Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class Panelist < ActiveRecord::Base
- def before_create
- self.hashed_password = Panelist.hash_password(self.password)
- end
- def after_create
- @password = nil
- end
- def confirmation_key
- Panelist.hash_password(hashed_password + created_at.to_s + id.to_s)
- end
- def password_reset_key
- Panelist.hash_password(hashed_password + created_at.to_s + id.to_s + email)
- end
- def try_to_login
- logged_in_panelist = Panelist.login(email,password)
- if logged_in_panelist
- logged_in_panelist.update_attribute(:last_ip, last_ip)
- return logged_in_panelist
- else
- return nil
- end
- end
- def password_reset(key)
- if key != self.password_reset_key
- return 'Password reset key is not valid: ' + key + " is not " + self.password_reset_key
- else
- if self.password.length < 4
- return 'Password must be at least 4 characters'
- elsif self.password != self.password_confirmation
- return 'Password does not match confirmation'
- else
- self.hashed_password = Panelist.hash_password(self.password)
- self.update
- return nil
- end
- end
- end
- private
- def self.login(email, password)
- hashed_password = Panelist.hash_password(password || "")
- find(:first, :conditions => ["email = ? and hashed_password = ?", email, hashed_password])
- end
- def self.hash_password(password)
- Digest::SHA1.hexdigest(password)
- end
- end
- class PanelistManagerController < ApplicationController
- def create
- @panelist = Panelist.new(params[:panelist])
- @panelist.last_ip = request.remote_ip
- if @panelist.save
- flash[:notice] = 'Panelist was successfully created.'
- confirmurl = url_for( :controller => "panelist_manager", :action => "confirm", :id => @panelist.id, :key => @panelist.confirmation_key)
- email = PanelistMailer.create_confirmemail(@panelist, confirmurl)
- render(:text => "<pre>" + email.encoded + "</pre>")
- # PanelistMailer.deliver_confirmemail(@panelist, confirmurl)
- # redirect_to :action => 'list'
- else
- render :action => 'new'
- end
- end
- def confirm
- panelist = Panelist.find(params[:id])
- if panelist == nil
- redirect_to :action => 'index'
- else
- key = params[:key]
- if key == panelist.confirmation_key
- panelist.email_confirmed = 'y'
- panelist.update
- flash[:notice] = 'Your e-mail address has been confirmed, and you are now an active panelist.'
- redirect_to :action => 'index'
- else
- redirect_to :action => 'index'
- end
- end
- end
- def login
- if request.get?
- session[:panelist_id] = nil
- @panelist = Panelist.new
- else
- @panelist = Panelist.new(params[:panelist])
- @panelist.last_ip = request.remote_ip
- logged_in_panelist = @panelist.try_to_login
- if logged_in_panelist
- session[:panelist_id] = logged_in_panelist.id
- flash[:notice] = "You have been logged in."
- if params[:redirect]
- redirect_to(params[:redirect])
- else
- redirect_to(:action => "index")
- end
- else
- flash[:notice] = "Invalid e-mail/password combination"
- end
- end
- end
- def passwordreset
- if request.get?
- @panelist = Panelist.new
- else
- @panelist = Panelist.new(params[:panelist])
- reset_panelist = Panelist.find_by_email(@panelist.email)
- if reset_panelist
- reseturl = url_for(:action => 'tryreset', :id => reset_panelist.id, :key => reset_panelist.password_reset_key)
- email = PanelistMailer.create_resetemail(reset_panelist,reseturl)
- render(:text => "<pre>" + email.encoded + "</pre>")
- else
- flash[:notice] = 'No panelist with that e-mail address was found'
- end
- end
- end
- def tryreset
- if request.get?
- @panelist = Panelist.find_by_id(params[:id])
- @key = params[:key]
- if @panelist == nil or @panelist.password_reset_key != @key
- redirect_to :action => 'index'
- end
- else
- @panelist = Panelist.new(params[:panelist])
- @panelist.id = params[:id]
- reset_panelist = Panelist.find_by_id(@panelist.id)
- if reset_panelist == nil
- redirect_to :action => 'index'
- else
- reset_panelist.password = @panelist.password
- reset_panelist.password_confirmation = @panelist.password_confirmation
- @key = params[:key]
- if !(flash[:notice] = reset_panelist.password_reset(@key))
- flash[:notice] = "Your password has been reset"
- redirect_to :action => 'login'
- end
- end
- end
- end
- end
Add Comment
Please, Sign In to add comment