Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # controller
- class UsersController < ApplicationController
- # render new.rhtml
- def new
- end
- def create
- @user = User.new(params[:user])
- @user.save!
- #self.current_user = @user
- reset_session
- flash[:notice] = "Thanks for signing up!"
- render :action => "waiting"
- rescue ActiveRecord::RecordInvalid
- render :action => 'new'
- end
- end
- # app/views/users/new.rhtml
- <h1>register</h1>
- <%= error_messages_for :user %>
- <% form_for :user, :url => users_path do |f| -%>
- <div class="required">
- <label for="user_login"><%= "Username" %></label>
- <%= f.text_field :login %>
- </div>
- <div class="required">
- <label for="user_password"><%= "Password" %></label>
- <%= f.password_field :password %>
- </div>
- <div class="required">
- <label for="user_password_confirmation"><%= "Confirm" %> <%= "password" %></label>
- <%= f.password_field :password_confirmation %>
- </div>
- <div class="required">
- <label for="user_email"><%= "Email" %></label>
- <%= f.text_field :email %>
- </div>
- <div class="required">
- <label for="user_email_confirmation"><%= "Confirm" %> <%= "email" %></label>
- <%= f.text_field :email_confirmation %>
- </div>
- <%= submit_tag("Sign up", {:disable_with => "Sign up"}) %>
- <% end -%>
- # model
- require 'digest/sha2'
- require 'digest/sha1'
- class User < ActiveRecord::Base
- class ActivationCodeNotFound < StandardError
- end
- class AlreadyActivated < StandardError
- attr_reader :user, :message;
- def initialize(user, message=nil)
- @message, @user = message, user
- end
- end
- # relations
- has_one :profile
- belongs_to :group
- # virtual attributes
- attr_accessor :password
- attr_accessor :email
- # validation
- validates_presence_of :login
- validates_length_of :login, :within => 3..20
- validates_uniqueness_of :login, :email, :case_sensitive => false
- validates_presence_of :password, :if => :password_required?
- validates_presence_of :password_confirmation, :if => :password_required?
- validates_length_of :password, :within => 4..40, :if => :password_required?
- validates_confirmation_of :password, :if => :password_required?
- validates_presence_of :email, :if => :email_required?
- validates_presence_of :email_confirmation, :if => :email_required?
- validates_length_of :email, :within => 3..100
- validates_confirmation_of :email, :if => :email_required?
- validates_format_of :email, :with => /\A([^@\s] )@((?:[-a-z0-9] \.) [a-z]{2,})\Z/
- # callbacks
- before_save :encrypt_password
- before_create :make_activation_code
- # check if this user is an admin
- def is_admin?
- group.name.singularize.downcase.eql?'admin'
- end
- # return the proper name according to the preferences
- def screen_name
- if profile && !profile.real_name.blank? && profile.always_show_real_name
- profile.real_name
- else
- login
- end
- end
- # return the gravar email if set, otherwise use the primary email provided
- def gravatar
- if profile && !profile.gravatar_email.nil? && !profile.gravatar_email.blank?
- profile.gravatar_email
- else
- email
- end
- end
- # lookup the user and check the password
- # set user to nil if user doesn't exist or password doesn't match
- def self.authenticate(login, password, has_been_activated=true)
- u = find_by_login_and_has_been_activated(login, has_been_activated, :include => %w(group profile))
- u && u.authenticated?(password) ? u : nil
- end
- # Encrypts some data with the salt.
- def self.encrypt(password, salt)
- Digest::SHA256.hexdigest("--#{salt}--#{password}--")
- end
- # Encrypts the password with the user salt
- def encrypt(password)
- self.class.encrypt(password, salt)
- end
- def authenticated?(password)
- crypted_password == encrypt(password)
- end
- def remember_token?
- remember_token_expires_at && Time.now.utc < remember_token_expires_at
- end
- # These create and unset the fields required for remembering users between browser closes
- def remember_me
- self.remember_token_expires_at = 2.weeks.from_now.utc
- self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
- save(false)
- end
- def forget_me
- self.remember_token_expires_at = nil
- self.remember_token = nil
- save(false)
- end
- # make sure we leave at least one user in the database
- def safe_delete
- transaction do
- destroy
- if User.count.zero?
- raise "Can't delete last user"
- end
- end
- end
- # finds the user with the corresponding activation code, activates their account and returns the user.
- # raises:
- # User::ActivationCodeNotFound if there is no user with the corresponding activation code
- # User::AlreadyActivated if the user with the corresponding activation code has already activated their account
- def self.find_and_activate!(activation_code)
- user = find_by_activation_code(activation_code)
- raise ActivationCodeNotFound if !user
- raise AlreadyActivated.new(user) if user.has_been_activated?
- user.send(:activate!)
- user
- end
- protected
- # before filter
- def encrypt_password
- return if password.blank?
- self.salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp if new_record?
- self.crypted_password = encrypt(password)
- end
- def password_required?
- crypted_password.blank? || !password.blank?
- end
- def email_required?
- !email.blank?
- end
- def make_activation_code
- self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
- end
- # private methods
- private
- # activates a user
- def activate!
- @activated = true
- self.update_attribute(:activated_at, Time.now.utc)
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement