def signin if request.post? begin session[:user] = User.aut

1. def signin
2. if request.post?
3. begin
4. session[:user] = User.authenticate(params[:username], params[:password]).id
5. redirect_to :action => session[:intended_action], :controller => session[:intended_controller]
6. rescue RuntimeError => boom
7. flash[:notice] = boom
8. redirect_to :action => :signin
9. end
10. end
11. end
12.  
13. ##user model
14. require 'digest/sha2'
15. class User < ActiveRecord::Base
16. has_and_belongs_to_many :restaurants
17.  
18. def password=(pass)
19. salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp
20. self.password_salt, self.password_hash = salt, Digest::SHA256.hexdigest(pass + salt)
21. end
22.  
23. def self.authenticate(username, password)
24. user = User.find(:first, :conditions => ['username = ?', username])
25. if user.blank? || Digest::SHA256.hexdigest(password + user.password_salt) != user.password_hash
26. raise "Username or password invalid"
27. end
28. user
29. end
30.  
31. end
32.  
33. ##session dump
34. ---
35. :intended_action: index
36. :intended_controller: restaurants
37. :user: 1
38. flash: !map:ActionController::Flash::FlashHash
39. :notice: !ruby/exception:RuntimeError
40. message: Username or password invalid
41.  
42. ##full trace
43. vendor/rails/actionpack/lib/action_controller/session/cookie_store.rb:91:in `close'
44. /usr/local/lib/ruby/1.8/cgi/session.rb:330:in `close'
45. vendor/rails/actionpack/lib/action_controller/base.rb:1221:in `close_session'
46. vendor/rails/actionpack/lib/action_controller/base.rb:1265:in `process_cleanup_without_flash'
47. vendor/rails/actionpack/lib/action_controller/flash.rb:180:in `process_cleanup_without_session_management_support'
48. vendor/rails/actionpack/lib/action_controller/session_management.rb:132:in `process_cleanup_without_components'
49. vendor/rails/actionpack/lib/action_controller/components.rb:161:in `process_cleanup'
50. vendor/rails/actionpack/lib/action_controller/base.rb:502:in `process_without_filters'
51. vendor/rails/actionpack/lib/action_controller/filters.rb:747:in `process_without_session_management_support'
52. vendor/rails/actionpack/lib/action_controller/session_management.rb:122:in `process'
53. vendor/rails/actionpack/lib/action_controller/base.rb:346:in `process'
54. vendor/rails/railties/lib/dispatcher.rb:39:in `dispatch'
55. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/rails.rb:78:in `process'
56. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/rails.rb:76:in `process'
57. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:618:in `process_client'
58. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:617:in `process_client'
59. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:736:in `run'
60. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:736:in `run'
61. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:720:in `run'
62. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/configurator.rb:271:in `run'
63. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/configurator.rb:270:in `run'
64. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/bin/mongrel_rails:127:in `run'
65. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/command.rb:211:in `run'
66. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/bin/mongrel_rails:243
67. vendor/rails/activesupport/lib/active_support/dependencies.rb:488:in `load'
68. vendor/rails/activesupport/lib/active_support/dependencies.rb:342:in `new_constants_in'
69. vendor/rails/activesupport/lib/active_support/dependencies.rb:488:in `load'
70. vendor/rails/railties/lib/commands/servers/mongrel.rb:64
71. /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:in `require'
72. vendor/rails/activesupport/lib/active_support/dependencies.rb:495:in `require'
73. vendor/rails/activesupport/lib/active_support/dependencies.rb:342:in `new_constants_in'
74. vendor/rails/activesupport/lib/active_support/dependencies.rb:495:in `require'
75. vendor/rails/railties/lib/commands/server.rb:39
76. script/server:3
77.  
78. ##log
79. Processing HomeController#signin (for 127.0.0.1 at 2007-06-18 14:10:02) [POST]
80. Session ID: BAh7CToUaW50ZW5kZWRfYWN0aW9uIgppbmRleDoYaW50ZW5kZWRfY29udHJv%0AbGxlciIQcmVzdGF1cmFudHM6CXVzZXJpBiIKZmxhc2hJQzonQWN0aW9uQ29u%0AdHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7AA%3D%3D--dc0e44157f47130094778e3423e343ebbae55a17
81. Parameters: {"commit"=>"Sign in", "/home/signin"=>nil, "username"=>"chad", "action"=>"signin", "controller"=>"home", "password"=>""}
82.  
83.  
84. CGI::Session::CookieStore::CookieOverflow (CGI::Session::CookieStore::CookieOverflow):
85. /vendor/rails/actionpack/lib/action_controller/session/cookie_store.rb:91:in `close'
86. /usr/local/lib/ruby/1.8/cgi/session.rb:330:in `close'
87. /vendor/rails/actionpack/lib/action_controller/base.rb:1221:in `close_session'
88. /vendor/rails/actionpack/lib/action_controller/base.rb:1265:in `process_cleanup_without_flash'
89. /vendor/rails/actionpack/lib/action_controller/flash.rb:180:in `process_cleanup_without_session_management_support'
90. /vendor/rails/actionpack/lib/action_controller/session_management.rb:132:in `process_cleanup_without_components'
91. /vendor/rails/actionpack/lib/action_controller/components.rb:161:in `process_cleanup'
92. /vendor/rails/actionpack/lib/action_controller/base.rb:502:in `process_without_filters'
93. /vendor/rails/actionpack/lib/action_controller/filters.rb:747:in `process_without_session_management_support'
94. /vendor/rails/actionpack/lib/action_controller/session_management.rb:122:in `process'
95. /vendor/rails/actionpack/lib/action_controller/base.rb:346:in `process'
96. /vendor/rails/railties/lib/dispatcher.rb:39:in `dispatch'
97. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/rails.rb:78:in `process'
98. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/rails.rb:76:in `process'
99. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:618:in `process_client'
100. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:617:in `process_client'
101. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:736:in `run'
102. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:736:in `run'
103. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel.rb:720:in `run'
104. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/configurator.rb:271:in `run'
105. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/configurator.rb:270:in `run'
106. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/bin/mongrel_rails:127:in `run'
107. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/lib/mongrel/command.rb:211:in `run'
108. /usr/local/lib/ruby/gems/1.8/gems/mongrel-1.0.1/bin/mongrel_rails:243
109. /vendor/rails/activesupport/lib/active_support/dependencies.rb:488:in `load'
110. /vendor/rails/activesupport/lib/active_support/dependencies.rb:342:in `new_constants_in'
111. /vendor/rails/activesupport/lib/active_support/dependencies.rb:488:in `load'
112. /vendor/rails/railties/lib/commands/servers/mongrel.rb:64
113. /usr/local/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:27:in `require'
114. /vendor/rails/activesupport/lib/active_support/dependencies.rb:495:in `require'
115. /vendor/rails/activesupport/lib/active_support/dependencies.rb:342:in `new_constants_in'
116. /vendor/rails/activesupport/lib/active_support/dependencies.rb:495:in `require'
117. /vendor/rails/railties/lib/commands/server.rb:39
118. script/server:3