Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## account_controller.rb
- def signup
- @user = User.new(params[:user])
- return unless request.post?
- if @user.save
- Name.new({:user_id => @user, :name => @user.login}).save!
- flash[:notice] = "Your account has been successfully created. Your account must be activated before you can login. Please check your email for your activation code."
- redirect_to :action => 'login'
- else
- render :action => 'signup'
- end
- end
- ## user.rb
- class User < ActiveRecord::Base
- before_create :make_activation_code
- # Virtual attribute for the unencrypted password
- attr_accessor :password
- attr_accessor :new_password
- attr_protected :superuser
- has_many :user_groups
- has_many :groups, :through => :user_groups
- has_many :pages
- has_many :comments
- has_many :sr_characters
- has_many :names
- validates_presence_of :login, :email
- validates_presence_of :password, :if => :password_required?
- validates_presence_of :password_confirmation, :if => :password_required?
- validates_length_of :password, :within => 4..40, :if => :password_required?
- validates_confirmation_of :password, :if => :password_required?
- validates_length_of :login, :within => 3..40
- validates_length_of :email, :within => 3..100
- validates_uniqueness_of :login, :email, :case_sensitive => false
- before_save :encrypt_password
- def validate
- errors.add(:login, "has already been taken") if Name.find(:all).include? self.login
- end
- def is_superuser?
- self.superuser
- end
- # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
- def self.authenticate(login, password)
- u = find_by_login(login) # need to get the salt
- u = find :first, :conditions => ['login = ? and activated_at IS NOT NULL', login]
- if u.nil?
- return nil
- end
- return u if u.encrypt(password) == u.crypted_password
- nil
- end
- # Activates the user in the database.
- def activate
- @activated = true
- update_attributes(:activated_at => Time.now.utc, :activation_code => nil)
- end
- # Returns true if the user has just been activated.
- def recently_activated?
- @activated
- end
- # Encrypts some data with the salt.
- def self.encrypt(password, salt)
- Digest::SHA1.hexdigest("--#{salt}--#{password}--")
- end
- # Encrypts the password with the user salt
- def encrypt(password)
- self.class.encrypt(password, salt)
- end
- def authenticated?(password)
- crypted_password == encrypt(password)
- end
- def remember_token?
- remember_token_expires_at && Time.now.utc < remember_token_expires_at
- end
- # These create and unset the fields required for remembering users between browser closes
- def remember_me
- self.remember_token_expires_at = 2.weeks.from_now.utc
- self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
- save(false)
- end
- def forget_me
- self.remember_token_expires_at = nil
- self.remember_token = nil
- save(false)
- end
- def send_new_password
- new_pass = User.random_string(10)
- self.password = self.password_confirmation = new_pass
- self.save
- UserNotifier.deliver_forgot_password(self, new_pass)
- end
- def has_permission_to?(action, object)
- if self.is_superuser?
- true
- elsif object.user == self
- true
- elsif object.permissions[:world][action]
- true
- elsif object.permissions[:group][action]
- if self.is_member_of? object.group
- true
- else
- false
- end
- else
- false
- end
- end
- def is_member_of?(group)
- group.users.include? self
- end
- protected
- # before filter
- def encrypt_password
- return if password.blank?
- self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?
- self.crypted_password = encrypt(password)
- end
- def password_required?
- crypted_password.blank? || !password.blank?
- end
- def make_activation_code
- self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
- end
- def self.random_string(len)
- #generat a random password consisting of strings and digits
- chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
- newpass = ""
- 1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
- return newpass
- end
- end
Add Comment
Please, Sign In to add comment