45 lines
1.1 KiB
Ruby
45 lines
1.1 KiB
Ruby
class User < ActiveRecord::Base
|
|
attr_accessor :password, :password_confirmation
|
|
attr_protected :user_name
|
|
attr_protected :auth_token
|
|
attr_protected :authorized
|
|
|
|
validates_presence_of :user_name
|
|
validates_length_of :user_name, :within => (6..32)
|
|
validates_uniqueness_of :user_name
|
|
validates_format_of :user_name, :with => /[\w_-]+/
|
|
|
|
has_many :votes, :dependent => :destroy
|
|
|
|
before_validation :saltify_password
|
|
|
|
def authenticated_against?(str)
|
|
ss = User.salted_string(str)
|
|
if self.auth_token.to_s == ss
|
|
true
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
def self.salted_string(str)
|
|
Digest::SHA1.hexdigest("#{Merb::Config[:session_secret_key]}--#{str}--")
|
|
end
|
|
|
|
protected
|
|
|
|
def saltify_password
|
|
if !self.password.to_s.empty?
|
|
if self.password.to_s.size < 6
|
|
self.errors.add(:password, 'is too short')
|
|
elsif self.password != self.password_confirmation
|
|
self.errors.add(:passwords, 'do not match')
|
|
else
|
|
self.auth_token = User.salted_string(self.password)
|
|
end
|
|
elsif self.auth_token.to_s.empty?
|
|
self.errors.add(:password, 'is missing')
|
|
end
|
|
end
|
|
end
|