Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##user_controller.rb
- class UserController < ApplicationController
- before_filter :authorize, :except => :login
- layout "frontend"
- def index
- # @page_title = ""
- end
- def login
- # @page_title = "Login"
- if session[:user_id].nil?
- if request.get?
- @user = User.new
- else
- @user = User.new(params[:user])
- authenticate, message = User.authenticate(@user.name,@user.password) # => Add Remember Me@user, message = User.authenticate(params[:user][:name],params[:user][:password]) # => Add Remember Me?
- if authenticate.nil?
- flash[:notice] = message
- else
- # => Remove for testing purposes
- # session[:user_id] = authenticate.id
- # session[:user_level] = authenticate.level
- # redirect_to :action => "index"
- flash[:notice] = authenticate.id # => Add for testing purposes
- end
- end
- else
- redirect_to :action => "index"
- end
- end
- def change_prefs
- @user = User.new
- @user.get(session[:user_id])
- @testes = @user.name "<<[#{session[:user_id]}]"
- end
- def logout
- session[:user_id] = nil
- session[:user_level] = nil
- redirect_to :action => "index"
- end
- end
- ##user.rb
- require "digest/sha1"
- class User < ActiveRecord::Base
- # User Levels [:level]
- # => 0 = Not loggedin
- # => 1 = Normal USer
- # => 90 = Admin
- # => 99 = Super Admin
- attr_accessor :password
- attr_accessible :name, :password, :level, :message => 'is needed'
- validates_uniqueness_of :name
- validates_presence_of :name, :password
- validates_length_of :password, :in => 6..15
- # => Before save or update
- def before_save
- self.password = self.hash_password(self.password || "")
- end
- # => After save or update
- def after_save
- @password = nil
- end
- def self.authenticate(username, password)
- if username.blank? || password.blank?
- # html in models is BAD
- return [nil, "Please input both username and password"]
- end
- user = self.find(:first,
- :conditions => ['(name = ?) OR (name = ? AND password = ?)',
- username, username, hash_password(password)])
- if user.nil?
- return [nil, "I can't find anybody with that username?"]
- elsif user[:password] != hash_password(password)
- return [nil, "That password is wrong"]
- else
- return [user, "Logged In"]
- end
- end
- # => If the user is found, return TRUE, else FALSE
- def self.check_is_user?(username)
- return !User.find_by_name(username).nil?
- end
- def self.password_belongs_to_user?(username, password)
- return self.find( :first,
- :conditions => ["name = ? and password = ?",
- username, hash_password(password)])
- end
- def get(id)
- return User.find( :first,
- :conditions => ["id = ?",
- id])
- end
- def self.hash_password(password)
- return Digest::SHA1.hexdigest(password) # => SHA1 the password
- end
- end
- ## test_logout
- def test_logout
- assert_nil(session[:user_id])
- assert_nil(session[:user_level])
- assert_redirected_to :action => "index"
- end
- ## Errors
- !!* UserID is appearing as 3 not 1
- !!* test_logout won't work:
- 1) Error:
- test_logout(UserControllerTest):
- TypeError: Symbol as array index
- test/functional/user_controller_test.rb:52:in `[]'
- test/functional/user_controller_test.rb:52:in `test_logout'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement