Class: User

Inherits:

Object

• Object
• User

Includes:

ActiveModel::Model

Defined in:

app/models/user.rb

Overview

NOTE: Application has “admin” user only

admin's password can be changed from browser, but user name "admin" can't be changed.
many clients can login at the same time (App has multiple active sessions)
raw password shouldn't be compromised (except default password)
you may find detail at https://github.com/treasure-data/fluentd-ui/pull/34

Constant Summary

SALT =

"XG16gfdC5IFRaQ3c".freeze

ENCRYPTED_PASSWORD_FILE =

FluentdUI.data_dir + "/#{Rails.env}-user-pwhash.txt"

Instance Attribute Summary

• #current_password ⇒ Object

  Returns the value of attribute current_password.

• #name ⇒ Object

  Returns the value of attribute name.

• #password ⇒ Object

  Returns the value of attribute password.

• #password_confirmation ⇒ Object

  Returns the value of attribute password_confirmation.

Instance Method Summary

• #authenticate(unencrypted_password) ⇒ Object
• #digest(unencrypted_password) ⇒ Object
• #stored_digest ⇒ Object
• #stretching_cost ⇒ Object
• #update_attributes(params) ⇒ Object
• #valid_current_password ⇒ Object
• #valid_password_confirmation ⇒ Object

Instance Attribute Details

#current_password ⇒ Object

Returns the value of attribute current_password.

# File 'app/models/user.rb', line 13

def current_password
  @current_password
end

#name ⇒ Object

Returns the value of attribute name.

# File 'app/models/user.rb', line 13

def name
  @name
end

#password ⇒ Object

Returns the value of attribute password.

# File 'app/models/user.rb', line 13

def password
  @password
end

#password_confirmation ⇒ Object

Returns the value of attribute password_confirmation.

# File 'app/models/user.rb', line 13

def password_confirmation
  @password_confirmation
end

Instance Method Details

#authenticate(unencrypted_password) ⇒ Object

# File 'app/models/user.rb', line 20

def authenticate(unencrypted_password)
  return false if @name != "admin"
  digest(unencrypted_password) == stored_digest
end

#digest(unencrypted_password) ⇒ Object

# File 'app/models/user.rb', line 25

def digest(unencrypted_password)
  unencrypted_password ||= ""
  hash = Digest::SHA1.hexdigest(SALT + unencrypted_password)
  stretching_cost.times do
    hash = Digest::SHA1.hexdigest(hash + SALT + unencrypted_password)
  end
  hash
end

#stored_digest ⇒ Object

# File 'app/models/user.rb', line 34

def stored_digest
  if File.exist?(ENCRYPTED_PASSWORD_FILE)
    File.read(ENCRYPTED_PASSWORD_FILE).rstrip
  else
    digest(Settings.default_password)
  end
end

#stretching_cost ⇒ Object

# File 'app/models/user.rb', line 65

def stretching_cost
  Rails.env.test? ? 1 : 20000
end

#update_attributes(params) ⇒ Object

# File 'app/models/user.rb', line 42

def update_attributes(params)
  params.each_pair do |key, value|
    send("#{key}=", value)
  end
  return false unless valid?

  File.open(ENCRYPTED_PASSWORD_FILE, "w") do |f|
    f.write digest(password)
  end
end

#valid_current_password ⇒ Object

# File 'app/models/user.rb', line 53

def valid_current_password
  unless authenticate(current_password)
    errors.add(:current_password, :wrong_password)
  end
end

#valid_password_confirmation ⇒ Object

# File 'app/models/user.rb', line 59

def valid_password_confirmation
  if password != password_confirmation
    errors.add(:password, :confirmation, attribute: User.human_attribute_name(:password_confirmation))
  end
end