8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
# File 'lib/clearance/app/models/user.rb', line 8
def self.included(model)
model.class_eval do
attr_accessible :email, :password, :password_confirmation
attr_accessor :password, :password_confirmation
validates_presence_of :email
validates_presence_of :password, :if => :password_required?
validates_confirmation_of :password, :if => :password_required?
validates_uniqueness_of :email, :case_sensitive => false
validates_format_of :email, :with => %r{.+@.+\..+}
before_save :initialize_salt, :encrypt_password, :initialize_token, :downcase_email
def self.authenticate(email, password)
user = find(:first, :conditions => ['LOWER(email) = ?', email.to_s.downcase])
user && user.authenticated?(password) ? user : nil
end
def authenticated?(password)
encrypted_password == encrypt(password)
end
def encrypt(string)
generate_hash("--#{salt}--#{string}--")
end
def remember?
token_expires_at && Time.now.utc < token_expires_at
end
def remember_me!
remember_me_until 2.weeks.from_now.utc
end
def remember_me_until(time)
self.token_expires_at = time
self.token = encrypt("--#{token_expires_at}--#{password}--")
save(false)
end
def forget_me!
clear_token
save(false)
end
def confirm_email!
self.email_confirmed = true
self.token = nil
save(false)
end
def forgot_password!
generate_token
save(false)
end
def update_password(attrs)
clear_token
returning update_attributes(attrs) do |r|
reload unless r
end
end
protected
def generate_hash(string)
Digest::SHA512.hexdigest(string)
end
def initialize_salt
if new_record?
self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
end
end
def encrypt_password
return if password.blank?
self.encrypted_password = encrypt(password)
end
def generate_token
self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
self.token_expires_at = nil
end
def clear_token
self.token = nil
self.token_expires_at = nil
end
def initialize_token
generate_token if new_record?
end
def password_required?
encrypted_password.blank? || !password.blank?
end
def downcase_email
self.email = email.to_s.downcase
end
end
end
|