summaryrefslogtreecommitdiff
path: root/lib/authentication.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/authentication.rb')
-rw-r--r--lib/authentication.rb16
1 files changed, 9 insertions, 7 deletions
diff --git a/lib/authentication.rb b/lib/authentication.rb
index a936589..4d8a5ae 100644
--- a/lib/authentication.rb
+++ b/lib/authentication.rb
@@ -31,7 +31,7 @@ module Authentication
31 end 31 end
32 32
33 def make_token 33 def make_token
34 secure_digest(Time.now, (1..10).map{ rand.to_s }) 34 SecureRandom.hex(20)
35 end 35 end
36 end # class methods 36 end # class methods
37 37
@@ -46,7 +46,6 @@ module Authentication
46 include ModelInstanceMethods 46 include ModelInstanceMethods
47 47
48 # Virtual attribute for the unencrypted password 48 # Virtual attribute for the unencrypted password
49 attr_accessor :password
50 validates_presence_of :password, :if => :password_required? 49 validates_presence_of :password, :if => :password_required?
51 validates_presence_of :password_confirmation, :if => :password_required? 50 validates_presence_of :password_confirmation, :if => :password_required?
52 validates_confirmation_of :password, :if => :password_required? 51 validates_confirmation_of :password, :if => :password_required?
@@ -85,19 +84,22 @@ module Authentication
85 self.class.password_digest(password, salt) 84 self.class.password_digest(password, salt)
86 end 85 end
87 86
88 def authenticated?(password) 87 def authenticate_legacy(password)
89 crypted_password == encrypt(password) 88 crypted_password == encrypt(password)
90 end 89 end
91 90
92 # before filter 91 # before filter
93 def encrypt_password 92 def encrypt_password
94 return if password.blank? 93 return if password.blank?
95 self.salt = self.class.make_token if new_record? 94 return if password_digest.present?
95
96 self.salt ||= self.class.make_token
96 self.crypted_password = encrypt(password) 97 self.crypted_password = encrypt(password)
97 end 98 end
99
98 def password_required? 100 def password_required?
99 crypted_password.blank? || !password.blank? 101 (crypted_password.blank? && password_digest.blank?) || !password.blank?
100 end 102 end
101 end # instance methods 103 end # instance methods
102 end 104 end
103end \ No newline at end of file 105end