Module: Clearance::App::Models::User

Defined in:
lib/clearance/app/models/user.rb

Class Method Summary collapse

Class Method Details

.included(model) ⇒ Object 



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
 
# File 'lib/clearance/app/models/user.rb', line 8

def self.included(model)
  model.class_eval do

    attr_accessible :email, :password, :password_confirmation
    attr_accessor :password, :password_confirmation

    validates_presence_of     :email
    validates_presence_of     :password, :if => :password_required?
    validates_confirmation_of :password, :if => :password_required?
    validates_uniqueness_of   :email, :case_sensitive => false
    validates_format_of       :email, :with => %r{.+@.+\..+}

    before_save :initialize_salt, :encrypt_password, :initialize_token, :downcase_email

    def self.authenticate(email, password)
      user = find(:first, :conditions => ['LOWER(email) = ?', email.to_s.downcase])
      user && user.authenticated?(password) ? user : nil
    end

    def authenticated?(password)
      encrypted_password == encrypt(password)
    end

    def encrypt(string)
      generate_hash("--#{salt}--#{string}--")
    end

    def remember?
      token_expires_at && Time.now.utc < token_expires_at
    end

    def remember_me!
      remember_me_until 2.weeks.from_now.utc
    end

    def remember_me_until(time)
      self.token_expires_at = time
      self.token            = encrypt("--#{token_expires_at}--#{password}--")
      save(false)                
    end

    def forget_me!
      clear_token
      save(false)
    end

    def confirm_email!
      self.email_confirmed  = true
      self.token            = nil
      save(false)
    end
    
    def forgot_password!
      generate_token
      save(false)
    end
    
    def update_password(attrs)
      clear_token
      returning update_attributes(attrs) do |r|
        reload unless r
      end                                          
    end

    protected
    
    def generate_hash(string)
      Digest::SHA512.hexdigest(string)
    end

    def initialize_salt
      if new_record?
        self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
      end
    end

    def encrypt_password
      return if password.blank?
      self.encrypted_password = encrypt(password)
    end
    
    def generate_token
      self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
      self.token_expires_at = nil              
    end
    
    def clear_token
      self.token            = nil
      self.token_expires_at = nil            
    end
    
    def initialize_token
      generate_token if new_record?
    end

    def password_required?
      encrypted_password.blank? || !password.blank?
    end
    
    def downcase_email
      self.email = email.to_s.downcase
    end

  end
end