Class: User
Overview
NOTE: Application has “admin” user only
admin's password can be changed from browser, but user name "admin" can't be changed.
many clients can login at the same time (App has multiple active sessions)
raw password shouldn't be compromised (except default password)
you may find detail at https://github.com/treasure-data/fluentd-ui/pull/34
Constant Summary collapse
- SALT =
"XG16gfdC5IFRaQ3c".freeze
- ENCRYPTED_PASSWORD_FILE =
FluentdUI.data_dir + "/#{Rails.env}-user-pwhash.txt"
Instance Attribute Summary collapse
-
#current_password ⇒ Object
Returns the value of attribute current_password.
-
#name ⇒ Object
Returns the value of attribute name.
-
#password ⇒ Object
Returns the value of attribute password.
-
#password_confirmation ⇒ Object
Returns the value of attribute password_confirmation.
Instance Method Summary collapse
- #authenticate(unencrypted_password) ⇒ Object
- #digest(unencrypted_password) ⇒ Object
- #stored_digest ⇒ Object
- #stretching_cost ⇒ Object
- #update_attributes(params) ⇒ Object
- #valid_current_password ⇒ Object
- #valid_password_confirmation ⇒ Object
Instance Attribute Details
#current_password ⇒ Object
Returns the value of attribute current_password.
13 14 15 |
# File 'app/models/user.rb', line 13 def current_password @current_password end |
#name ⇒ Object
Returns the value of attribute name.
13 14 15 |
# File 'app/models/user.rb', line 13 def name @name end |
#password ⇒ Object
Returns the value of attribute password.
13 14 15 |
# File 'app/models/user.rb', line 13 def password @password end |
#password_confirmation ⇒ Object
Returns the value of attribute password_confirmation.
13 14 15 |
# File 'app/models/user.rb', line 13 def password_confirmation @password_confirmation end |
Instance Method Details
#authenticate(unencrypted_password) ⇒ Object
20 21 22 23 |
# File 'app/models/user.rb', line 20 def authenticate(unencrypted_password) return false if @name != "admin" digest(unencrypted_password) == stored_digest end |
#digest(unencrypted_password) ⇒ Object
25 26 27 28 29 30 31 32 |
# File 'app/models/user.rb', line 25 def digest(unencrypted_password) unencrypted_password ||= "" hash = Digest::SHA1.hexdigest(SALT + unencrypted_password) stretching_cost.times do hash = Digest::SHA1.hexdigest(hash + SALT + unencrypted_password) end hash end |
#stored_digest ⇒ Object
34 35 36 37 38 39 40 |
# File 'app/models/user.rb', line 34 def stored_digest if File.exist?(ENCRYPTED_PASSWORD_FILE) File.read(ENCRYPTED_PASSWORD_FILE).rstrip else digest(Settings.default_password) end end |
#stretching_cost ⇒ Object
65 66 67 |
# File 'app/models/user.rb', line 65 def stretching_cost Rails.env.test? ? 1 : 20000 end |
#update_attributes(params) ⇒ Object
42 43 44 45 46 47 48 49 50 51 |
# File 'app/models/user.rb', line 42 def update_attributes(params) params.each_pair do |key, value| send("#{key}=", value) end return false unless valid? File.open(ENCRYPTED_PASSWORD_FILE, "w") do |f| f.write digest(password) end end |
#valid_current_password ⇒ Object
53 54 55 56 57 |
# File 'app/models/user.rb', line 53 def valid_current_password unless authenticate(current_password) errors.add(:current_password, :wrong_password) end end |
#valid_password_confirmation ⇒ Object
59 60 61 62 63 |
# File 'app/models/user.rb', line 59 def valid_password_confirmation if password != password_confirmation errors.add(:password, :confirmation, attribute: User.human_attribute_name(:password_confirmation)) end end |