USer
- # => 90 = Admin
- # => 99 = Super Admin
- attr_accessor :password
- attr_accessible :name, :password, :level, :message => 'is needed'
- validates_uniqueness_of :name
- validates_presence_of :name, :password
- validates_length_of :password, :in => 6..15
- validates_numericality_of :password
- validates_numericality_of :level, :minimum => 1, :maximum => 2
- # => Before save or update
- def before_save
- self.password = self.hash_password(self.password || "")
- end
- # => After save or update
- def after_save
- @password = nil
- end
- def self.authenticate(username, password)
- if username.blank? || password.blank?
- # html in models is BAD
- return [nil, "Please input both username and password"]
- end
- user = self.find(:first,
- :conditions => ['(name = ?) OR (name = ? AND password = ?)',
- username, username, hash_password(password)])
- if user.nil?
- return [nil, "I can't find anybody with that username?"]
- elsif user[:password] != hash_password(password)
- return [nil, "That password is wrong"]
- else
- return [user, "Logged In"]
- end
- end
- # => If the user is found, return TRUE, else FALSE
- def self.check_is_user?(username)
- return !User.find_by_name(username).nil?
- end
- def self.password_belongs_to_user?(username, password)
- return self.find( :first,
- :conditions => ["name = ? and password = ?",
- username, hash_password(password)])
- end
- def self.passwords_combine(password1,password2)
- unless (password1 == password2)
- return [nil, "Password's don't match"]
- end
- @hashed_password = hash_password(password1)
- return [@hashed_password, nil]
- end
- def self.hash_password(password)
- return Digest::SHA1.hexdigest(password) # => SHA1 the password
- end
- end
- ##error
- NoMethodError in UserController#change_prefs
- undefined method `passwords_combine' for #<User:0x135c5d0>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement