| Class | Usr |
| In: |
app/models/usr.rb
|
| Parent: | ActiveRecord::Base |
this model expects a certain database layout and its based on the name/login pattern.
| CHANGEABLE_FIELDS | = | ['first_name', 'last_name', 'email'] |
| password | [RW] | |
| password_confirmation | [RW] | |
| password_needs_confirmation | [RW] |
# File app/models/usr.rb, line 30
30: def self.authenticate(login, pass)
31: u = find( :first, :conditions => ["login = ? AND verified = TRUE AND deleted = FALSE", login])
32: return nil if u.nil?
33: find( :first, :conditions => ["login = ? AND salted_password = ? AND verified = TRUE", login, salted_password(u.salt, hashed(pass))])
34: end
# File app/models/usr.rb, line 36
36: def self.authenticate_by_token(id, token)
37: # Allow logins for deleted accounts, but only via this method (and
38: # not the regular authenticate call)
39: logger.info "Attempting authorization of #{id} with #{token}"
40: u = find( :first, :conditions => ["id = ? AND security_token = ?", id, token])
41: if u
42: logger.info "Authenticated by token: #{u.inspect}"
43: else
44: logger.info "Not authenticated" if u.nil?
45: end
46: return nil if (u.nil? or u.token_expired?)
47: u.update_attributes :verified => true, :token_expiry => Clock.now
48: return u
49: end
# File app/models/usr.rb, line 25
25: def initialize(attributes = nil)
26: super
27: @password_needs_confirmation = false
28: end
# File app/models/usr.rb, line 88
88: def self.hashed(str)
89: return Digest::SHA1.hexdigest("change-me--#{str}--")[0..39]
90: end
# File app/models/usr.rb, line 107
107: def self.salted_password(salt, hashed_password)
108: hashed(salt + hashed_password)
109: end
# File app/models/usr.rb, line 64
64: def change_password(pass, confirm = nil)
65: self.password = pass
66: self.password_confirmation = confirm.nil? ? pass : confirm
67: @password_needs_confirmation = true
68: end
# File app/models/usr.rb, line 55
55: def generate_security_token
56: if self.security_token.nil? or self.token_expiry.nil? or (Clock.now.to_i + token_lifetime / 2) >= self.token_expiry.to_i
57: token = new_security_token
58: return token
59: else
60: return self.security_token
61: end
62: end
Help Active Scaffold display Usr objects. ref: activescaffold.com/tutorials/to_label
# File app/models/usr.rb, line 76
76: def to_label
77: login
78: end
# File app/models/usr.rb, line 51
51: def token_expired?
52: self.security_token and self.token_expiry and (Clock.now >= self.token_expiry)
53: end
# File app/models/usr.rb, line 70
70: def token_lifetime
71: UsrSystem::CONFIG[:security_token_life_hours] * 60 * 60
72: end
# File app/models/usr.rb, line 92
92: def crypt_password
93: if @password_needs_confirmation
94: write_attribute("salt", self.class.hashed("salt-#{Clock.now}"))
95: write_attribute("salted_password", self.class.salted_password(salt, self.class.hashed(@password)))
96: end
97: end
# File app/models/usr.rb, line 99
99: def new_security_token
100: expiry = Time.at(Clock.now.to_i + token_lifetime)
101: write_attribute('security_token', self.class.hashed(self.salted_password + Clock.now.to_i.to_s + rand.to_s))
102: write_attribute('token_expiry', expiry)
103: update_without_callbacks
104: return self.security_token
105: end