From 9f94a70c3e3d9bf766cb9663b0a904d30a190d85 Mon Sep 17 00:00:00 2001 From: simon Date: Sun, 8 Feb 2009 23:15:11 +0100 Subject: * initial commit of the stripped restful-authentication * http basic auth and login from cookie have been removed * no it does not work yet, it's so f*cking secure, it won't even let legitimate users login --- app/models/user.rb | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) (limited to 'app/models') diff --git a/app/models/user.rb b/app/models/user.rb index 4a57cf0..3ac0712 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,2 +1,36 @@ +require 'digest/sha1' + class User < ActiveRecord::Base + include Authentication + include Authentication::ByPassword + + validates_presence_of :login + validates_length_of :login, :within => 3..40 + validates_uniqueness_of :login + validates_format_of :login, :with => Authentication.login_regex, + :message => Authentication.bad_login_message + + validates_presence_of :email + validates_length_of :email, :within => 6..100 #r@a.wk + validates_uniqueness_of :email + validates_format_of :email, :with => Authentication.email_regex, + :message => Authentication.bad_email_message + + attr_accessible :login, :email, :password, :password_confirmation + + # Authenticates a user by their login name and unencrypted password. Returns the user or nil. + def self.authenticate(login, password) + return nil if login.blank? || password.blank? + u = find_by_login(login) # need to get the salt + u && u.authenticated?(password) ? u : nil + end + + # TODO: Do we really want to have downcase logins only? + def login=(value) + write_attribute :login, (value ? value.downcase : nil) + end + + def email=(value) + write_attribute :email, (value ? value.downcase : nil) + end end -- cgit v1.3