diff options
| author | simon <simon@zagal.(none)> | 2009-02-08 23:15:11 +0100 |
|---|---|---|
| committer | hukl <hukl@eight.local> | 2009-02-15 20:22:01 +0100 |
| commit | 9f94a70c3e3d9bf766cb9663b0a904d30a190d85 (patch) | |
| tree | 4b4bbf567ec60a939d024b083b478d72476700a5 /app/models/user.rb | |
| parent | 48ffd4eb446bcaeba7651758ec3002f342702249 (diff) | |
* initial commit of the stripped restful-authentication
* http basic auth and login from cookie have been removed
* no it does not work yet, it's so f*cking secure, it won't even let legitimate users login
Diffstat (limited to 'app/models/user.rb')
| -rw-r--r-- | app/models/user.rb | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 4a57cf0..3ac0712 100644 --- a/app/models/user.rb +++ b/app/models/user.rb | |||
| @@ -1,2 +1,36 @@ | |||
| 1 | require 'digest/sha1' | ||
| 2 | |||
| 1 | class User < ActiveRecord::Base | 3 | class User < ActiveRecord::Base |
| 4 | include Authentication | ||
| 5 | include Authentication::ByPassword | ||
| 6 | |||
| 7 | validates_presence_of :login | ||
| 8 | validates_length_of :login, :within => 3..40 | ||
| 9 | validates_uniqueness_of :login | ||
| 10 | validates_format_of :login, :with => Authentication.login_regex, | ||
| 11 | :message => Authentication.bad_login_message | ||
| 12 | |||
| 13 | validates_presence_of :email | ||
| 14 | validates_length_of :email, :within => 6..100 #r@a.wk | ||
| 15 | validates_uniqueness_of :email | ||
| 16 | validates_format_of :email, :with => Authentication.email_regex, | ||
| 17 | :message => Authentication.bad_email_message | ||
| 18 | |||
| 19 | attr_accessible :login, :email, :password, :password_confirmation | ||
| 20 | |||
| 21 | # Authenticates a user by their login name and unencrypted password. Returns the user or nil. | ||
| 22 | def self.authenticate(login, password) | ||
| 23 | return nil if login.blank? || password.blank? | ||
| 24 | u = find_by_login(login) # need to get the salt | ||
| 25 | u && u.authenticated?(password) ? u : nil | ||
| 26 | end | ||
| 27 | |||
| 28 | # TODO: Do we really want to have downcase logins only? | ||
| 29 | def login=(value) | ||
| 30 | write_attribute :login, (value ? value.downcase : nil) | ||
| 31 | end | ||
| 32 | |||
| 33 | def email=(value) | ||
| 34 | write_attribute :email, (value ? value.downcase : nil) | ||
| 35 | end | ||
| 2 | end | 36 | end |
