API tools faq
paste
Guest User

Untitled

a guest
Mar 15th, 2018
102
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.19 KB | None | 0 0
raw download clone embed print report
  1. ## user.rb
  2.  
  3. require 'digest/sha1'
  4. class User < ActiveRecord::Base
  5. has_many :location
  6. has_one :default_location, :foreign_key => :user_id, :class_name => 'Location'
  7.  
  8. # Virtual attribute for the unencrypted password
  9. attr_accessor :password
  10.  
  11. validates_presence_of :login, :email
  12. validates_presence_of :password
  13. validates_presence_of :password_confirmation
  14. validates_length_of :password, :within => 4..40, :if => :password_present?
  15. validates_confirmation_of :password, :if => :password_present?
  16. validates_length_of :login, :within => 3..40, :if => :login_present?
  17. validates_length_of :email, :within => 3..100, :if => :email_present?
  18. validates_uniqueness_of :login, :email, :case_sensitive => false
  19.  
  20. validates_each :birthdate do |record, attr, value|
  21. record.errors.add.attr("You're not old enough.") if value > Date.new((Date.today.year - 21),(Date.today.month),(Date.today.day))
  22. end
  23.  
  24. before_save :encrypt_password
  25.  
  26. # prevents a user from submitting a crafted form that bypasses activation
  27. # anything else you want your user to change should be added here.
  28. attr_accessible :login, :email, :password, :password_confirmation
  29.  
  30. acts_as_state_machine :initial => :pending
  31. state :passive
  32. state :pending, :enter => :make_activation_code
  33. state :active, :enter => :do_activate
  34. state :suspended
  35. state :deleted, :enter => :do_delete
  36.  
  37. event :register do
  38. transitions :from => :passive, :to => :pending, :guard => Proc.new {|u| !(u.crypted_password.blank? && u.password.blank?) }
  39. end
  40.  
  41. event :activate do
  42. transitions :from => :pending, :to => :active
  43. end
  44.  
  45. event :suspend do
  46. transitions :from => [:passive, :pending, :active], :to => :suspended
  47. end
  48.  
  49. event :delete do
  50. transitions :from => [:passive, :pending, :active, :suspended], :to => :deleted
  51. end
  52.  
  53. event :unsuspend do
  54. transitions :from => :suspended, :to => :active, :guard => Proc.new {|u| !u.activated_at.blank? }
  55. transitions :from => :suspended, :to => :pending, :guard => Proc.new {|u| !u.activation_code.blank? }
  56. transitions :from => :suspended, :to => :passive
  57. end
  58.  
  59. # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
  60. def self.authenticate(login, password)
  61. u = find_in_state :first, :active, :conditions => {:login => login} # need to get the salt
  62. u && u.authenticated?(password) ? u : nil
  63. end
  64.  
  65. # Encrypts some data with the salt.
  66. def self.encrypt(password, salt)
  67. Digest::SHA1.hexdigest("--#{salt}--#{password}--")
  68. end
  69.  
  70. # Encrypts the password with the user salt
  71. def encrypt(password)
  72. self.class.encrypt(password, salt)
  73. end
  74.  
  75. def authenticated?(password)
  76. crypted_password == encrypt(password)
  77. end
  78.  
  79. def remember_token?
  80. remember_token_expires_at && Time.now.utc < remember_token_expires_at
  81. end
  82.  
  83. # These create and unset the fields required for remembering users between browser closes
  84. def remember_me
  85. remember_me_for 2.weeks
  86. end
  87.  
  88. def remember_me_for(time)
  89. remember_me_until time.from_now.utc
  90. end
  91.  
  92. def remember_me_until(time)
  93. self.remember_token_expires_at = time
  94. self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
  95. save(false)
  96. end
  97.  
  98. def forget_me
  99. self.remember_token_expires_at = nil
  100. self.remember_token = nil
  101. save(false)
  102. end
  103.  
  104. def forgot_password
  105. @forgotten_password = true
  106. self.make_password_reset_code
  107. end
  108.  
  109. def reset_password
  110. # First update the password_reset_code before setting the
  111. # reset_password flag to avoid duplicate email notifications.
  112. update_attribute(:password_reset_code, nil)
  113. @reset_password = true
  114. end
  115.  
  116. #used in user_observer
  117. def recently_forgot_password?
  118. @forgotten_password
  119. end
  120.  
  121. def recently_reset_password?
  122. @reset_password
  123. end
  124.  
  125. def self.find_for_forget(email)
  126. find_in_state :first, :active, :conditions => {:email => email}
  127. end
  128.  
  129. # Returns true if the user has just been activated.
  130. def recently_activated?
  131. @activated
  132. end
  133.  
  134. protected
  135. # before filter
  136. def encrypt_password
  137. return if password.blank?
  138. self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?
  139. self.crypted_password = encrypt(password)
  140. end
  141.  
  142. def password_present?
  143. !password.blank?
  144. end
  145.  
  146. def login_present?
  147. !login.blank?
  148. end
  149.  
  150. def email_present?
  151. !email.blank?
  152. end
  153.  
  154. def make_activation_code
  155. self.deleted_at = nil
  156. self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
  157. end
  158.  
  159. def make_password_reset_code
  160. self.password_reset_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
  161. end
  162.  
  163. def make_email_update_code
  164. self.email_update_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
  165. end
  166.  
  167. def do_delete
  168. self.deleted_at = Time.now.utc
  169. end
  170.  
  171. def do_activate
  172. @activated = true
  173. self.activated_at = Time.now.utc
  174. self.deleted_at = self.activation_code = nil
  175. end
  176. end
  177.  
  178. ## users_controller.rb
  179.  
  180. class UsersController < ApplicationController
  181. # Protect these actions behind an admin login
  182. # before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
  183. before_filter :login_required, :only => [:suspend, :unsuspend, :destroy, :purge]
  184. before_filter :find_user, :only => [:show, :suspend, :unsuspend, :destroy, :purge]
  185.  
  186. def index
  187. @users = User.find(:all)
  188. end
  189.  
  190. # render new.rhtml
  191. def new
  192. end
  193.  
  194. def create
  195. cookies.delete :auth_token
  196. # protects against session fixation attacks, wreaks havoc with
  197. # request forgery protection.
  198. # uncomment at your own risk
  199. # reset_session
  200. @user = User.new(params[:user])
  201. @user.register! if @user.valid?
  202. params[:location][:name] = "Default"
  203. @location = Location.new(params[:location])
  204. @user.default_location = @location
  205. if @user.errors.empty?
  206. #self.current_user = @user
  207. #redirect_back_or_default('/')
  208. if @user.default_location.errors.empty?
  209. flash[:notice] = "Thanks for signing up! Please check your email to activate your account before logging in."
  210. redirect_to login_path
  211. else
  212. @user.destroy
  213. #@user.errors.add_to_base("There was a problem creating your account because of your default location.")
  214. render :action => 'new'
  215. end
  216. else
  217. #@user.errors.add_to_base("There was a problem creating your account.")
  218. render :action => 'new'
  219. end
  220. end
  221.  
  222. def activate
  223. self.current_user = params[:activation_code].blank? ? false : User.find_by_activation_code(params[:activation_code])
  224. if logged_in? && !current_user.active?
  225. current_user.activate!
  226. flash[:notice] = "Signup complete!"
  227. end
  228. redirect_back_or_default('/')
  229. end
  230.  
  231. def show
  232. end
  233.  
  234. def suspend
  235. @user.suspend!
  236. redirect_to users_path
  237. end
  238.  
  239. def unsuspend
  240. @user.unsuspend!
  241. redirect_to users_path
  242. end
  243.  
  244. def destroy
  245. @user.delete!
  246. redirect_to users_path
  247. end
  248.  
  249. def purge
  250. @user.destroy
  251. redirect_to users_path
  252. end
  253.  
  254. protected
  255. def find_user
  256. @user = User.find(params[:id])
  257. end
  258.  
  259. end
  260.  
  261.  
  262. ## new.html.erb
  263.  
  264. <%= error_messages_for @user, @location %>
  265. <% form_for :user, :url => users_path do |f| -%>
  266. <% fields_for :user do |u| %>
  267. <p><label for="login">Login</label><br/>
  268. <%= u.text_field :login %></p>
  269.  
  270. <p><label for="email">Email</label><br/>
  271. <%= u.text_field :email %></p>
  272.  
  273. <p><label for="password">Password</label><br/>
  274. <%= u.password_field :password %></p>
  275.  
  276. <p><label for="password_confirmation">Confirm Password</label><br/>
  277. <%= u.password_field :password_confirmation %></p>
  278.  
  279. <p><label for="birthdate">Birthdate</label><br/>
  280. <%= date_select( :user, :birthdate, :start_year => 1900 )%></p>
  281.  
  282. <% end %>
  283.  
  284. <% fields_for :location do |l| %>
  285. <p><label for="zipcode">Zipcode</label><br/>
  286. <%= l.text_field :zipcode %></p>
  287. <% end %>
  288. <p><%= submit_tag 'Sign up' %></p>
  289. <% end -%>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!